With internet usage quickly becoming an essential element of the business world, network security threats on the rise. Small and medium sized businesses without having protection against are faced with the great challenge of protecting their networks and important data from threats. In order to meet this challenge, small and medium sized businesses must first face a greater challenge: understanding and acknowledging the threats. Some current threats are:
Viruses: Viruses are less common nowadays, they often do cause damage to computer systems. Viruses often easily spread over email and over instant messaging networks, by disguising themselves as attachments. The users activate and open the code unknowingly, thus getting their
system infected with the virus. Viruses often use the victim’s contacts list to email them to other mailboxes.
83% of users who participated in the Computer Crime and Security Survey detected viruses on their computers. These statistics show the fact that most people who have antivirus software installed on their computers do not bother updating the antivirus definitions at all and tend to postpone downloading antivirus updates.
Direct Attack: Direct attacks are found in enterprise and small businesses. A very unhappy customer, a competitor, or any employee with network knowledge and access can try to hack the network with different intentions.
There are many reasons for data theft, which may urge a hacker to come and try to access your office network door and maybe the hacker gets door wide open. As businesses grow and expand their networks, conference and server rooms are often equipped with LAN ports that are constantly open to intruders of any kind.
According to a survey report, only 20% of SMBs consider internal hackers to be a top security issue, while in fact the recent Computer Crime and Security Survey state that internal attacks occur almost as often as external attacks. Many SMB networks are not adequately protected and leave confidential information exposed and vulnerable to hacker invasions.
DoS (Denial of Service) Attacks: DoS is valid if you run a Web server with a Web commerce or promotional site. The attack attempts to disable the server by flooding it with fake traffic that overloads the server. DoS has become a popular online crime with hacker groups demanding protection money to keep them from hacking networks. Companies that depend on online commerce are particularly vulnerable to this type of attack. The attackers create an army of “zombie” machines, by harming various networks with worms that allow the hacker to exploit the machines and their bandwidth for the attack. This is called a DDoS (Distributed Denial of Service).
Security Holes or Vulnerabilities: These are “bugs” in the OS and software that can be exploited by hackers. When a bug is discovered, the race begins: hackers hurry to develop exploits, which are pieces of code that use the vulnerability to penetrate or disable a program or a whole network, before the software developer releases a solution to close the hole.
Worms: Worms are similar to viruses and much more common in computers.
Worms often spread themselves using an infected system’s file
transmission capabilities, and increase network traffic dramatically in the process. Effect of worms may also result in deletion of files, emailing of files from the infected system, and so on.
Recently, hackers have designed multi-headed worms, so that their payload includes other executable. The most famous worm is My. Doom, which caused several billion dollars’ worth of damage to businesses, home users and ISPs.
Spyware and Malware: Spyware and malware is malicious code sometimes found in freeware software,
as well as in file sharing clients. It takes control of the system and sends user data to the spyware creators.
According to a Microsoft anti-malware team white paper, the Microsoft Malicious Software Removal Tool has removed 16 million codes of malicious software from 5.7 million Windows computers.
Trojan Horses: These are software programs that capture personal information and passwords, and which gives access to any unauthorized
remote user to the system where the Trojan is installed. It is recommended to use a firewall with strict control for outgoing traffic for protection against Trojan Horses.
Spam: Spam is not officially defined as a computer security threat. It can seriously damage productivity, due to the current rise of malicious software delivered by spam messages.
Latest statistics reports by Symantec indicate that one in every 119 processed email messages is a “phishing” attempt.
Phishing is a method used to acquire personal information such as passwords, credit card numbers and bank accounts, and more, through email messages that
claim to have come from a specific provider and appear quite authentic to the recipient.