Cyber security refers to the hardware, software and data protection. As I know, there are four types of security attacks: interruption, interception, modification and forgery. Interruption: attacks the availability of the system, it destroys the system and data to make the network stop working. Interception: attacks the confidentiality of the system, non-authorized users access the system through some means. Modification: attacks the integrity of the system, non-authorized users can not only access but also modify the data in system. Forgery: attack the integrity of system, non-authorized users can use the fake data to change data from system.
The book covered wireless security with reference to WEP (Wired Equivalent Privacy) and WPA. It states that WEP was first used in 1999 and by 2001 it was found to have security flaws. Then WPA came out, but because hardware hadn’t been updated yet with WPA security most networks were using WEP, which was insecure and caused major security issues. Nowadays, WEP is still unsecure. It can be hacked in about three minutes. WPA is also unsecure as there are instructions all over the Internet as to what hardware to purchase and what software to download in order to hack WPA but it is still more secure than WEP. So, what is the most secure now? The answer is WPA2. As with all types of encryption and security people are going to try to hack whatever level that is used. WPA2 is the best option in a wireless network as it is more secure than WEP and WPA and less likely to be attacked.
First I will talk about the threat landscape change through years. At first, threats were visible to any one and it was noisy , indiscriminate , disruptive , impact readily visible and it had a small range of threats . However , things have been changed with the pace of the outside network world. Threats are silent and unnoticed , highly targeted and regionalized. Data is stolen and brands are impact unclear . Remediation is more complex and that may need to investigate data leak. There is overwhelming amount of nameless threats and variants. There are several trends which are concerned on the top :Insider threats, industrialized hacking, advanced persistent threats, protecting virtualized environments, enabling the consumerization of IT, leveraging cloud technology, regulatory compliance, ROSI and ROI balance. For example , advanced persistent threat means to access and steal information to achieve competitive advantage on an ongoing and undetected basis . The targets are government , commercial and private sector entities. However, it is still hard to do threats on the network because of the inforensics. It conducts a repeatable and verifiable examination of “the computer”using practices and procedures that are already established . Besides , it can successfully communicate results of the examination to the “trier of fact”,maturing from “black art” to “science”. However, people have different opinions on cyberspace such as “different” from the real world . Because boundaries are invisible , jurisdictions are difficult to ascertain and all crimes can have a cyber dimension . Finally, with the technology continuing to rapidly develop , new technologies will emerge all the time .
No comments:
Post a Comment