Top 10 ways your network can be attacked

Network security appliances do a great job of keeping the cyber monsters from invading your business. But what do you do when the monster is actually inside the security perimeter? Some of the major ways to attack your networks are mentioned below.

1. USB thumb drives: It is one of the common or the easiest ways to infect a network from inside a firewall. The ubiquity of thumb drives has driven hackers to develop targeted malware, such as the notorious Conficker worm, that can automatically execute upon connecting with a live USB port. Changes in the computer's default autorun policies can be said as one of the solution to this treat.
2. Laptop and netbooks: A notebook may already have malicious code running in the background that is tasked to scour the network and find additional systems to infect. This notebook could belong to an internal employee or guest who's visiting and working from an open cube or office. Laptops are also really handy Ethernet port for tapping directly into a network. Implement an encrypted file system for sensitive data can be a precaution.

3. Wireless access points: Wireless attacks by wardrivers are common and have caused significant damage in the past. It can provide immediate connectivity to any user within proximity of the network. Wireless APs are naturally insecure, regardless if encryption is used or not. Strong, mixed passwords should be used and changed on a fairly frequent basis to prevent this.

4. Miscellaneous USB devices:Devices like digital cameras, MP3 players, printers, scanners, fax machines and even digital picture frames are also included in the list besides the common USB devices. Since the primary functions of these devices are different we often forget their potential to cause threats. Therefore it is important to implement and enforce asset control and policies around what devices can enter the environment and when.
5. Inside connections: Internal company employees can also inadvertently or intentionally access areas of the network that they wouldn't or shouldn't otherwise have access to and compromise endpoints using any of the means outlined in this article. Passwords should be changed regularly. Authentication and access levels are a must for any employee - he should only have access to systems, file shares, etc. are some of the important steps to prevent this.
6. The Trojan human: It can take less than a minute for an unsupervised person in a server room to infect the network. Avoid assumptions and identify the source by asking questions can be said as one of the major steps.

7. Optical media: Recordable media that appear to be legitimate can and has been used to piggyback data in and out of networks. And, like the thumb drives mentioned above, they can be used as a source for network infection. As with the USB tip, it's important to implement and enforce asset control and policies around what devices can enter the environment and when. And then follow that up with frequent policy reminders.

8. Hindsight is 20/20: The human mind is also very effective at storing information. Who is watching you when you log into your desktop? Where are your hard copies stored? What confidential documents are you reading on your laptop at the coffee shop, airplane, etc.? The best safeguard is being conscious and alert about this threat whenever working on sensitive material -- even if it means stopping what you're doing momentarily to observe your surroundings.
9. Smartphones and other digital devices: phones do more than just allow you to call anyone in the world from anywhere; they're full-functioning computers, complete with Wi-Fi connectivity, multithreaded operating systems, high storage capacity, high-resolution cameras and vast application support. And they, along with other portable tablet-like devices, are starting to be given the green light in business environments. Therefore it is important to implement and enforce asset control and policies around what devices can enter the environment and when.
10. Email: Email is frequently used within businesses to send and receive data; however, it's often misused. Messages with confidential information can easily be forwarded to any external target. Therefore source identification should be made compulsory.
by net

No comments:

Post a Comment

എഴുതുക എനിക്കായി....