What is the problem you are addressing? (problem)
Network security is one of the most important aspects to consider when working over the internet, LAN or other method, no matter how small or big your business is. While there is no network that is immune to attacks, a stable and efficient network security system is essential to protecting client data. A good network security system helps business reduce the risk of falling victim of data theft and sabotage.
Network security helps protect your workstations from harmful spyware. It also ensures that shared data is kept secure. Network security infrastructure provides several levels of protection to prevent MiM attacks by breaking down information into numerous parts, encrypting these parts and transmitting them through independent paths thus preventing cases like eavesdropping.
Getting connected to the internet means that you will receive lots of traffic. Huge traffic can cause stability problems and may lead to vulnerabilities in the system. Network security promotes reliability of your network by preventing lagging and downtimes through continuous monitoring of any suspicious transaction that can sabotage the system.
How do you know it’s a problem? (context)
Having your network hacked can put you out of business. Vandalism can occur. This typically involves the planting of misleading information into the system. It is one of the many tactics that hackers use. By planting the wrong information, your company’s integrity can be called into question and customers may feel misled.
Damaging of intellectual property is also one of the impacts of faulty networks security systems. Hacking gives unauthorized access to company’s or individual’s information. For instance, the Citibank Security Breach which affected roughly 1% of its customers in the US. If a hacker gets in and steals plans, ideas, or blue prints, the company can miss out being able to implement new designs and products. This might destroy the business or keep it stagnating.
The company can, as well, experience revenue loss. Most attacks launched on a network can lead to crashing. The extended downtime, your company will have to cease making any transactions, leading to revenue loss. The longer the network stays down, more revenue is lost, and your company will begin to look unreliable and potentially lose credibility.
What are going to do about the problem? (solution)
I am going to spread awareness on the various types of attacks and how they occur, ways to detect and prevent them aswell.
MAN-IN-THE-MIDDLE ATTACK:
A man-in-the-middle (MitM) attack is a difficult security breach to recognize because it involves a bad actor taking advantage of a trusted “man in the middle” to infiltrate your system. Most often, the hacker will start by compromising a customer’s system to launch an attack on your server.
DENIAL-OF-SERVICE AND DISTRIBUTED-DENIAL-OF-SERVICE ATTACKS:
A denial-of-service (DoS) attack attempts to knock a network or service offline by flooding it with traffic to the point the network or service can’t cope. A distributed-denial-of-service (DDoS) attack hijacks devices (often using botnets) to send traffic from multiple sources to take down a network. A DDoS attack by itself doesn’t constitute a data breach, and many are often used simply to create havoc on the victim’s end and disrupt business operations. However, DDoS attacks can act as smokescreens for other attacks occurring behind the scenes.
PHISHING AND SPEAR PHISHING
If you’ve ever received an email claiming to be from a trusted company you have an account with—for example, Paypal—but something about the email seemed unusual, then you have probably encountered a phishing attempt. Phishing involves the hacker sending an email designed to look like it has been sent from a trusted company or website. The email will often sound forceful, odd, or feature spelling and grammatical errors. Phishing emails will attempt to entice the recipient into performing an action, such as clicking a link or downloading an attachment. The link or attachment usually requests sensitive data or contains malware that compromises the system.
A phishing email is typically sent out to a large number of recipients without a specific target, in the hopes that casting a wide net will result in at least one recipient taking the bait. Spear phishing, on the other hand, has a specific target. With spear phishing, the hacker may have conducted research on the recipient. For example, they might look through an individual’s social media profiles to determine key details like what company the victim works for. The hacker could then use this information to pretend to be the recipient’s employer, giving them a better chance of successfully persuading the victim to share valuable information or even transfer funds.
PASSWORD ATTACK
According to Have I Been Pwned, a source that allows you to check if your account has been compromised in a data breach, these are the most commonly used passwords. Sadly, many people and businesses make use of the same passwords for multiple accounts. This means that if the hacker guesses just one of the passwords, they can try that password on other services and get a match. For example, they may get an email and password combination, then try them on bank accounts, looking for a hit. Hackers can use password attacks to compromise accounts, steal your identity, make purchases in your name, and gain access to your bank details.
EAVESDROP ATTACK
An eavesdrop attack is an attack made by intercepting network traffic. Eavesdropping attacks entail the hacker using your behavior on your network to track things like credit card numbers and other potentially valuable, sensitive information. There are two different types of eavesdrop attacks—active and passive. In an active attack, the hacker will disguise themselves as a trusted server and send queries to the transmitters. A passive attack, on the other hand, listens to information through the transmission network.
CROSS-SITE SCRIPTING ATTACK
A cross-site (XXS) attack attempts to inject malicious scripts into websites or web apps. Launching a successful XXS attack is a reasonably complicated process, which requires the victim to visit a website and have the network translate the website with the attacker’s HTML. This means that when the website reaches the victim’s browser, the website automatically executes the malicious script. The aim of this attack is to capture screenshots, log keystrokes, collect network information, steal cookies, and even remotely access the victim’s device. This can ultimately be one method of launching a larger attack leading to a full-on data breach.
MALWARE ATTACK
A malware attack is an umbrella term that refers to a range of different types of security breaches
What barriers do you expect to confront? (barriers)
The only barrier I see coming is difficulty condensing the data. But otherwise then that it shouldnt be too difficult.
How will you know if you are successful? (assessment)
When you can understand my aim, and how to prevent yourself from being a target!