Threats to Information Security in Business Settings Research Paper

Introduction

Information security is currently a major concern of business organizations. With the advancement of technology, more and more business transactions are being carried out online. Following this, there is a need for businesses today to ensure there is the protection of their information as well as their information systems against security threats; “cyber attacks” being among these threats. Kumar, Park & Subramaniam (2008) point out that, “virus attacks, theft of information, and denial of service alone resulted in significant losses, based on a survey carried out by the Computer Security Institute in the recent times” (Kumar, Park & Subramaniam, 2008, p.242). In this paper, the most significant threats to information security in business settings today are going to be identified and described. The best ways of mitigating these threats are also going to be considered. More so, there is going to be the creation and description of a research strategy for investigating the threats as well as the ideas for addressing them.

Threats to Information Security in Business settings and their mitigation

As time goes by, more and more new security threats to the businesses come up. The threats are becoming complex on an increasing level and they capitalize on the vulnerabilities within applications and network infrastructure assets. Based on the survey carried out in the year 2004 by the Computer security Institute on medium-sized and large-sized companies, it was established that “total losses from security damages for 2004 amounted to &141,496,560, with virus costs amounting to almost forty percent of this total” (Keller, Powell, Horstmann, Predmore, & Crawford, 2005). There is a low likelihood among the smaller businesses to cover up losses resulting from security information attacks, and the damages that result from this can be quite severe (Rainer, Snyder & Carr, 2007). On the other hand, those businesses that are large may be in a better position in the enforcement of security attacks deterrents than those that are smaller in size.

Keller, Powell, Horstmann, Predmore, & Crawford (2005) point out that “the first generation of security threats started in the 1980s” (Keller, Powell, Horstmann, Predmore, & Crawford, 2005, p.8). The first generation threats were “boot viruses” which had a great effect on individual computers as well as on the networks. The generation of the threats that followed were the viruses that were in e-mails as well as in macros. According to Keller, Powell, Horstmann, Predmore, & Crawford, viruses are defined as, “pieces of programming code that are designed to automatically spread to other users” (Keller, Powell, Horstmann, Predmore, & Crawford, 2005, p.8). The virus often gives out unwanted outcomes that are in most cases not pleasant and they are not identified easily because they take up the form of something else. In the course of the 1990s, there was the prevalence of DOS attacks and hackers.

In the current day, business organizations are encountering new kinds of threats that have an effect on the networks as well as individual computers. On an increasing level, worms are becoming more popular than viruses and they can “self-replicate” to rapidly infect many users. The worms infect the active memory and can slow down computer systems or even make them stop working.

Trojans are in most cases utilized to bring about “back doors” on computers and this, in turn, compromises the security of the network. A large number of Trojans are set up in such a way that they can steal passwords. The spread of these Trojans is carried out by the viruses, and this can in turn bring about blended threats. Keller, Powell, Horstmann, Predmore, & Crawford define a blended threat as “a virus that can have multiple infection techniques and propagates through internet and network routines without human intervention” (Keller, Powell, Horstmann, Predmore, & Crawford, 2005, 9). These kinds of threats are, not in the same way as worms and viruses, aimed at causing harm and not at only being a nuisance. Another distinguishing factor is that there is no need for the blended threats to have a human intervention for them to spread. By human intervention, this means such operations as opening the attachments in the e-mails. Weafer (2002) observes that “the multiple propagation methods of a blended threat can make containment more difficult than that of a virus or worm…security patches are available that would mitigate much of the damage of blended threats; unfortunately, not all companies have updated the latest patches” (Weafer, 2002, p.16).

Another major concern is the increase of “malware, spyware, and adware”. Downloading of these programs is carried out on to the machines without the user of the machines agreeing to this or being aware of it. By the user going to some websites, the programs can be downloaded automatically against the user’s knowledge that a new program is being installed. The “malware, spyware and adware” programs characteristically “run in the background and are used to track personal information or execute unwanted and sometimes damaging commands” (Keller, Powell, Horstmann, Predmore, & Crawford, 2005, 9). The greatest cause of infection is the availability of the internet to the employees as well as its use by the employees.

Schwartz (2004) points out that, in recent times, “Webroot Software and Earthlink recently scanned over 1.5 million consumer PCs for spyware and discovered that the average computer contains an average of 27.5 pieces of potentially malicious programs” (Schwartz, 2004, p. 1). Lucky enough, to mitigate this problem, several tools can be utilized to bring down the level of the effects that are brought in by malicious codes like these; a large number of which are offered for free. Among the programs, some can identify and eliminate the malicious programs and others can immunize the systems from further infection in the future. Among the most effective tools that can be used in the mitigation are AdAware and Spybot. These cost nothing or a very little fee is charged which can be affordable by many business organizations. However, some organizations do not make use of these tools.

There are also emerging security threats that are increasingly developing which can bring in a global impact (Rainer, Snyder & Carr, 2007). An example of a threat of such kind is the slammer worm. Keller, Powell, Horstmann, Predmore, & Crawford (2005) reports that it took only ten minutes for the slammer worm to infect 90 percent of the vulnerable computers, after being released. The DOS (“Denial-of-service”) attacks, which came about in the course of the 1990s, have extended to network and global infrastructure attacks. Since they characteristically utilize “IP Spoofing”, it is very hard to trace them. Initially, these attacks were set up to shut down a target. The target could include an individual computer, server, or network. In the current day, they are turning out to be more and more enormous by utilizing a large number of computers, without being permitted by the owner or the owner had knowledge, to attack a particular target. These kinds of attacks are referred to as, as pointed out by Gordon, Martin, William & Richardson (2004), “distributed denial-of-service attacks, being now the leading cause of security losses among companies” (Gordon, Martin, William & Richardson, 2004, p. 3). An example of this kind of attack is the “MyDoom” virus. In the year 2004, this virus targeted the SCO Group Inc. servers and brought them down. Currently, the business organization is, as pointed out by Keller, Powell, Horstmann, Predmore, & Crawford (2005), “at risk for having their computer assets used as ‘zombies’ at the control of an external hacker, executing specified commands in the background” (Keller, Powell, Horstmann, Predmore, & Crawford, 2005, p.10).

Another threat today to the company’s information security is flash attacks. They also can dominate the present and future security efforts regarding the development of Web applications. A large number of businesses, in most cases, depend on the websites they have set up for many functions and among these functions, is placing orders. However, there is a large vulnerability of a large number of websites to this kind of attack, and particularly, the “non-static sites” which carry out the incorporation of user involvement. There is a violation of trust by this kind of attack between the content owner and the viewer. It entails the utilization of XSS – “cross-site scripting”, where “JavaScript code is injected into Web applications, which can take over the user’s session and steal personal information” (Keller, Powell, Horstmann, Predmore, & Crawford, 2005, p.10). Even if the common approach that is employed in the limiting of XSS entails content filtering, this is ineffective to a great extent because a large number of Web applications trust “flash content” by default. This offers room for malicious code injection. According to Robbins (2004), “new threats on the horizon include viruses that target instant messaging, peer-to-peer networks, voice mail, handhelds, gaining consoles, and mobile phones” (Robbins, 2004, p. 114).

It is as well known that the information security attacks target particular platforms more than others and in the current day, the target of the attacks is majorly on “windows-based systems”. Even if the vulnerabilities in Ms. OP have brought about issuing of a large number of patches to help in preventing particular security violations, the installation of these patches is not carried out by the users in good time.

Investigating the Security Threats and addressing them

The current business organizations should realize that the computer network is responsible for several processes which are crucial for its operations. Following this realization, it is sensible to ensure that the computer systems and the companies’ data are secure from any information security threats. Investment in information security should be carried out in good time and this should not wait until after a system has been compromised or has been attacked. The companies should put in place a strategy to identify the “best practices” which can enable them to deal with information security threats.

One of the “best practices” is the installation and proper configuration of a firewall. Keller, Powell, Horstmann, Predmore, & Crawford (2005) point out that, “according to Microsoft, firewalls are a business’s first line of defense” (Page 11). These operate by blocking whatever traffic is not explicitly permitted. It is quite important to realize that firewalls don’t offer protection against “malicious traffic” which moves through lawful communication channels. A good hardware “back-up” solution is given by software firewalls but just operates on the computer on which installation is carried out. Ironically, about 70% of security cases take place inside firewalls and there is a need for the security managers to as well offer protection to “public sever, databases, applications and the work stations sitting behind the firewalls” (Keller, Powell, Horstmann, Predmore, & Crawford, 2005, p.11). Since a large number of the new threats are found at the application level, there is a need to have the support of firewalls of the “deep packet inspection” so that real protection can be offered. Currently, there are several firewall products with advanced technology to help in the monitoring of the traffic at the application level, which is quite vital if the organizations make use of VPN technology.

Another move that needs to be taken up by the businesses in the current day is to update software. Software update encompasses all the operating systems as well as all applications bringing about the idea of patch management. The process of patching is a process in which one who issues the patch offers a disclosure that gives details of the actual nature of the vulnerability that is about to be cleared away. Since people do not engage in immediate patching, this allows time for the hackers to engage in the exploitation of the vulnerability and there is an infection of the systems before the installation of the patch is carried out. This makes it to be quite vital to have a software update to avoid security incidents. The software update is essential because it facilitates capturing the newest and biggest security threats.

Another measure that needs to be taken by business organizations is offering protection against viruses, worms, and Trojans. There should be the installation of anti-virus software on every machine to offer protection against threats. It is of great importance to realize that, over time, these programs have been greatly reactive in offering their response to security threats by updating the familiar list of “virus signatures”. In the absence of an update, they do not prevent new threats and they do not also protect against those threats that were formally not known. Ant-virus companies are engaging in the development of products that can offer more proactive protection. The newest products from these companies are offering a wide range of security protection and among these, there is such protection as spyware monitoring as well as viruses and spam monitoring (Kumar, Park & Subramaniam, 2008).

Conclusion

Today, businesses face a large number of information security threats. Among the major security threats include such threats as virus attacks, DOS, and information theft. To overcome these threats, companies should put in place a plan to ensure there is the implementation of such measures as installing and properly configuring firewalls software updates, and offering protection against viruses, Trojans, and worms among other measures. They should be ready to invest more in information security to avoid major losses in the future.

References

Gordon, L., Martin, P. William, L. and Richardson, R. (2004). 2004 CSI/FBI computer crime and security survey. Computer Security Institute. Web.

This is a survey in which major information security threats and the level to which they have affected the businesses is carried out.

Keller, S., Powell, A., Horstmann, B. Predmore, C. & Crawford, M. (2005). Information Security threats and practices in small businesses. Journal of Information Systems Management, 7 – 19.

In this Journal, there is a discussion of the information security threats that the businesses are facing and the best practices that need to be adopted to deal with this problem.

Kumar, R. L., Park, S., & Subramaniam, C.(2008). Understanding the value of countermeasures portfolios in information systems security. Journal of Management Information Systems, 25 (2), 241 – 279.

Here, the authors give the countermeasures that need to be taken by business organizations in dealing with security threats.

Rainer, K., Snyder, C. & Carr, H. (2007). Risk analysis for information technology. Journal of Management Information Systems, 8 (1): 129 – 147.

These authors carry out an analysis of the current risks in information technology that the businesses are currently facing Robbins, A. (July 6, 2004). The virus wars. PC Magazine, pp. 114.

In this article, Robbins discusses viruses and their effects; being security threats. Schwartz, M. (2004). Eradicating spyware in the enterprise, Enterprise Systems. Web.

In this article, the author discusses how spyware can be eradicated, being a security threat. Weafer, V. (2002). Blended threats. T.H.E Journal, 30 (5), 16.

Weafer gives a discussion about blended threats as one of major the current information security threat.