Now a day, many attack during online, What should we do??And how safe is our data?Two type of threat and attack of online security. That is nontechnical attack and technical attack.
What is nontechnical attack? An attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network. Under nontechnical attack have social engineering. Social Engineering is a type of nontechnical attack that uses social pressures to trick computer users into compromising computer networks to which those individual have access.
How about technical attack? Technical attack is an attack perpetrated using software and system knowledge or expertise. The vulnerability is a mistake in software that can be directly used by a hacker to gain access to a system or network.Therefore, the exposure is a mistake in software that allows access to information or capabilities that can be used by a hacker as a stepping-stone into a system or network. The common ( security) vulnerabilities and exposures (CVEs) is publicly known computer security risks, which are collected, listed, and shared by a board of security- related organization.
Let more detail to know about the technical attack. Firstly, Denial-of-services ( DOS) attack, an attack on website in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources. Distributed denial-of-service (DDos) attack, a denial-of service attack in which he attacker gains illegal administrative access to as many computer on the internet as possible and uses these multiple computer to send a flood of data packets to the target computer. Malware is a generic term for malicious software. The severity of the viruses increased substantially, required much more time and money to recover.
There are so malicious software are under MALWARE. First, Virus is a piece of software code that inserts itself into a host, including the operating systems, to propagate, it requires that its host program be run to activate it. Next, Worm a software program that runs independently, consuming the resources of its host in order to maintain itself and is capable of propagating a complete working version of itself onto another machine. Following, Macro virus or macro worm as a virus or worm that is executed when the application object that contains the macro is opened or a particular procedure is executed, example a file is saved. MAcro worm is such as MAlissa and I loVE YOU. Lastly,Trojan Horse a program that appears to have a useful function but that contains a hidden function that presents a security risk.
After know about the nontechnical and technical attack, what will we do and what action to take to protect our data? How safe of our data?
TO prevent social engineering and phishing, we can did on education and training. All staff need to be educated about the risks associated with social engineering, the social engineering techniques used by hackers and ways to combat these attack. Hence, we can prevent in policies and procedures, there is need to be developed for securing confidential information,guiding employee employee behavior with respect to confidential information and taking steps to rspond to and report and social engineering breach. On the other hand, we also can did on penetration testing. That is policies, procedures and responses of individual staff need to be tested on a regular basis by outside experts playing a role as a hacker.
Although that, we also can apply or use some software to protect our data, such suggestion like Sarbanes-Oxley Act. This protection are most suitable for small and middler size company, because the cost is effective, subscription-based data protection services.
The above is the some protection and example for prevent nontechnical and technical attack.If you have more suggestion about it, can post it on comment..
What is nontechnical attack? An attack that uses chicanery to trick people into revealing sensitive information or performing actions that compromise the security of a network. Under nontechnical attack have social engineering. Social Engineering is a type of nontechnical attack that uses social pressures to trick computer users into compromising computer networks to which those individual have access.
How about technical attack? Technical attack is an attack perpetrated using software and system knowledge or expertise. The vulnerability is a mistake in software that can be directly used by a hacker to gain access to a system or network.Therefore, the exposure is a mistake in software that allows access to information or capabilities that can be used by a hacker as a stepping-stone into a system or network. The common ( security) vulnerabilities and exposures (CVEs) is publicly known computer security risks, which are collected, listed, and shared by a board of security- related organization.
Let more detail to know about the technical attack. Firstly, Denial-of-services ( DOS) attack, an attack on website in which an attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources. Distributed denial-of-service (DDos) attack, a denial-of service attack in which he attacker gains illegal administrative access to as many computer on the internet as possible and uses these multiple computer to send a flood of data packets to the target computer. Malware is a generic term for malicious software. The severity of the viruses increased substantially, required much more time and money to recover.
There are so malicious software are under MALWARE. First, Virus is a piece of software code that inserts itself into a host, including the operating systems, to propagate, it requires that its host program be run to activate it. Next, Worm a software program that runs independently, consuming the resources of its host in order to maintain itself and is capable of propagating a complete working version of itself onto another machine. Following, Macro virus or macro worm as a virus or worm that is executed when the application object that contains the macro is opened or a particular procedure is executed, example a file is saved. MAcro worm is such as MAlissa and I loVE YOU. Lastly,Trojan Horse a program that appears to have a useful function but that contains a hidden function that presents a security risk.
After know about the nontechnical and technical attack, what will we do and what action to take to protect our data? How safe of our data?
TO prevent social engineering and phishing, we can did on education and training. All staff need to be educated about the risks associated with social engineering, the social engineering techniques used by hackers and ways to combat these attack. Hence, we can prevent in policies and procedures, there is need to be developed for securing confidential information,guiding employee employee behavior with respect to confidential information and taking steps to rspond to and report and social engineering breach. On the other hand, we also can did on penetration testing. That is policies, procedures and responses of individual staff need to be tested on a regular basis by outside experts playing a role as a hacker.
Although that, we also can apply or use some software to protect our data, such suggestion like Sarbanes-Oxley Act. This protection are most suitable for small and middler size company, because the cost is effective, subscription-based data protection services.
The above is the some protection and example for prevent nontechnical and technical attack.If you have more suggestion about it, can post it on comment..
1 comment:
Really is great information and detail to explain the technical and non-technical attack, here are probably told the threat of online security and how to make safe of our data....after reading the blog, are more know on the threat like Virus, Mal ware and etc..
Post a Comment