Hi to all my friends.
This time, I am posting the following information about security, taken from the official study material.
CONTENT SECURITY THREAT
Common Security Risks of The TCP/IP Protocol Stack
This picture describes the main security threats.
· Design defects of the TCP/IP protocol stack include lack of data source authentication, confidentiality guarantee, and integrity check. These defects lead to various security threats on networks on networks. In most cases, simple protocols and mechanisms can defense against security risks at lower four TCP/IP layers. However, network threats (such as viruses, Trojan horses, and system vulnerability attacks) at the application layer integrate high technologies. It is difficult to defend against these threats. Content security threats directly affect working efficiency of enterprise users, and may cause leakage of enterprise users’ confidential information. Therefore, content security protection is especially important and necessary.
· Among current risks, malicious programs (viruses, worms, bots, rootkits Trojan horses, backdoors programs, vulnerability attack programs, and malicious program in mobile devices) share a large proportion, when the influence of grayware (spyware and mobile devices) is extending. Security threats related to illegal programs have become key factors that threaten network security.
· Currently, users are faced with not only traditional virus attacks. Network threats are often mixtures of viruses, hacker attacks, Trojan horses, zombies, spywares, and other attacks. Therefore, is difficult to defend against these network threats using only antivirus or hacker ´prevention technologies
Viruses and Malicious Software Security Threats
· With the expansion of enterprise services, more services and applications depend on IT information systems. During running, services continuously face with viruses, Trojan horses, worms, spyware, and other serious threats.
Hacker Attacks
· Hackers and malicious employees´ in enterprises exploit system and software vulnerabilities to attack servers, threatening security of enterprises’ key service data.
Ø Let’s see the following picture, it shows how the hackers attack the system of the enterprises.
· Server vulnerabilities cause serious security threats to the enterprises.
§ Many application software programs on enterprises intranet may have vulnerabilities.
§ The internet enables fast spreading of applications software vulnerabilities, occupying network bandwidth and damaging critical data.
§ Hackers and malicious employees on the enterprise exploit vulnerabilities to attack or intrude enterprise servers to tamper with, damage, and steal confidential business information.
DoS Attack
What is DoS?
· Distributed Denial of Service (DDoS) attacks targeting economic benefits threat enterprise operation, causing more severe impacts.
· DDoS Attacks:
§ Driven economic benefits, the global black industry chain formed, and a large number of botnets exist
§ Extortions, blackmails, and malicious competition may cause enterprises to suffer from DDoS attacks.
§ When DDoS attacks occur, large network bandwidth is occupied and networks break down. Resources of attacked servers are exhausted and cannot respond to normal user request. This mat even cause system breakdown and enterprise service interruption
Threats Caused by Lack of Security Consciousness.
· Affect the work efficiency.
· Threat internal networks.
· Disclose enterprise information
· P2P and IM abuse seriously affects enterprise network bandwidth and operation efficiency. If web access of employees is not controlled, the following consequences may be caused:
§ Malicious code is embedded into insecure links or malicious download links, making enterprises networks become botnets or be infected with viruses.
§ Employees are spoofed by phishing websites that contain spoofing information, causing leakage of confidential information such as personal bank accounts and passwords.
§ Employees are attracted by entertainment content.
§ Web pages may contain illegal content (such as ****ographic and violence information), bringing a series of legal risks to enterprises.
Comment the post and share, ind click on ♥ if the post was useful
