From information technology personnel to executives, any computer and information science (CIS) employees — whether they work in this field daily or are impacted by it — need to pay attention to network security. Even a basic understanding of network security threats and preventative measures is crucial.
Why? Network attacks are costly to a company’s bottom line and reputation, according to SC Media. One study analyzed 137 events that resulted in insurance companies paying cyber liability claims. Legal settlement costs per event were $2.1 million, legal defense costs per breach were $582,000 and total average insurance payout costs per event were $3.7 million. Additional costs incurred can include lost revenue due to a website not working, productivity losses caused by malware or breaches and the expenses incurred to diagnose and fix those problems.
What Is Network Security?
Network security includes the “provisions and policies adopted by a networking administrator to prevent and monitor unauthorized access, misuse, modification or denial of a computer network and network-accessible resources,” according to International Transaction of Electrical and Computer Engineers System (ITECES). “Network security covers a variety of computer networks, both public and private, that are used in everyday jobs conducting transactions and communications among businesses, government agencies and individuals.”
By guarding against various types of network security threats, organizations can try to avoid harmful outcomes such as data theft, unauthorized access and other costly outcomes.
Types of Network Security Threats
There are dozens of network security threats that public and private users face. Here are nine of the most common types of network security threats, according to Microsoft.
- Eavesdropping: When network communications take place in an unsecured or “cleartext” environment, attackers who have gained access to data paths in a network are able to “listen in” or interpret traffic. When attackers eavesdrop on communications, it is referred to as sniffing or snooping.
- Data Modification: The next logical step after attackers read data is to alter it. Modifying data in the packet can be done without knowledge of the sender or receiver. Microsoft notes that even for organizations that don’t require confidentiality for communications, they still don’t want messages being modified in transit. For instance, while exchanging purchase requisitions, the items, amounts or billing information could be modified.
- Identity Spoofing (IP Address Spoofing): A computer’s IP address is used to identify a valid entity on many networks and operating systems. But with identity spoofing, it’s possible for an IP address to be falsely assumed by using a special program that constructs IP packets that appear to originate from valid addresses inside the corporate intranet. Once the attacker gains access to the network with a valid IP address, the attacker is able to modify, re-route or delete data. Other types of attacks can also take place during the process.
- Password-Based Attacks: For most operating systems and network security plans, access rights to computers and network resources are determined by user names and passwords. Sometimes applications do not protect this type of information, allowing eavesdroppers to gain access to a network by posing as a valid user. Once this happens, the attacker has the same rights as a real user — even an administrative-level user. With access to a network, an attacker can obtain lists of valid users and computer names, modify server and network configurations, as well as modify, re-route or delete data.
- Denial-of-Service Attack: A denial-of-service attack prevents use of computers or a network by valid users. Once the network is accessed, the attacker can block traffic, flood a computer or the entire network until a shutdown occurs, send invalid data to applications or network services to cause abnormal termination or behavior, or cause staff not to see the intrusion immediately, which can lead to additional attacks during the diversion.
- Man-in-the-Middle Attack: This attack occurs when someone between two users is actively monitoring, capturing and controlling communications. For instance, if computers are communicating at a low level within the network layer, the attacker may be able to re-route a data exchange to take advantage of the lack of security. Man-in-the-middle attacks can enable the attacker to look like a legitimate party, which can keep the exchange going, allowing the attacker to gain more information.
- Compromised-Key Attack: Although it is difficult and time consuming, attackers may be able to obtain a key — secret code or number — needed to interpret secured information. Once the key is obtained, it is referred to as a compromised key. It allows the attacker to access data without senders and receivers being aware of it. Because the attacker can decrypt or modify data, the attacker can use the key to gain additional keys, opening up access to other secured communications.
- Sniffer Attack: A sniffer is an application or device that can read, monitor and capture network data communications and read network packets. A sniffer can fully view the data inside a packet if it is unencrypted. Some encapsulated or tunneled packets can be cracked open and read unless they are encrypted and the attacker does not have access to the key. Attackers can eventually cause networks to crash or become corrupted.
- Application-Layer Attack: An application-layer attack targets application servers by deliberately causing a fault in a server’s operating system or applications. It allows the attacker to bypass normal access controls, thereby gaining control of applications, systems or networks. Attackers can then disable security controls, introduce sniffer programs, abnormally terminate data applications or operating systems or read, add, delete or modify data in an operating system.
Pursuing a Career in Network Management
The University of West Alabama’s online MBA with an emphasis in Computer Information Systems (CIS) can help you pursue advanced careers in the industry. If you do not have your bachelor’s degree, you can earn an online bachelor’s in business administration, which offers a concentration in Computer Information Systems.
Develop the skills and knowledge needed for management and specialty roles in business and computers, all in a convenient online format from one of Alabama’s oldest and most prestigious universities.