Security Threats that All IT Staff Should Know About
As more of our lives become connected to the internet, threats to our private data and computer systems increase.
In a previous post, we discussed dedicated Information Security careers, the employment prospects, and what you’ll need to secure a job. However, understanding network, computer, and data security are vital in any IT position. You need to know what the threats are, how to prevent them, how to fix them, and be willing to stay on top of the latest IT security news.
Hacking is when your computer, database, or website, is accessed without permission. The person who attacks your system is called a hacker, who may change the system’s security to accomplish a variety of goals. In the past, we have looked at cybersecurity breaches program breaches. Below are 24 security threats that people working in IT need to know about.
Threats to individual computers
Where there are computers, there are security threats. A virus is a malicious program that replicates itself with the aim to destroy a computer so it can not be used again. Viruses can be spread through any document, so it is recommended that you never open attachments from people you don’t know and install virus scanners on your chosen email. Viruses were more popular a decade ago, but have been overtaken by malware because of its ransom capabilities.
Malware comes in a variety of forms but involves taking control of a computer system for whatever the hackers end goal. In ransomware, this involves locking a computer system so that it cannot be used until a specified ransom amount has been paid. Spyware, as its name implies, is used to spy on a computer. The information the spyware collects can then be used by a hacker to create targeted ransomware.
When you are infected with scareware or fake AV, you will see notifications for computer infections even though you don’t have them in a bid to get you to buy fake software that contains the threat. Likewise, adware involves multiple pop up advertisements appearing on your computer, which is more annoying than threatening.
If someone uses malware to take over your computer and commit a crime, then it is called crimeware. In this case, a Trojan or other malware is installed on the computer so it appears that you are the person committing the crime, instead of the attacker.
A Trojan sits undetected on your computer and steals information from within your computer system. Some Trojans include a keylogger, which can also be installed separately and logs your keystrokes in order to steal your personal information.
Computer bugs are glitches in the computer system created by problems in the coding. These are usually more annoying than dangerous, but in the case of Microsoft XP recently a glitch can become an avenue for hackers to gain access to user software.
When this is deliberately replicated to make transferring viruses or Trojans easier it is known as a backdoor. Exploits also take advantage of software bugs, finding vulnerabilities in your programs in order to gain access to your computer.
Worms are designed to spread throughout from computer to computer throughout your network. While they are relatively harmless, they will take up lots of disk space. Wabbits also replicate themselves within your computer but do so to create a form of denial of service (DoS) attack (see below).
A botnet infection can also result in large-scale DoS attacks, but in this case where a single person controls multiple bots in different infected computers. This may seem like a lot to take in, and maybe even intimidating to those looking to go into the IT school. Truly, knowing what these threats are and how to prevent them can help anyone, even those not in the IT field.
It is imperative that we monitor these threats in our home lives to, and make sure our children know about the proper uses of the internet and when not to click on things that pop up.
You might be the kind of person, however, that looks at this list and wants to know more. You may want to know how to stop them, how to protect against them, and what to do if they do happen in a network. If you have any of those thoughts you can be sure that the IT field is the direction you want to take your career.
The rise in online threats
Websites are always at risk of hacking, which can cause wide-scale disruption to service. A Denial of Service (DoS) attack is when a website server is inundated with traffic and the server is overloaded, so the website shuts down.
This can result in the disabling of security features that can enable hackers to steal data. DoS attacks can happen accidentally, as occurred in Australia during their national census, or as an arranged bombardment, such as the one John Oliver created against the U.S. Federal Communications Commission.
A phishing attack is when a fake website or email looks exactly like the real thing in order to steal your personal details, such as usernames, passwords, and banking information. This often occurs with financial institutions such as banks and PayPal. Pharming works the same, but instead of using other organizations’ details to trick you, it hijacks your DNS and diverts all your website traffic to another, external site.
Browser hijacking is even more dangerous than phishing and pharming because it uses a Trojan to take control of your browsing session and change the destination of money transferred via online banking.
When it comes to banking, it is vital for companies that anyone with access to online banking is trained in security protocols for online threats. Their IT professionals take these matters very seriously and will be used not only to help protect the serves but also to teach others within the company who do not specialize in IT the basics of security protocols. In most companies, everyone is responsible for knowing online safety protocol.
An SQL Injection is a virus that infects websites rather than computers. It gains access to steal any private information stored on the website database. Mousetrapping is when you visit a webpage only to be diverted to a completely different site.
You navigate back and it still redirects you back to that annoying product promotion you just know is going to be malware if you click on it. Sometimes, it will be able to set itself as your homepage when quitting your browser in despair.
Aside from the desperate need for highly trained employees who know how to avoid these things, companies need IT professionals that can quickly and efficiently help employees who do stumble into these bad situations.
Some IT professionals can be on-call for their company’s employees who may take laptops home with them to work during the evenings and on weekends. Many IT professionals need to be able to step by step remotely walk another person through all the things they need to do to correct the issue they are having.
Threats to new technology
The rise of the Internet of Things (IoT) involves everyday household items being connected via wifi internet. While the IoT has created some amazing innovation, it has also made hacking a whole lot easier. Because it is everyday objects that are connected, users are often more lax with security, updates, and passwords, making hacking a more straightforward process.
Bluetooth technology has its own threats. Bluesnarfing is when a hacker gains access to your cell phone or laptop via Bluetooth. This unauthorized access allows them to steal all the personal information and files on your device. Less threatening is Bluejacking, which uses your Bluetooth connection to send information to another device with Bluetooth, but doesn’t necessarily access your personal data.
Given the never ending amount of ways technology can be hacked, taken over, and spied upon, and how the ways are constantly changing, staying updated on security threats is essential for those who are hoping to have a career in IT, as well as those already in a career in IT.
CCI Training Center has flexible class schedules that allow for those who already have IT jobs to stay up to date on the ever changing security threats. You can gain certifications and knowledge that will help you better protect your company, and teach your coworkers how to protect them, in a timely manner that will not take away from your current work schedule.
The IT field is always looking to diversify and to that end, many employers are actively looking to hire women into their open positions. If you have been looking for a job with the opportunity to advance over time, there are a great deal of IT positions you should consider.
If you work on a help desk, IT support, and network administrator or in information security you need to be able to diagnose and treat all of the problems outlined above.
CCI Training IT Security Fundamentals course, along with the others within its Computer & Network Administrator Program, provides you with an understanding of IT security issues. For more information, fill out the form on this page and we’ll be in touch.