Network Security

From Introduction to Network Security Protocols

    As the Internet connects billions of users together, villainous people will attempt to carry out malicious activities. These security issues include security holes or vulnerabilities, computer viruses, Email spam, phishing scams, password cracking, and social engineering. Individual users can be targeted in multiple ways which could scam the user out of money, steal the user’s personal information, or have their computer infected by computer viruses. Most frequently, Internet users are subject to Email spam and phishing scams. 

    Email spam is “unsolicited and unwanted junk email sent out in bulk to an indiscriminate recipient list. Typically, spam is sent for commercial purposes. It can be sent in massive volume by botnets, networks of infected computers. (What is Spam (2022)” Spam that is sent by companies for commercial purposes can easily be opted out by selecting an unsubscribe link at the bottom of the email. Spam can also be used by people or groups with the intent of spreading computer viruses or botnets which could be used to cause a denial-of-service (DOS) attack on a targeted website. 

    A DOS attack is an outcome of botnets that have been installed on users’ computers without their knowledge. These computers will attempt to access or ping a website at a specific date and time, causing the website to become overloaded. Actual Internet users attempt to access these websites and are given a “Denial of Service” message. A ping flood attack occurs when millions of computers attempt to ping a website in a short period of time (Ping Flood Attacks, 2022). A ping of death is another DOS attack where pings are sent with malformed or oversized packets when using the ping command (What is a DDoS Attack? 2016). Ping of death attacks usually occur when the data packets in a ping exceed 65,536 bytes. Some reasons DOS attacks are used are to disrupt a company, hassle an organization, or for political reasons (Vahid, 2019).   

    Many email users are also the target of phishing scams. The designers of phishing scams are trying to get email users’ money or their personal information. One common money-making scam is the 419 scam or Nigerian scam (Vahid, 2019). It has been a while since I received and read one of these emails, typically an email from a Nigerian prince asking for some of my money so that they can move their fortune and later pay me greatly in return later. These phishing scams still work on a very small number of recipients, but the originators still make money off of these scams. In 2021, 36% of data breaches involved phishing (Kerner, 2022). Other phishing scams are sent out in the appearance of an email from a person’s bank, online shopping website, or utility company. For example, I have had emails allegedly from Bank of America stating that I need to log in for some reason and to use the link provided to enter my username and password. Looking closely at the recipient’s email address, I determine that it is not Bank of America, but a phishing scam. One should also look for bad grammar or misspelled words to avoid falling victim to one of these scams. 

    Statistics draw a bigger picture of how important network security is. From 2020 to 2021 security attacks increased by 31% (Kerner, 2022). In April 2021, Facebook was a victim of a data breach that cost them $553 million. Last year, $56 billion was lost in identity fraud. In the first half of 2021, there were 5.4 million DOS attacks. Being able to identify phishing scams and spam emails will help an individual computer user from contributing to some of these numbers. 

References

Kerner, Sean Michael. (2022, March 15). 34 Cybersecurity Statistics to Lose Sleep Over in 2022. TechTarget. https://www.techtarget.com/whatis/34-Cybersecurity-Statistics-to-Lose-Sleep-Over-in-2020

Ping Flood Attacks. (2022, March 28). Retrieved from https://securityboulevard.com/2022/03/ping-flood-attacks/

Vahid, Frank, (2019, February). TEC 101: Fundamentals of Information Technology & Literacy.

What is a DDoS Attack? (2016, April 27). Retrieved from https://www.globaldots.com/resources/blog/types-of-ddos-attacks/

What Is Spam Email? (2022). Retrieved from https://www.cisco.com/c/en/us/products/security/email-security/what-is-spam.html