Internet security and ways to decrease vulnerabilties

Rokeshia Robinson
Follow up Paper #2
Internet Security & Security Issues
May 9, 2006


Too often, some businesses just do not take security seriously. Common statements range from “We don’t have data of any value”, “Nothing will happen to us”. The problem seems to stem from a misunderstanding of how organizations’ resources could be violated and used. A common misconception is that hackers only go after the “big fish”. Not much thought is given to the idea that their resources may be used for things other than a DOS (denial of service) attack. Organizations cannot afford to lose time, money, or integrity due to security incidents. Businesses can suffer immeasurable security incidents, such as, losses because a data center has a production outage as a result of a worm or virus, or from a hacker who defaces a website.

To avoid becoming a victim of misguided pranksters or cyber-crime, organizations should take the time to examine the security of their customers and personal data. In our security presentation we talked about some devices and solutions that organizations use to decrease vulnerabilities within their organization. Listed below are a few tips that we use at Fiserv to protect ourselves from Internet threats.

Spyware protection: Viruses spread rapidly and can damage or destroy your computer. New ones appear almost daily. It's critical that you install and update anti-virus software regularly. Use the program to scan all the files on your system once a week, deleting the infected ones.

Email Attachments: Like I mention in class, some people will open suspicious email, and most of the time a virus is what hides in the attachment. Not to my surprise, opening it will unleash the virus. Don't open an attachment from anyone you don't know. Even if you do know the sender, an infected attachment may have been surreptitiously sent from an infected machine. The safest thing to do is to scan the attachment with anti-virus software before you open it.

Firewalls: (Chin discuss the use of firewalls and their benefits. However, if organization don’t set additional rules, the firewall may cause more harm than good.) A firewall is a software program that blocks unauthorized access to your computer. This is particularly important if you have a broadband connection, such as DSL or a cable modem. Windows XP has a built-in firewall, so make sure it's activated if you use that operating system.

Password protection and management: Many online services, such as banking, brokerage and e-mail require the use of passwords. A secure password is the first line of defense against cyber-snoops. Use a different password for each account, don't divulge them to anyone and change them periodically. (Dr. Sargent pointed users become less security due to having so many passwords to remember, which forces user to write them down.)

Security Updates: Update security patches for your operating system and web browser. You've probably read about security "holes" that turn up periodically. Once they are discovered, you can download fixes. For Windows users, an easy way to update your system is click on the Windows Update option under the Start menu or by pointing your web browser to this link: http://windowsupdate.microsoft.com/.

And last, but no where near least; Log offline when you are done for the day. You are most vulnerable when connected to the Net. If there isn't a good reason to remain online, disconnect from the network. Here are some of the Internet attack trends highlights from Symantec 2006 report. I just wanted to show the percentage of Internet attacks and who are affected, in addition to showing that no one is safe from Internet vulnerabilities.

Attack Trends Highlights

• The government sector accounted for 25 percent of all identity theft-related data breaches, more than any other sector.

• The United States was the top country of attack origin, accounting for 33 percent of worldwide attack activity.

• Symantec recorded an average of 5,213 denial of service (DoS) attacks per day, down from 6,110 in the first half of the year.

• The United States was the target of most DoS attacks, accounting for 52 percent of the worldwide total.

• Microsoft Internet Explorer was targeted by 77 percent of all attacks specifically targeting Web browsers.

• Home users were the most highly targeted sector, accounting for 93 percent of all targeted attacks.
• China had 26 percent of the world’s bot-infected computers, more than any other country.

• Beijing was the city with the most bot-infected computers in the world, accounting for just over five percent of the worldwide total.

• Israel was the highest ranked country for malicious activity per Internet user, followed by Taiwan and Poland.