The Internet itself is not a safe and protected environment because the early pioneers never imagined the level of malicious activity that has now permeated it. Instead, it was conceived as an open network of computers that communicated freely with each other to share ideas. Information streaming through the Internet like email messaging and online purchasing zips through a number of heterogeneous, loosely-connected computers (usually servers) and networks.
The Dark Side of the Internet
Like a prosperous city with little security, the Internet has attracted hordes of criminals—thieves, predators, and scam artists. Their principle occupation is to either penetrate computers and networks to steal or change information or to intercept data as it travels across the Internet. Realizing that not every computer around the world can be protected, they roam the Internet either individually or in gangs looking for weak links in the chain of information that is constantly being exchanged between computers.
Vulnerability
At one time, most security risks came from inside a company, but now even companies with honest employees are at risk because access to the Internet has made them vulnerable to thieves and industrial spies online.
Individuals tend to be more vulnerable than businesses and small companies tend to be more vulnerable than medium to large-sized organizations with IT staff who are aware of the multiple risks online and have created Internet security measures.
Individuals can protect their computers by using firewalls and anti-virus programs.
However, companies need to do more, besides firewalls and anti-virus software, they also need security policies to protect their hardware and software from employee errors. Hiring network administrators and conducting training for employees are necessary steps to secure their computers and networks.
While it’s impossible for a company to totally secure all computer systems, they need to do the best they can to reduce the risk of conducting business online because their security measures not only impact the company itself , but also partners, suppliers, and customers.
Common Threats
The most common threats are viruses, hackers, and phishing scams.
Viruses
While there are many possible threats online, one of the most popular are viruses. Like biological viruses that attack the human body, these digital viruses can wreck havoc.
One kind of virus may rewrite code to render an operating system or a software program from becoming unusable, another kind may scramble information to make it unreadable, and yet another kind may destroy data.
Viruses often spread quickly throughout a computer and from one computer to the next, and often operate quietly without the computer user or system administrator realizing their presence.
Viruses are often trend-driven. When security experts figure out how to neutralize a particular type of virus, others are invented.
According to Internet Security developers at Trend Micro, “Three trends driving change in the landscape require a dedicated security focus to 1) secure all end-user activity, regardless of device; 2) secure cloud and virtual data centers; and 3) enable advanced cyber security against targeted attacks.”
Hackers
Hackers are usually interested in one of two things—how to break into a computer system to steal or destroy data or how to attack a computer system from the outside by overwhelming it with so much superfluous data so that it forces the computer system to shut down.
Hackers can break into a company’s computer network through an open portal or an Internet connection that is open when it is not being used. They also attempt to steal passwords. When it comes to stealing usernames and passwords, some hackers are expert at guessing weak passwords while others send emails that appear to be from a trust source—perhaps a vendor or a customer—that trick employees into divulging this critical information.
Phishing Scams
One common way of theft has been phishing scams.
Here’s an illustration of how the famous Nigerian phishing scam may be used.
A career girl on a lunch break in a coffee shop in Hong Kong may receive an email on her laptop to ask her to fix a problem with her PayPal account and the email conveniently provides a link to access the website. Unknown to her, her actions are being digitally tracked by a remote thief in Nigeria who records her user name and password so that he can steal her money after she has logged out.
Prevention
Fortunately, there are a number of ways to ensure protection:
1. Installing firewalls. These act like web servers and block external users from connecting to an internal computer system.
2. Using encryption. Information sent across the internet may be intercepted. One way of making the information difficult to steal is by scrambling it. This information cannot be read without a key.
3. Password authentication. A network administrator can verify that the password is being used by the authorized person by using authentication technology. This can consist of handprint recognition, retinal scanning, voice recognition or a coded ID card.
4. Digital signatures. The use of digital signatures verify that an outside document was sent by the person whose name is on the document. This prevents phishing attacks and all kinds of email spoofs.
5. Antivirus software. This keeps updating its security information on viruses to combat newly invented viruses.
Written by Jane Brown
