Threats and Vulnerabilities in Network Security
Given the accelerated pace of growth in technology and the fact that our everyday life is almost entirely connected to the Internet, Network Security is becoming a critical player in protecting our intellectual and civil rights against the threats and the vulnerabilities of networks.
To develop a better understanding of threats and vulnerabilities in network security, first, we need to understand what these terms stand for.
In Network Security, a vulnerability is a certain weakness or flaw that may or may not be exploited, but nevertheless, they provide a way to the attacker to gain access to our hidden information.
A vulnerability is actually the intersection of three things: first, there has to be a system flaw, one that will play the role of the door in the attack. Then this flaw has to be accessible to the attacker, otherwise, it won't be of much use to the attacker. the last thing is how capable the attacker is to exploit this vulnerability.
Subsequently, a threat is everything we try to protect ourselves against for fear of an attack. It is the tool that has the ability to exploit the vulnerability and cause damage to our system or security like worms, viruses and trojans.
To better understand these two concepts, let's use the recent WannaCry or Petya attacks as an example, they are both very similar anyway. The vulnerability there existed in the SMB protocol which is a file sharing protocol that's very commonly used especially to share files from a server to smaller computers within an organisation. The threat, however, was the ransomware, WannaCry or Petya, that spread mostly via emails and started self-replication and searching for new victims.
Now that we understand what vulnerabilities and threats are, let's us learn more about what are the most common vulnerabilities and threats across the network and how can we protect ourselves against them.
1. USB Drives:
These innocent-looking little devices have the potential of spreading threats like a plague. While they might not seem like it, they are actually the fastest way for a threat to spread across a network. By default, Windows allows most programs to run automatically, giving the malicious ones an authority they can abuse.
How to avoid that: There are actually two key things to do here. the first is to change the Window's default autorun policies to deprive threats of their power. And the second thing is to scan the USB driver first against all sorts of threats before opening it and browsing through its content.
2. Weak passwords or bad storage:
Even though passwords shouldn't be really on our list of vulnerabilities, they way most of us deal with their passwords and critical information drastically changes this fact. If your password isn't good enough or you're storing it as it is, chances are they'll be the easiest prey for any attacker.
How to avoid that: To avoid bad storage, you should rather encrypt your data and information before storing them, sure you don't have to use a strong hashing function like SHA-1, but anything well secured will be fined. Also, you should try making your password well past 10 characters, this way it will be hard to crack using either dictionaries or brute-force techniques. Including foreign words and symbols at random places helps a lot, and if memorising such hard passwords is a bothersome task, you can use a password manager for the mission.
3.Missing Patches and Updates:
Missing patches and security updates often make your device more vulnerable to attacks, as the vulnerabilities existing in a system may be invisible to the naked eye, and they get updated as soon as the get discovered. The SMB protocol vulnerability, for example, existed in windows every since the Windows XP version, it's been there ever since and it disappeared somewhere around windows 10. Nonetheless, Microsoft was forced to release security updates for the older versions of Windows, and the ransomware kept sniffing out for unpatched devices to propagate.
How to avoid that: This can be simply avoided by following the healthy practice of keeping your device updated with the latest security updates available. It's certain that installing every single patch out there is a little bit of paranoia, but keeping up with security updates is a wise thing to do.
4.Wireless Access Points:
Wireless access points are commonly known to be a gate that could be exploited if not correctly configured. Wireless AP attacks have been known for some time, and there is a type of attackers who specialise in this attack, driving a van around the city to get into the parameter of an AP then searching for a vulnerability to exploit and causing damage. TJ stores paid direly for one these attacks, as it causes an estimated loss of $500 million dollars, so don't underestimate its power.
How to avoid: Always keep your wireless AP correctly configured and be sure to follow the same procedures of keeping your passwords when it comes to your wireless connection's password. There are many tutorials online on how to properly configure a wireless connection so make sure to be well versed on the subject.
In the end, there are many other types of vulnerabilities and threats that may be specialised based on what you do on the network, but you can always reach the knowledge you need if you search well. Never underestimate the possible risks of not taking the proper measures or course of action regarding your personal network security. Always look at the bigger picture of things, because there are things that prefer to stay hidden. Be safe.