Question:
Describe about the Information Technology Security?
Information security is an issue that is becoming more important as we are becoming more and more dependent on information technology and Internet. In this paper, it will find details about IT security that is a sub domain of information security. Different security attacks, counter measures, real life statistics about information security will be discussed in the report. It will find out the importance of IT security in our lives.
Information security or InfoSec is an issue that is always an issue with information technology and its applications. With the emergence of information technology, the issues with information security have not reduced, rather those are also growing in number day by day. The attackers are also using the new technologies to update the patterns of their attack. The emergence of social media, internet of things, cloud computing etc. have make Internet more popular among people, more data are now getting transmitted over the internet, there are lots or devices other than laptops and computers that are connected with the Internet. Huge amount of personal and sensitive information about individuals, banking details, credit card information and other kind of business information are shared across such devices over the internet. So, attackers are more interested in stealing these information. Use of cloud computing has added the concept of virtualization. There are various information security issues with cloud computing that are hard to overcome as these issues are very inherent to cloud computing platform.
There are regulatory, laws, legislation that enforces information security and implements security standard for securing our digital information. However, that does not provide much help. There are several dimensions of information security attacks, countermeasures of those attack. But the truth is, there is no way to stop these attacks all together. So prevention is the solution. There are best practices and other kind of information security implementations that can help in this context. (Whitman & Mattord, 2011)
In this report there will be extensive literature review on information security in the context of information technology or IT security, different methods followed in IY security, results and finding of IT security etc.
Information security is the process of securing physical ad digital format of data from some individual. It secures data from unauthorized access, deletion, modification etc. IT security is a sub domain of information security domain. IT security is more centered to computer and internet security.
Thus, it needs to understand computer and network security for better understanding or IT security. It is hard to separate computer security and network security. Even discussion on IT security without considering information security, is not possible. Every fields are closely connected and dependent on each other.
Computer is an electronic device capable of input/output of data, processing, storage and decision making on those data. Now the range of computers or computing devices has been expanded. Now laptops, smart phone etc., all comes under the category of computing devices. On the other hand a network is a system of connected computers and devices capable of sharing and transmission of information across the network. There are different types of private and public networks. For example, there is public network such as Internet. (Bishop, 2004)
Thus, the whole infrastructure is a combination of the mechanisms and processes that connects a wide range of digital equipment and networks. It should facilitate data transmission. Securing the whole infrastructure refers to the notion of all tools, techniques etc. for giving protection to the hardware, software and data in the infrastructure. There should be no unauthorized or unintended access to data or systems, no accidental or intentional change or deletion of data etc.
The reliance on computerized systems and internet are growing day by day, so the need for IT security is also growing. Sometimes the term IT security is used synonymously with the term ‘cyber security’. In general physical security of these assets and infrastructure is not considered to be an integral part of IT security, but an argument says that physical security should be considered as it gives full unauthorized access control to data that is stolen, or it can damage data. Thus it is considered to be a worse example of IT security breaches.
There are some principles of information security and IT security is supposed to conform to those principles also. It says any cyber or IT security infrastructure should provide features like confidentiality, integrity and availability of the data and infrastructure. If the implementation or the infrastructure conforms to these features, then it will be considered as a secure system. Confidentiality is the process of making the data secure from any kind of unauthorized access. There are processes like authorization, authentication etc. that helps in implementing confidentiality in some system. Integrity refers to the process of ensuring that data is not damaged or modified by some unauthorized user. Thus legitimate user will get the ‘pure’ form of data. This can be ensured by cryptographic solution like encryption, decryption. Digital signature etc. Availability ensures data will always be available to the legitimate users whenever required. There are processes like access control that ensures this. (Andress, 2014)
IT security covers protection of data, hardware computing infrastructure and users. Data protection is available when data is in rest or in transit. There are various types of IT security attacks and countermeasures.
Other than common virus attacks, attacks from hackers, theft of information, there are different kind of attacks like exploitation of system vulnerability, denial of services, backdoors, spoofing, tampering, exploitation, direct access attacks and many more.
There may be some weaknesses in a system that dampens the assurance of information security in the system. Sometimes these are hard to detect in advance. In some specific circumstances the vulnerability can be prominent or it may be hidden until some attacker exploits the vulnerability. There are three constraints to be met before exploitation of some vulnerability. Those are,
There are tools and techniques that are used by attackers for exploiting some vulnerability in a system. The vulnerability is sometimes termed as ‘attack surface’.
Sometimes a security risk associated to an IT system is also called as vulnerability. However this is confusing. Risks have some significant losses. But vulnerability may not have some loss even if those are exploited. Thus a risk will be a vulnerability but every vulnerability may not be a risk.
Denial of service attack is a special kind of attack that does not try to get unauthorized access to some information system, rather it makes the system unavailable to the legitimate users. Victims are denied from getting the services from some system and the process is deliberately done by the attackers. Some examples of such attacks are, flooding a network with traffic overload and making down it, repeatedly entering wrong password on behalf of some user and making some system unreachable to them etc. Prevention of such attacks are very difficult. As it needs analysis of the total IT infrastructure and network for analysis of the patterns and behavior of the network.
There are variation of this attack, for example DDoS or Distributed Denial of Service attack. In this case, a large number of ‘zombie systems’ or compromised systems are used to make a botnet. Then there are some worms or virus, spread through victim network. The botnet sends overwhelming traffic thought the worms and makes the victim network unusable to the legitimate users. The victim network is flooded with simple network requests. The technique is to make the networking resources exhausted so that the network goes down.
Other than that, there is another method to do DoS attack. That is using attack amplifier. There may be weakness in the network protocol design for a network. For example, poorly designed protocol like DNS, NTP etc. The attacker exploits some operating system vulnerability and instructs the poorly designed protocols to generate excessive flood that is unmanageable to the network. As a result the system or network get crashed and becomes unavailable. (Pfleeger & Pfleeger, 2012)
Backdoor is a process that let enter into some information system of cryptosystem without going through the authentication process or any other means of secure access. The attempts of bypassing are kept undetected by the system and its security infrastructure.
There is some special type of asymmetric encryption based attacks that resists the security system and helps reverse engineering even after detection and analysis.
There may be specific computer application that is installed on the victim system or it may modify some already installed application on the victim system as a backdoor application. Even some hardware part of the system can be modified as backdoor application. Rootkit is a special form of backdoor application. It replaces the system binaries. Then it may hook into the process of function calling by the OS and makes it hidden to legitimate applications, services and users. Even it may supply wrong information to the application about resources and makes the system malfunctioning.
Eavesdropping happens to the data while transmitted through a transmission channel. It ‘listen’ to the transmitting data. When there is a data transmission between two hosts in a network, then eavesdropping sneaks into the streaming conversation. Some specific application that helps in this process are installed on the ISPs. For example, application like NarusInsight, Carnivore etc.
However, there are chances that a closed system may be a victim of eavesdropping. In this case the electromagnetic signal that carries data among different hardware parts of the system can be monitored secretly. For example, a specification called TEMPEST. (Bishop, 2004)
Spoofing is the process of masquerading a legitimate user by falsifying the credentials of the legitimate user.
There are various protocols in the TCP/IP protocol suite that helps in authentication mechanisms. These mechanisms are implemented in the source or destination of some message. These protocols are vulnerable to spoofing. Thus these needs extra cautions while implementation. Before sending or receiving messages using these protocols the applications are needed to be sure of the identity of the sender or receiver. There are attacks like ARP spoofing attack, IP spoofing attack etc. These are a kind of ‘man in the middle’ attacks in some computer network.
Malicious software or malware are software that are used for disrupting the normal operation of some system or computers, gaining access to some data in an unauthorized way, gathering sensitive and critical information by stealing those etc. Intentionally malware are used for stealing information from some system. These are used by hackers and attackers as some tools. Some examples of prominent malware are, Regin, CryptoLocker, Stuxnet etc. (Davis, Bodmer, & LeMasters, 2009)
There are different types of application that comes under the malware category. Those applications include worms, computer viruses, spyware, Trojans, adware, ransomware, scareware and many more.
A malware can take different application format. For example, active content, executable, scripts, code blocks etc.
Other than attackers, malware are intentionally supplied by companies for different market research. For example, Sony used Sony Rootkit with the CDs sold by them. However, the process is illegal. (Blunden, 2013)
Computer viruses and Trojans are some special kind of malware that are spread through replication. Once a system is infected by some of these viruses, it then replicates itself through the data files, programs, storage, boot sectors etc. on the infected hosts the viruses do some nuisances sometimes. Or sometimes they just be dormant. Common problems with viruses are spamming, corruption of data, unauthorized access or stealth of information, stealing computing resources like memory, CPU cycles etc., display of error messages, key stroke logging etc.
Computer viruses are just piece of codes and those are used for exploitation of security vulnerabilities in IT systems, computers and applications.
With reference to information security, social engineering is a psychological manipulation of the people’s information and finding out the sensitive ones. The goal of social engineering is to play a confidence trick that helps in gathering information from people and use of those information in system access, fraud etc.
There are different types of social engineering techniques. Most of these are based on decision making process by humans or ‘cognitive biases’. These are also termed as ‘bugs in human hardware’. Similar to the software vulnerabilities in information systems, these ‘cognitive biases’ are also exploited by the attackers. (Hadnagy, 2010)
Attackers use different combinations of social engineering attacks and steals information from victims. Some of the common techniques are,
Pretexting
Pretexting or blagging is the process of creation or usage of some scenario (invented ones) to involve the victim into the scenario. Personal information like social security number, credit card information etc. are stolen using this techniques.
Phishing
Phishing is the process of obtaining private information of some individual in an illegal way. For example, there are phishing email sent by attackers to target victims. When the victim opens, replies to the email, it asks for some sensitive information like bank details, credit card details etc. if the user steps into the trap and share the same. Then these information are stolen and the user becomes the victim.
Insider attack is very common in organization. It refers to the cases when some person like employee or staffs of an organization steals information from the systems of the organization. Other than that there are software based insider attacks. For example, damaging information, eavesdrop, stealth of information etc. Even there may be DoS attacks from inside of the organization. (Pfleeger & Pfleeger, 2012)
There are also different security countermeasures that helps to deal with the security breaches and implementation of security in some IT infrastructure. Generally the term countermeasure with reference to computer security means, the action or measurement taken to reduce some attack, vulnerability or threat by prevention or elimination, or minimization of impact. Some of the common countermeasures to deal with different kinds of IT security attacks are discussed below,
There is a cyclic process of managing vulnerabilities in a system. It deals with identification, classification, remediation and mitigation of vulnerabilities in some system. It must be noted that these vulnerabilities are software related. Thus vulnerability management is an integral part of IT security. There are special kind of vulnerability scanner for analyzing an information system for vulnerabilities like insecurities and open loopholes in configuration of the installed software, open ports, malware susceptibilities etc. Still there are risks of ‘zero day vulnerability’ attacks that are harder to overcome. However, there are scanning methods like fuzz testing that may indicate zero day vulnerability attacks. There are other vulnerabilities like buffer overflow etc. these can be identified using test cases and automated testing process. There are anti-virus software that can carry out heuristic analysis and find out different malwares. (FitzGerald & Dennis, 2009)There are system patches and updates that helps in overcoming the vulnerabilities in a system. Other measurement like firewall etc. also helps to some extent.
While designing an information system at the first place, the security of the system should be taken care of. There should be proper design and development of the system, there should be enough testing and implementation for the security infrastructure of the system. An ideal secure system is unreal to have. However, different sets of security measures can be implemented or followed as a part of the process. Some of these techniques are,
IDS or Intrusion Detection Systems are used for detection of different kind of attacks in networks. IDS systems can help in different forensic analysis in post analysis scenarios, log servers, audit trails etc.
Computer codes are some form of mathematical and logical statements. So, theoretically is can proved to be correct or not. However, the feasibility of such proofs are not possible or beyond computational limits sometime. (Pieprzyk, Hardjono, & Seberry, 2003)
There are several proofs and processes in cryptography that helps in computer security. Some of those are,
Hardware are also sources of system vulnerability and attackers can break into some information system through breaches of hardware. There are common hardware sources like USB, BIOS etc. are common vulnerability sources. For example, the microchip vulnerability is the chip of a computer system was introduced during the manufacturing of the chips. This is an example of hardware based attack. (Pfleeger & Pfleeger, 2012)
It is considered to be best practice to restrict the use of USB dongles, disabling USB ports etc. Stronger cryptography based security standards and algorithms like AES etc. can help in this context.
In most of the cases, especially in social engineering based cases, it has been seen that individuals and organizations are not enough aware of security issues, vulnerability of their systems etc. Studies have shown that most of the small businesses are not using information security implementation in their business because those are costly and they don’t find any direct benefit from those implementations. But these small businesses carry on online transaction about customer information, credit card details etc. and these are very lucrative target option to attackers. They can easily breach into the systems of such businesses and steal data. In such cases, the organization will not have survival threat only, there will be legal threats. (Bishop, 2004)
Such kind of lack of awareness about information security makes the systems, individuals and businesses more vulnerable. Implementation of some security measures without understanding the contexts will not help to mitigate cyber-crimes and security issues. If people become more aware then only these problems can be handled efficiently. Information systems are prone to vulnerabilities. Those cannot be ignored but the security can be optimized.
Information security has become a serious issue to all country and governments. With the rising number of cyber-crimes these have become more critical. So, there are cyber-crime laws and legislation in all countries around the world.
Each country and legislation has data privacy and protection acts. Data privacy acts ensures that when data is shared over the network among the hosts, individuals or organization, the data will not be accessed by some unauthorized entity. Every information system, user and organization need to agree on some data privacy policy before sharing data.
Data protection acts ensures data will be protected when stored, processed and transmitted. This is the responsibility of some organization that has requested and obtained data from individual.
Other than that there are various ethical issues related to information security. However, the laws and legislation about the information security, virus attacks etc. changes from country to country in a very tricly way.
There are various information security labs, research institutes etc. that are observing the trends and statistics of information security for years. According to the studies of such labs following trends are supposed to prevail information security domain in current year.
There are various studies going on in the field of information security and technologies. Among those studies researches on the security technologies of cloud computing, mobile computing, wireless communication networks are very important. Researchers are working on making systems stronger, sophisticated yet secure. There are works on cryptography, secure protocol etc.
Ecommerce and social media have become very popular. In coming days, those are supposed to be more wide spread. There are huge amount of data that is transmitted and processed through such systems. People from non-technical background and with very little or with no knowledge about information security are sharing data over these platforms. These people, systems and platforms are becoming targets of the hackers and attackers very easily.
Conclusion
In this report there is a detailed discussion on information technology security. As information technology and security or IT security is a sub domain of information security thus, there is a brief discussion on information security in current context. There is a detailed discussion on different kinds of security attacks ranging from exploitation of vulnerabilities, security breaches virus attacks, backdoors etc. Also there are different countermeasures like vulnerability management, safe and secure design of information systems etc. All these aspects along with current trends, issues etc. in IT security, current researches etc. have been discussed.
Information security is a very vast topic. So is information technology security. There are different types of new attacks are evolving each day. The domain is very dynamic in nature. So, awareness, knowledge and understanding is very much important at the first place. In coming days, technologies will be more advanced and that will make the attacking tools and techniques more advanced and sophisticated thus these attacks will be more fatal. Proper understanding, proper implementation of security controls and measurements, proper use of information technology are very much needed in current contexts of IT security.
References
Andress, J. (2014). The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice. Syngress.
Bishop, M. (2004). Introduction to Computer Security. Addison-Wesley Professional.
Blunden, B. (2013). Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System. Jones & Bartlett Publishers.
Davis, M., Bodmer, S., & LeMasters, A. (2009). Hacking Exposed: Malware and Rootkits. McGraw Hill Professional.
FitzGerald, J., & Dennis, A. (2009). Business Data Communications and Networking. John Wiley & Sons.
Hadnagy, C. (2010). Social Engineering: The Art of Human Hacking. John Wiley & Sons.
Lampson, B. W. (2004). Computer security in the real world. Computer, 37-46.
Pfleeger, C. P., & Pfleeger, S. L. (2012). Analyzing Computer Security. Prentice Hall Professional.
Pieprzyk, J., Hardjono, T., & Seberry, J. (2003). Fundamentals of Computer Security. Springer .
Tsai, C.-L., Lin, U.-C., Chang, A., & Chen, C.-J. (2010). Information security issue of enterprises adopting the application of cloud computing. Sixth International Conference on Networked Computing and Advanced Information Management (NCM) (pp. 645 – 649). Seoul: IEEE.
Whitman, M., & Mattord, H. (2011). Principles of Information Security. Cengage Learning.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download