Data communications networks have served the academic, corporate, and government sectors for many years ; however, the concept of security within these networks has only recently become a high priority. As data becomes readily available by connecting networks to public media or even other internal networks, the vulnerability of data to attacks and threats becomes apparent. Several distinct types of threats have emerged, and the network security community has developed new ways to protect us from these threats.
Types of Security Threats
Several types of threats exist in secure environments, but most of them can be classified into the following four main categories:
Internal threats are more widespread than most people realize. These threats typically come from users who have legitimate access to the computers or networks they want to harm. Disgruntled or former employees whose privileged access has not been promptly terminated can cause a considerable amount of damage to a system. Lastly, these internal threats can be some of the most difficult to monitor and defend against.
External threats originate from individuals who are operating outside an organization's network. The individuals typically do not have authorized access to the network but use remote access channels such as dial-up or Internet connections to attempt security breaches. This threat is difficult to protect against and is always present when external access is provided by the company. If no Internet access or dial-up capabilities exist, you are safe from true external threats.
Unstructured threats are caused by individuals commonly known as script kiddies who use prebuilt tools, programs, or scripts readily available on the Internet to launch their attacks. Script kiddies can be compared to kids joy riding in a car; their actions are motivated more by excitement than by any calculated thought or knowledge. If their tools fail to give them access to the networks they desire , they typically move on to another target, rapidly losing interest. Script kiddies might seem harmless, but the damage they can cause makes them potentially very dangerous. In most cases, unstructured threats are performed by individuals lacking an understanding of how their actions can impact themselves or the target network.
By contrast, structured threats are performed by individuals who are fully aware of what they intend to do and who use programs and tools to attack networks or computers. The attackers have the ability to modify their tools as required and the skills to develop their own new methods of attack against unknown vendor vulnerabilities. Structured attackers can be driven by certain goals, including credit card number theft, software code theft, or intentional damage to a competitor's Web site and internal networks. In addition to their tools, these attackers also have the patience needed to penetrate the networks, using meticulously self-created programs or even social engineering tactics. Competitors, law enforcement, or other agencies might hire the services of structured attackers to acquire information, test security, or cause damage to specific networks.