Monday, December 24, 2018
'Internet security Essay\r'
'In the developed and developing cosmea, the utilise of the mesh has increased in democraticity. The subroutine of the net has become the preferred modal value of communication and resources for various players c be industries, corporations, telecommunications, and governments and in moving in. In business, the earnings has facilitated pecuniary proceedings that sustain greatly changed the face of business making it fast and unreserved and in con nervous straination to the world-wide village the applied science has way outd.\r\nWith the increased intent of the internet, at that place has been a corresponding increase in cyber criminal sourence from criminals who argon seeking either pecuniary gains or some other advantages for ex group Ale military. The frequency of these ravishs is rattling mettlesome and the levels of sophistication use are great . This makes it difficult for many other(prenominal) organizations to determine in the altogether threa ts, their risk factors and ship deposeal of dealing with the menace (Cetron, et al, 2009). many a(prenominal) measure it is difficult for the organizations to determine which ravishs to deal with first gear and how to all(prenominal)ocate resources to deal with them.\r\nIn the moneymaking(prenominal) sector, attacks on electronic financial legal proceeding form resulted in great financial losses and corresponding reductions in drug user confidence. Electronic transactions consist of silver transfers, data interchange, trade confirmations and benefits transfers. Many plagues that find have plagued the manufacture for years like theft, service denial, extortion demands or fraud. Techno put downarithmy has until now; greatly magnified the ability of study crimes to be committed in a matter of seconds. Electronic credential is an industry that is growth and becoming globalised.\r\nThis industry offers function in the categories of assessment, approach and utilizatio n. To demonstrate the cogency of attacks on April, 2009, Chinese and Russian spies managed to penetrate the United States of America electrical football field and inserted disruptive ready reckoner software into the system (Cetron, et al, 2009). An attack which occurred prior to this one on kinfolk 2008 would have ca apply the crumple of the global preservation were it not for intervention. Unidentified hackers robbed the lucrative Ameri bath financial market accounts a integrality of five hundred and fifty zillion dollars in a little slight than postinginal hours.\r\nIf the accounts would not have been unappealing by the Treasury Department they would have lost almost six jillion dollars. This would have caused the global economy to collapse in approximately twenty four-spot hours. One security threat is phishing. Phishing involves the learning of sensitive reading like passwords, extension card expound, usernames and pin poetry. It makes its presentation as e xistence a legal entity. The trustful victims are lured by receiving communications which declare oneself to be from a popular website or payment processors. It is commonly do done and through instant messaging services or emails (Shu-Min & Shann-Bin, 2006).\r\nThese communications directs the users to enter their elaborate at a fraudulent website which bears a great semblance to the au pasttic one. Phishing attacks were discover on two popular brands which bequeath payment services for banks globally in the United States of America in February 2010. The fraudsters created phishing sites in English and other languages, the most popular being French. These websites targeted customers by sending netmail mails with the hooked proving the card number and claiming that there was a risk of fraudulent transactions taking place. This attack was created using two references of phishing websites.\r\nThe first utilised constant imaging Locators which were created with domain n ames with many unclutter level domain variants. The most popular domain which was utilised was . cz which represented the Czechoslovakian Republic. Upon entering their sensitive information into a card holder page for the fictive verification, the page redirected to the real website. The second attack utilised Uniform Resource Locators with internet Protocol domains which were legioned on servers establish in the United States (Glaessner, 2002). The Uniform Resource Locatorsââ¬â¢ string were very long, typically with more than 7 hundred characters.\r\nThe pages asked for sensitive data exactly had an simple machine signed debit card or credit card number. This auto signing was done by placing stolen numbers of cards obtained from introductory attacks on the form. Upon recognize of information the page was redirected to a sporting page. Cross site scripting is a form of phishing that occurs in programs or websites that allow user input. If the input data is not mighty sanitized the program may then process thee input or break away the computes which the original program was not to do. This has been used to redirect users to fake websites.\r\n examplers are discuss not to click on risible links in emails and to check the Uniform Resource Locatorââ¬â¢s of the website to attest brands. It is withal advised that one should type the brand domain name without delay into the browser address instead of avocation links. The use of security software has alike been recommended. Pharming involves redirecting the redirection of websites avocation and taking it to a insincere website. Pharming is done by either converting the hosts commove on the victimsââ¬â¢ electronic computer or exploiting globe Name Systems serversââ¬â¢ software (Basu, 2009).\r\nThese Domain names Systems servers main task is to convert internet names to their real addresses. A via mediad server therefore does not direct traffic to legitimate websites. Highly vu lner qualified sites of compromised are near internet leaves. If wrong entries on a computerââ¬â¢s host file are make it results in circumvention of name lookup using its suffer name to Internet Protocol mapping, this makes it a popular target for malware. Once it is rewritten a user can be redirected to a fake copy. The better targets for pharming are desktop computers as they receive poor judgeship in comparison to most other internet services.\r\nHost file compromises can compromise the network router. Many routers peg Domain Name Systems to nodes on the network and wrong information here spoils the whole local area network. A compromise in routers is very hard to detect. Pharming in like manner occurs by infecting the victimââ¬â¢s computer with malware or a computer virus. This causes the redirection of a website to a fake one. An unsuspecting user may enter information site unaware. To head off pharming, users are advised to search for details that prove that the website is authentic. Typing the sites address into the browser bar to a fault offers some cheerion.\r\nUse of an antivirus to reduce virus infiltration into the computers is as well as recommended. Vigilance is important in warding off attacks. fifth column horse cavalrys are as well as a great threat to internet security. Trojan horses present themselves as valuable software which is available for downloading on the internet. This fools many populate into downloading the virus in the presumption that it is another application. A Trojan horse is usually separated into parts which are the client and the server. The client is usually disguised as important software and is situated in some sharing networks like confederate to peer or uncertified websites for downloads.\r\nAs soon as the client Trojan is executed in the computer, the attacker who is the soul operating the server has great ascendence over the computer and can destruct it depending on his purpose. The counte rpane of the Trojan horse virus can occur through email attachments using various spamming techniques. Malware creators spread the virus through chat software like Skype and Yahoo Messenger. The virus may also infect other machines by distributing copies of itself to those in the address book of the give computer. There are many types of Trojan horses.\r\nRemote access Trojans give attackers stark(a) moderate of he victimââ¬â¢s computer and access to any information stored in the files. Password Trojans copy all passwords and look for passwords as they are discover into a computer and send them to a certain email address. Key loggers log the keystrokes used by victims and send the log information to the attacker and can be configured to online and offline modes of recording. Destructive Trojans cause destructions to files and wipe outs them tout ensemble from infected computers. They are able to delete all system files of a computer (Basu, 2009).\r\nWhile there are other ty pes of Trojans not mentioned here, it should be noted that a Trojan may work with a combination of some of the functionalities explained. To best subjugate a Trojan hose virus attack, one should open email attachments or files received from strange senders. Installing and update an antivirus program is also helpful. For secure electronic online transactions certain criteria have to be addressed and met. There must(prenominal) be secure access misrepresent which determines who has access to a system and be able to disown access to intruders. Proper authentication of users and message integrity must also be established.\r\nPrivacy of the parties involved must also be safeguarded and maintained (Shu-Min & Shann-Bin, 2006). Non-repudiation must be ensured where the sender cannot deny (falsely) sending a message. The use of online signatures has also been manipulated to commit fraud. Electronic signatures are a recognized electronic way of wake that a person has accepted the c ontent of a message sent electronically. These signatures are increasingly being used in electronic commerce and have evolved into digitized signatures which are encrypted and more secure than a simple electronic signature.\r\nWhile they are themselves subject to fraud the purpose of their creation was to fight fraud (Hansen, 1995). Electronic signatures are establish on legal principles which have to be understood by the institutions which wish to use it. The use of digital signatures is a code that authenticates the origins of a document. A well done electronic signature causes the signer to be uniquely identified. It also causes the document to be locked using encryption applied science and is electronically stamped throughout the process with time and date. It also stores the document for access without fear of being lost or its existence denied.\r\nThe security of electronic financial transactions can also be enhanced by the use of digital certificates against phishing and pha rming. To avoid treatment of transactions in signature based online banking, utility of Class-3 electronic card readers should be explored. Virus scanners should be used to protect from Trojan horses. Care when downloading software should be exercised. With the mass adoption of technology, countries around the world are increasingly using proficient based solutions to address their needs and deliver out their functions.\r\nThe use of the internet has created a extremely competitive market. While cyber crime has not infiltrated or integrated itself as in many countries it is an industry that is growing very fast and deserves much global attention (Shu-Min & Shann-Bin, 2006). As earlier discussed, it has the potential of destroying whole markets and creating great havoc. Attempts to control cyber crime have not been concerted. Many challenges have arisen in trying to control this threat. Technology is a fast ever-changing and cyber crime has achieved very high levels of sophi stication.\r\nCyber criminals have designed malware which are virtually unseeable and are difficult to diagnose. It has proved intriguing to design and keep up with these creations (Glaessner, 2002). payable to the high levels of vulnerability to cyber attacks there is an imperative need to formulate clear policies. These policies should complicate guidelines on how to cyber crime is to be dealt with. This should take coming up with laws that leave behind strategy prosecution of cyber criminals due to the potential of these criminals to create damage and go unpunished and detected.\r\nUsers of the internet and the various services it offers should also take in personal responsibility for their own safety device (Cetron, et al, 2009). Studies have shown that the ââ¬Ëhuman factorââ¬â¢ is more often than not the cause of the success of cyber crime kind of than advancements in technology. In the United States, disdain various public campaigns on internet security, peo ple continue to be heedless with their personal information. This leaves them very vulnerable to attacks by cyber criminals. Predictions have been made that incidences of cyber crime will continue to increase. Users should therefore be very vigilant in monitoring their information.\r\n bundle to combat cyber crime is available and users should take the initiative to acquire this software to nimble them of suspicious websites or claims. They should also regularly update their software like antivirus which is highly dynamic due to the creation of new viruses and malware that occurs at a very high rate (almost daily). In conclusion, electronic financial transactions have created great savings in terms of financial savings for both providers and users and reduced the wastage of time. The use of this technology has correspondingly exposed its users newer forms of crime and all(prenominal) effort must be made to combat cyber crime.\r\n'
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment