Sunshadowz logo Banner

Internet Safety

Main Menu

Firewalls

Antivirus

Intrusion Detection

Spyware

Data Encryption

Home


What are the risks of being online?

Security and Privacy Issues

Before the Internet explosion of the 1990's, many mainframe-based companies were not at all worried about security in the same sense they are now. Securing company data was important and this was handled by securing the physical building and weeding out unscrupulous employees. These principals are still applied today as part of the total infrastructure security plan as well as many more. Today, the Internet has opened up a world of possibilities to companies and individuals but it has not evolved without risks. Companies face daily network security attacks to their internal system from outside sources 24/7 with denial of service attacks, port scans, viruses, worms and Trojans. Now with the new kid on the block, Wireless networking, companies have yet another hurdle to get over. While companies and employees want to enjoy the conveniences of being wireless, there are still many risks involved in this method of data transmission. We will get into more detail about wireless security in upcoming articles. Malicious attacks aside, as IT systems are critical for daily operations of most businesses, securing them from accidental destruction due to human error and acts of God is equally important. Thirdly, the cost of replacing your business integrity if data is compromised is an intangible asset that you cannot afford to lose.

It has now been many years since Sun Microsystems CEO Scott McNealy delivered his famous warning "You have zero privacy [on the Internet] anyway. Get over it."


In July 2001, Microsoft conceded that all versions of Windows 2000, and those beta versions of its new XP operating system had "serious vulnerabilities" that let hackers take control of victims' machines. Microsoft urged consumers to "take action immediately" to fix the glitch. They promised to cure the problem before XP's rollout.


On October 3, 2001, Microsoft announced that it was making an "unprecedented effort to help its customers protect their systems from Internet-Based threats" with the introduction of a new Strategic Technology Protection Program. This security initiative extends Microsoft security-related product support and online resources to all customers at no charge to help customers communicate and transact securely over the Internet.

In November 2001, Symantec's Canadian Corporate Manager, Kevin Krempulec, stated "There are a number of threats, the unfortunate part is that you will never be 100 percent secure. It's risk management and the more you put into it, the less risk you are going to have." A Canadian edition of Time reported that privacy advocates and law enforcement have honed in on several areas where the Internet's threat to privacy is the greatest. Some of these areas are:

  1. Identity theft;
  2. Sites that collect data about your visit (cookies);
  3. Personal information provided to a website might be sold - or stolen;
  4. The website on which you just entered your credit card number may be a fake;
  5. A trusted organization may be giving out your home address or other personal information online;
  6. Other organizations may be selling your private information on the Internet. (E.g. Marketers might be interested in personal information in order to get some demographics and spending habits of their consumers).

There have been many articles written on the risks of being online and network security attacks. On the other hand, personal data may not be what hackers are after. Hackers may want to install Trojans so that they can control your personal computer to launch a distributed denial of service attack**(see below for definition) of a targeted website, or to use your personal computer's approved connection for a 'backdoor' attack on a trusted system.

**Per Techweb's encyclopedia located at http://www.techweb.com/encyclopedia, the definition of denial of service attack is as follows: An assault on a network that floods it with so many additional requests that regular traffic is either slowed or completely interrupted. Unlike a virus or worm, which can cause severe damage to databases, a denial of service attack interrupts network service for some period. A distributed denial of service (DDOS) attack uses multiple computers throughout the network that it has previously infected. All of these "zombies" work together to send out bogus messages, thereby increasing the amount of phony traffic.

Google





Top