Identifying Potential Malicious Attacks, Threats, and Vulnerabilities
Identifying Potential Malicious Attacks, Threats, and Vulnerabilities
Introduction
Being the chief Information Security Engineer, it is my duty to ascertain that the continuing risk of malicious attacks and vulnerabilities to the computer network of the videogame development company are minimized so that the sensitive and highly classified data remains safe and secure. Nevertheless, the CIO, through his recent reports suggests that some malicious activities have been reported to some extent, being carried out on the network. The CIO now requests that I analyze the company's existing network infrastructure and make relevant modifications for the purpose of ascertaining that the systems remains secured from the threats and vulnerabilities of the prospective malicious activities which would negatively affect the company's network.
Discussion
Networks and computer systems undergo billions of attacks on an annual basis and this figure dramatically increases with time. A number of organizations have made huge amounts of investments in computer networks, just for the sake of analyzing that, despite the fact that computer networks are a means to improve the productivity and efficiency of the company, it additionally exposes the company to probable threats and malicious attacks. These types of attacks have been the most exigent problem for most of the information security engineers, where they make use of the relevant and required resources for protecting the network from risks and vulnerabilities. The biggest vulnerability to the computers, networks, and the data placed therein is from the actions of human beings, either ignorant or malicious. In case of a malicious activity by any human being, they usually have some specific intention or goal behind such action. For example, they might intend to disturb the usual business operations, thus denying the production and availability of data. Symantec, in the year 2011, has reported the blockage of more than five and a half billion malicious attacks on a number of networks. This had been an increment in the number of malicious attacks of almost 81% in comparison to the year 2010. It has also been reported by the Symantec that the number of malicious software has increased to almost four hundred and five million and the number of internet attacks that are block daily has risen to 36% (Bishop, 2005).
Several different malicious attacks have been employed by the computer hackers for the order of accomplishing their objective of damaging the computer network of an organization. Such attacks may be initiated from various attempts like; denial of service attacks for denying the service to authorized users, acquiring access to the clients and servers, acquiring access to the back-door databases, having the software installed for Trojan horse and lastly having a software installed on the server that would run a sniffer mode for the purpose of encapsulating the employees' user IDs and pass keys. The lack of such controls and protection mechanisms causes the critical information and data to be vulnerable to the malicious attacks. The malicious attacks may be passive in nature while the medium traversed by the data may be ...