Post #6 - Network Security

Information and System Security is a necessity when utilizing a computer on both personal and professional levels. A common type and most well-known type of ping attack is a DoS or Denial of Service attack. This attack will attempt to destabilize any type of firewall and ultimately crash a computer's service or freeze existing actions. This can be done with a single ping command that contains an oversized/malformed packet. This is otherwise known as a Ping of Death.

In addition to the discussion on ping attacks, I will be discussing the dangers of email spam and phishing attempts. Any person who utilizes an email will have spam that comes through. Many of these spam emails will be filtered by a spam identification program but it is never 100% reliable. There is always a danger of misinterpreting a spam email as something more innocent. It is important to understand when these emails are attempting to bait you into giving up important information. This is also known as phishing, which is common within spam emails. Phishing emails are malicious in nature and only aim to deceive the reader. A study conducted by Patel in 2019 showed that many Phishing attempts utilized large images including company logos which could deceive inexperienced users. “Regressing feature ratings onto the MDS coordinates revealed that similarity judgments were influenced mostly by advertisement/large images and collecting personal information, regardless of presence or absence of company logos and urgent actionable links” (Patel 2019). Downloadable content also played a role in which emails were tagged as phishing emails. Phishing and Spam emails go hand in hand when it comes to harassing email users. Moore (2009) observed that Phishing websites sent the most spam emails within the first week of its creation and then slowly deteriorated or stopped altogether once the website was determined malicious and taken down. Some websites will continue to promote spam even after being taken down.

Any of these attacks can result in a major compromise of the system’s integrity. This kind of compromise would jeopardize the information of whoever utilizes the system. For a workplace, that could mean employees as well as clients and consumers of the service. For an individual, this can be yourself as well as anyone who has interacted with the account.

It is acknowledged within professional settings how important information and system security is. “The success of this effort appeared to hinge on top management championing information system security initiatives and propagating an awareness of the importance of information security among employees at all levels of the company” (Qing 2007). The “success” mentioned here is a company’s reliability and resulting trust and confidence from consumers. A security system that was used decades ago may be severely out of date and could lead to holes within a system. Updating security measures may be daunting but can only lead to better safe practices.

My own company has an option for any email to be reported as a phishing attempt. I have found this feature to be incredibly useful and helps me determine whether to give a suspicious email the time of day. I much prefer the method that allows me to get confirmation from our experts that an email is safe. There is also a service implemented within our firewall that filters any emails that are unfamiliar or could contain malicious links and files. We are given the option to manually review these if we do know where it is coming from and if it is expected. Again, a resource that allows input from the reader rather than assuming that any sort of spam detection is legitimate.

References

Moore, T., Clayton, R., Stern, H. (2009). Temporal Correlations Between Spam and Phishing

Websites.

Patel, P., Sarno, D. M., Lewis, J. E., Shoss, M., Neider, M. B., Bohil, C. J. (July 2019).

Perceptual representation fo spam and phishing emails.

Qing, H., Hart, P., Cooke, D. (June 2007). The role of external and internal influences on

information systems security - a neo-institutional perspective. Volume 16, Issue 2.

Vahid, F., & Lysecky, S. (2019). Computing technology for all. zyBooks.