Security threats in computer networks
Computer security is an issue that has grown to be of gross concern in the present years. Individuals and companies have suffered major losses as a result of the vice. Many people have spent quite a lot of money on the same though at times information insecurity has gone on to rise.
This paper aims at identifying threats posed by viruses and security tools which can be used to protect computer data from inadvertent usage and for maintenance of confidentiality within persons and organizations. At first the paper will focus on the security issue in general as guidance to the rest of the paper.
There are very many security threats that exist in any particular system in the organization. Some of the most serious threats include intrusion by hackers, terrorists, spies, corporate raiders, professional criminals, military forces and vandals, and viruses.
Due to the way the current generation has become technology savvy, there are various tools that the attackers have specialized in perfecting their trade. Some of the most common methods are using user commands to gain entry into computer systems, using special scripts and/or programs, making use of autonomous agents, toolkits, data taps and distributed tools.
The attackers then pose various vulnerabilities to the system which includes implementation, design and configuration vulnerability. In order to make sure that their efforts are fruitful, they either infiltrate into the computer systems using unauthorized use where a person uses data or information which is otherwise supposed to be limited to him and unauthorized access to some systems.
After various series of processes, the person or persons can be able to access files stored in the computer or other information which may be in transit like data, objects and invocations. This paper will be specific in its focus and will clearly go through virus attacks with a special concern on poison Ivy.
Poison Ivy is a computer virus that started showing up in the year 2006. When it attacks the computer, it makes firefox.exe to appear in the task manager without the consent of the user. According to experts, the factor that leads to this behavior is a malicious Trojan which is based on Poison Ivy.
This is tools which has been used for bypassing a firewall and remotely administer a system. When the tool is in the system, it tends to create up a server kind of a file on the system it is occupying. It alerts a maker of the Trojan of the presence of the system when it is online.
When this happens, the maker is given the rights to access, monitor and completely control the system which has been infected. Among the critical information which can be made available to the user is system passwords and usernames, banking information, credit information, and private data which might have been accessed on screen either through typing or just viewing for the instance that the system was infected.
The settings for this ‘server’ entail it to infiltrate itself into the browser’s memory of the system which is being targeted. After this, it runs as a duplicate process of the browser thus being able to bypass firewalls installed in the system and router protection. On securing itself safely any other actions go ahead unnoticed (MozillaZine, 2009).
This mode of sophistication has been the reason that the virus has been able to go undetected by many antivirus software and also other detectors. In the recent past, the virus has been detected by some common antivirus like nod32, avira, bit defender and others.
The worst case about this utility is the way that it is undergoing constant development and also the fact that it has been able to be developed by the hackers without being noticed. The virus has been said to be spread through emails and also in most instances through online games which mainly attacks through the cheats (Mozillazine, 2009).
Some of the symptoms that are evident when a computer has been infected with the virus are automatic loading of fire fox as the default browser ones the systems loads the OS. In the task manager, there are two instances of the web browser though one is open. After closure of the browser, it still persists in the processes. At times, the browser becomes so slow or at times alerts that a certain un-requested port is being accessed, and at times some uncontrolled movement of the mouse which falls in when the hacker has control over the mouse.
The virus has quite a lot of impacts to the system. Some of the files get renamed, executed and even deleted. At times the hacker can download files from the system or upload files to the system without notice. The hacker has the capability of viewing and editing the windows registry. He has such powers in the system such that it is possible to view and consequently kill or suspend processes that are currently running in the system. The person gets permission to view and control services in that he can start or stop them. It is possible to view the installed devices and also to disable them. Programs which have been installed in the system can be viewed and uninstalled.
Looking at the above possibilities not forgetting the ability to record voice or web footage, it is very dangerous to have the system exposed to this virus. Financially, it is a killer virus. Once the person has been able to access saved passwords and password hashes, the person can simply get the banking information for online bankers and be able to directly interfere with the banking system to such an extent as exhausting someone’s accounts.
Access of someone passwords can lead to various other security breaches which can cost companies a lot of money. It is possible to get into the deep secrets of a company and sell the information to enemies or malicious traders who may want to sell back the information or pose the company a risk of exposing it. People can be able to interfere with bankroll details posing more financial drains.
From this information on the presence and the capability of the risks that can be posed by poison ivy, it is necessary for all IT personnel to be aware of the dangers that can occur due to some of these risks. The main thing that should be taken into consideration is the way technology is being used as a tool against others. Poison ivy does not just get into the computer through sheer luck or guess work, but it is a tool that has professionally been made to achieve some objectives (MozillaZine, 2009).
With this in mind, the management of all companies irrespective of how big or how large need to equip the IT department with constant updates and refresher courses so that they can march with the incoming technologists who are proving to be more equipped with the latest in the books. The question of security should bypass physical security at the door but also should incorporate IT security as a whole.
Threat classification for the threat being averted
Human made threat → intentional fault → interaction fault → deliberate
Data is insecure in a variety of ways which range from storage, transmission and even when in custody of the right people. When the right person has the right information, attackers can easily get it through social engineering processes which makes the companies vulnerable to all kinds of threats. This means that the management should always seek to block all the vulnerabilities so as to minimize the attacks. Apart from sealing the vulnerabilities, which might not be enough, measures should be employed through which data is protected in all means whether during storage or transmission (Dawson and Wong, 2007).
In conclusion, security in all areas of IT is under threat and it is upon the relevant authority to be cautious enough of the possible attackers. This paper has focused on security as an issue and deeply looked at the poison ivy virus, what it does and the dangers it poses to users of the internet and intranets. It has winded up with some of the lessons that the people in charge of security should learn as they undergo the duty of securing all the systems (Volonino and Robinson, 2004).
References
Dawson, E. and Wong, D. (2007). Information security practice and experience: third international conference. New York: Springer.
MozillaZine (2009). Firefox.exe always open. Web.
Volonino, L and Robinson, S (2004). Principles and practice of information security: protecting computers from hackers and lawyers. New Jersey: Prentice Hall.