Chinnapong Somsueb
ID# 1671071
MCS 760
2nd Follow-up Paper
Internet: Secure Enough?
Nowadays, Internet has been used and become our daily life for years. The number of users has also been increasing progressively. Many businesses have implemented Internet system as one part of their businesses. According to Internet World Stats, the number of Internet users has grown dramatically from 8.6 percent in 2002 to 16.6 percent at the end of 2006, which is about double in only four years. As the users have been growing, the number of risks and threats has been increasing at a similar rate as the growth rate. Therefore, the Internet security has become one of the major issues in today business. There are several possible risks in current Internet society, such as virus, spyware, adware, phishing, and other privacy issues.
First of all, computers have been involved in our daily life for decades. Computer viruses, a computer program that can copy itself and infect a computer without permission or knowledge of the user, have been also distributed steadily. In previous years, a computer would be infected by using a removable medium, such as floppy disk. Nowadays, many computers have been connected as networking computers, so viruses can spread to other computers that are connecting to the same network. Extensively, if computers connect to the Internet, there is a greater chance to get a virus than closed network computers. Several anti-virus packages have been created in order to prevent and eliminate virus from computers and network. Therefore, Internet users have to update their anti-virus software in order to protect as soon as possible.
The next possible vulnerability from the Internet could be spyware and adware. It is computer software that usually collects personal information about users without their proper informed permission. Several different Internet users’ personal information could be searched, recorded, and sent out without any consent. There purposes of spyware are, for example, advertising while using the Internet and stealing browsing history as well as personal information which many users want to be secured. If there is a spyware on the computer, it would slow down its performance. Moreover, Internet users would be annoyed while using the computer. Most of anti-virus and anti-spyware could detect and remove software on a user's computer that is determined to be either adware or spyware. It also detects dialers, trojans, malware, data-mining, aggressive advertising, parasites, browser hijackers, and tracking components.
Phishing and other privacy issues such as pharming could be considered as the affects of social engineering which is a collection of techniques used to manipulate people into performing actions or divulging confidential information.(1) Phishing frequently applies to email appearing to come from a legitimate business, such as financial institution or credit card company. Requesting for a verification of personal information and warning of some disgraceful significance have been emphasized if it is not done. According to the fact that phishing is usually come from email, Internet users have to be aware and deny to replying this type of email. According to the federal bank, thrift and credit union regulatory agencies’ information (2), we can protect ourselves from phishing in the following ways:
- Never provide personal information in response to an unsolicited request.
- If you believe the contact may be legitimate, contact the financial institution yourself.
- Never provide password over the phone or in response to an unsolicited Internet request.
- Review account statements or transactions regularly to ensure all charges are correct.
Furthermore, pharming is a cracker's attack aiming to redirect a website's traffic to another (counterfeit) website. It can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software. Significantly, anti-virus software and spyware removal software cannot defend against pharming. Even though the Anti-Phishing Act was introduced in 2005, Internet users have to make sure they are using secure Internet connections (HTTPS) to access privacy sensitive sites such as banking or taxing, and accept the valid public key certificates issued only by trusted sources.
On the other hand, besides anti-virus, anti-spyware, and awareness of Internet users, there is a computer hardware such as firewall and router that can help use to be safe from several cyber crimes. Firewalls can block all traffic except through authorized ports on internal computers, thus only restricting unfettered access. In addition, routers, computer networking devices that buffers and forwards data packets across an internetwork toward their destinations, direct messages to the proper target and is sometimes referred to as a "gateway." Routers are often employed in conjunction with firewalls. Moreover, the implementation of security systems has several effects. For example, because of the high cost of software and hardware to protect the computer and privacy, users have to have enough knowledge and awareness in order to avoid sharing inappropriate information, and start updated about of computer threats.
The number of Internet users are still increasing, this group would be considered as a target group of business and unwanted advertisements. Several kinds of software and methods have to be used in order to prevent and protect users’ privacy. As a result, if there is both proper user behavior and network design implemented together, it could help avoid problems with security which have been increasing.
(1) Mitnick, Kevin; Kasperavičius, Alexis: "Certified Social Engineering Prevention Specialist Course Workbook.", page 4. Mitnick Security Publishing, 2004.
(2) The federal bank, thrift and credit union regulatory agencies, Avoiding Scams. Retrieved May 5, 2007, from Warning Internet Pirates Web site: http://www.wright-pattcu.coop/files/antiphishing.pdf
No comments:
Post a Comment