What are Information System Threats?

Information System Threats

The field of information Technology is fraught with various threats, viruses and malicious activities that may compromise the entire information security configuration present within any organization.  These threats may also be referred to as Intrusion.

Threats to a business may arise either from inside the organization or outside. Outside threats come via emails, the internet and firewalls. Miscreants are able to cause havoc to the network  by forwarding spam mails, going round firewalls and defacing webservers. They are able to gain access through the use of phone lines or partner networks that contain relevant links to the target business or organization.

Attacks that come from within a company are caused by legitimate users within the organization. Threats from insiders may come in the form of falsification of information, sabotage, and all forms of priviledge abuse. Statistics report that 80% of attcaks to a business are caused by insiders (Linux Security).

Intrusion within the network may come in different forms. One of the major threats faced by businesses with information systems is the threat posed by Hackers. Hacking is a major type of intrusion and is carried out by different categories of people who have a deep knowledge of how information systems work. A hacker enjoys taking his time to gain access into systems and learn all the complexities of the system until it becomes a habit (Linux Security). He or she may break into systems either for the thrill of it or for the malicious intent of causing problems within networks. The malicious hacker is often referred to as a cracker because he is more harmful to the business processes of an organization (Linux Security).

Hackers may also be profiteers who hack into systems with the intention of achieving monetary gains. They may decide to exploit businesses by gaining access to confidential information and blackmailing the organizations involved. These miscreants may also steal relevant company data in order to sell the information to rival companies who may use it to gain competitive advantage over the affected company.

IS threats may also be in the form of stealing company information, security breaches, unauthorized access, viruses, worms, Trojans and so on (Search Security). Viruses, Trojans and worms may be described as programs created by attackers that cause computer systems to break down, perform below optimal standards and possibly crash completely. These malicious programs cause huge losses of information and may also cause companies to lose millions of dollars (Search Security). Spyware and Trojan horses are also used by hackers to gain access into systems and obtain information, commit fraud or destroy the network.

Rootkits, identity threats, and data breaches can lead to the compromise of important financial data like bank account details, pin numbers and other relevant information that are used by malicious users to commit fraud. Emails are another major form of attack on organizations. Emails that contain viruses, spyware or other harmful content can cause a system to crash. Alternatively, an attacker could send large volumes of email to a system causing it to crash. These mails may be described as spam mails (Search Security).

Cyber-related attacks are also common amongst businesses that use information security systems and are facilitated through the use of computer technology. These attacks are achieved by executing denial of service attacks (DOS attacks). They are directed at mails and web servers through the internet or other networks with the intention of making the computer or network of the attacked business unusable. Denial of service attacks are achieved by flooding the network with traffic thereby causing it to shut down.

Causes of Information System Attacks

Attacks on businesses could be politically motivated. It could also occur out of a radical opposition to economic policies and government decisions. Disgruntled individuals may decide to engineer an attack due to a grudge harboured against the affected organization. Monetary gain usually serves as the major motivation for those with fraudulent intent. Any of these reasons may form the basis of a cyber-related attack which is usually executed with the objective of creating a sense of insecurity within the target organization or country. Terrorist groups may use any of the mediums discussed above to cause economic damage and disruptions to the normal flow of businesses within the society (Canadian Security Intelligence Service).

How intruders Gain Access into the Network?

There are numerous ways in which attackers can gain access into the systems or networks of an organization. One is by physical means. If server rooms and computer systems are not well-protected physically through the use of locks, surveillance systems, access rights and other forms of security, it becomes very easy to gain access to the system (Linux Security).

System intrusion may also be used as an alternative way of gaining access to businesses. It involves exploiting holes within the network and gaining illegal access and undue user rights. Remote intrusion may also be used to gain access into systems. If there’s no firewall or any form of protection between external users and internal network, attack becomes easy to achieve.

Buffer overflows are another common method used by attackers. This is a programming flaw that exists in some software applications. Attackers can use extra spaces within codes maliciously by flooding them with harmful characters and codes. Sophisticated attacks may be in the form of e-mail recons, ping sweeps, TCP and UDP port scans, DNS zone transfers and so on (Linux Security).

Prevention

Certain Security measures should be implemented to ensure that businesses are protected from attack. It is important to be proactive about the security and safety of information systems. One of the main methods of protecting information systems is ensuring that only identified personnel are allowed physical access to computer systems. Cameras may also be placed in areas of the building that are most vulnerable to attack like the Data Center and Server Room. An attacker that gains physical access to the data center of the organization can easily damage the hard disk, or delete relevant company data if care is not taken.

Software patches that help to correct bugs and remove software vulnerabilities should be applied as soon as they are released. Security updates to antivirus applications are constantly being updated; these updates must be installed on all client machines to fight viruses and other harmful content within the network.

The use of strong passwords is always advised. Password that contains a balanced mix of unpredictable and alphanumeric characters should be used to ensure that the password is not easily guessed. Vulnerabilities within the network should also be examined and covered; Network Intrusion Detection Systems (NIDS) can be employed to monitor, track and isolate threats to the network.

NIDS products provide a means of monitoring, supervising and managing threats to networks. Since most data within the organization come from hosts, firewalls and routers, it is necessary to protect these interfaces. NIDS products work with these devices to ensure that they are well-protected and secure from attackers.

Conclusion

The main way of combating Information Security threats is to continually adhere to strict security policies within the organization. Technologies that are up-to-date should be employed as defense against attackers. The act of protecting business information should be seen as one that requires continuous research in order to remain a step ahead of the ever-increasing malicious attackers.

References

1. Canadian Security Intelligence Service. Information Security Threats. 25 April 2008. 1 December 2008 <http://www.csisscrs.gc.ca/prrts/nfrmtn/index-eng.asp>
2. Linux Security. FAQ: Network Intrusion Detection Systems. 2000. 2 December 2008 <http://www.linuxsecurity.com/resource_files/intrusion_detection/network-intrusion-detection.html>
3. Search Security. Information Security Threats. 2008. 3 December 2008 <http://searchsecurity.techtarget.com/topics/0,295493,sid14_tax299811,00.html>