Computer Security
Computer Security
aBackupi
nDept
h:Concept
s,Techni
ques,
andSt
orageTechnol
ogi
es
I
nani ncr
easingl
ydigit
izedbusi
nessl andscape,databackupisvit
alfort
hesurv i
valofan
organizat
ion.Youcangethackedorr ansomed, andloseyourdatatothi
eveswho’ l
lsell
y our
tradesecretstothehighestbi
dder.Injectedmalwarecancorruptyourhar
d-earnedinformati
on.
Disgruntl
edempl oyeesorotheri
nsidert hreat
scandeleteyourval
uabledi
gital
assets.Cany ou
recoverfrom dat
aloss?
WhatI
sDat
aBackup?
•TheI
mpor
tanceofaDi
sast
erRecov
eryPl
an:
Alar
mingSt
ati
sti
cs
•6Dat
aBackupOpt
ions
•BackupSt
orageTechnol
ogy
WhatI
saDat
aBackup?
Databackupisthepracti
ceofcopyi
ngdatafr
om apr i
marytoasecondar ylocat
ion,
toprotectit
i
ncaseofadi sast
er,acci
dentormali
ci
ousaction.Datai
stheli
febloodofmoder norgani
zations,
andlosi
ngdatacancausemassi vedamageanddi sr
uptbusi
nessoper at
ions.Thisi
swhy
backi
ngupy ourdat
ai scri
ti
calf
oral
lbusi
nesses,lar
geandsmal l
.
Whatdoesbackupdat
amean?
Typi
call
ybackupdatameansal l
necessarydatafortheworkl
oadsyourserverisrunni
ng.Thi
s
cani
ncludedocument s,
medi afi
les,
configur
ati
onf i
l
es,machineimages,operati
ngsystems,
andregi
str
yfil
es.Essenti
all
y,anydatathatyouwantt opr
eservecanbestoredasbackupdat a.
Dat
abackupi
ncl
udessev
eral
impor
tantconcept
s:
Backupsol
uti
onsandt ool
s—whi
lei
tispossi
blet
obackupdat amanuall
y,t
oensur
esy st
ems
ar
ebackedupr egul
arl
yandconsi
stent
ly,
mostorgani
zat
ionsuseatechnol
ogysol
uti
ontoback
upthei
rdat
a.
Backupadmi ni
str
ator
—ev eryor
ganizat
ionshoul
ddesignat
eanempl oy
eeresponsi
blef
or
backups.Thatemployeeshouldensurebackupsyst
emsar esetupcorr
ect
ly,
testt
hem
peri
odical
lyandensurethatcri
ti
caldat
aisactual
l
ybackedup.
Backupscopeandschedul
e—anorgani
zati
onmustdecideonabackuppoli
cy,speci
fyi
ngwhi
ch
fi
lesandsyst
emsareimport
antenoughtobebackedup,andhowfrequent
lydatashoul
dbe
backedup.
RecoveryPointObject
ive(
RPO) —RPOist heamountofdat aanorganizat
ioni
swill
i
ngtolosei
fa
disast
eroccurs,andisdet
erminedbyt hefrequencyofbackup.I
fsystemsarebackeduponce
perday,theRPOi s24hours.ThelowertheRPO, t
hemoredat ast
orage,comput
eandnetwork
resour
cesarer equi
redtoachi
evefrequentbackups.
Recov er
yTimeObj ecti
ve(RTO)—RTOistheti
mei ttakesforanor
ganizati
ontor
estoredataor
systemsf r
om backupandr esumenormaloperat
ions.Forlar
gedatavolumesand/orbackups
storedoff-
premi
ses, copy
ingdataandrest
ori
ngsy stemscantaketi
me, andr
obusttechni
cal
soluti
onsareneededt oensurealowRTO.
TheI
mpor
tanceofaDi
sast
erRecov
eryPl
an:
Alar
mingSt
ati
sti
cs
Tounder st
andt
hepotenti
alimpactofdi
sast
ersonbusi
nesses,
andthei
mportanceofhavi
nga
databackupstr
ategyaspartofacomplet
edisast
err
ecover
yplan,
consi
dert
hef ol
l
owing
stat
ist
ics:
Costofdownt
ime—accor
dingt
oGar
tner
,theav
eragecostofdownt
imet
oabusi
nessi
s$5,
600
perminut
e.
Survi
valrate—anot
herGart
nerstudyfoundonl
y6%ofcompaniesaff
ect
edbyadi
sast
erthatdi
d
nothav edisast
err
ecover
yinplacesurvi
vedandcont
inuedt
ooperat
emoret
hantwoyearsaft
er
thedisaster.
Causesofdat
aloss—t
hemostcommoncausesofdat
alossarehardwar
e/sy
stem f
ail
ure(
31%)
,
humanerror(
29%)andvi
ruses,
andmal
war
eofransomware(29%).
Dat
aBackupOpt
ions
Ther
ear
emanyway
stobackupy
ourf
il
e.Choosi
ngt
her
ightopt
ioncanhel
pensur
ethaty
ouar
e
creati
ngthebestdatabackuppl
anf
ory
ourneeds.Bel
owar
esi
xoft
hemostcommon
techni
quesortechnologi
es:
Remov
abl
emedi
a
Redundancy
Ext
ernal
har
ddr
ive
Har
dwar
eappl
i
ances
Backupsof
twar
e
Cl
oudbackupser
vices
Remov
abl
eMedi
a
Asimpleoptionistobackupfil
esonr emov ablemediasuchasCDs, DVDs, newerBlu-Raydisks,
orUSBflashdrives.Thi
scanbepr acti
cal f
orsmal l
erenv
ironments,
butforlargerdatavolumes,
you’
ll
needt obackupt omulti
pledisks,whichcancompl i
caterecov
ery.Also,youneedt omake
sureyoustoreyourbackupsinasepar atelocati
on,ot
herwiset
heymayal sobel osti
nadi saster
.
Tapebackupsalsof al
li
ntothi
scat egory
.
Redundancy
Youcansetupanaddi t
ional
harddrivethatisarepli
caofasensi t
ivesystem’sdr i
veata
specif
icpointintime,oranenti
reredundantsy st
em.Forexampl e,anotheremai lser
verthati
s
onstandby ,backi
ngupy ourmainemai lserv
er.Redundancyi sapower f
ultechniquebutis
complext omanage.I tr
equir
esfrequentrepli
cati
onbet weenclonedsystems, andit’
sonly
usefulagainstthefai
l
ureofaspeci f
icsystem unlesstheredundantsystemsar einar emotesi
te.
Ext
ernal
Har
dDr
ive
Manyv endor
sprov i
decompl et
ebackupappl i
ances,typi
cal
lydeployedasa19”r ack-
mount ed
devi
ce.Backupappliancescomewi t
hlargestoragecapacityandpre-i
ntegratedbackup
soft
ware.Youinstal
lbackupagentsont hesystemsy ouneedt obackup, defi
ney ourbackup
scheduleandpoli
cy,andthedatastart
sstreamingt othebackupdev i
ce.Aswi thotheropti
ons,
tr
ytoplacethebackupdev i
ceisol
atedfrom thelocalnetworkandifpossible,i
nar emotesite.
BackupSof
twar
e
Soft
ware-basedbackupsolut
ionsaremorecomplextodepl
oyandconfiguret
hanhardwar
e
appl
iances,butof
fergreat
erfl
exi
bil
i
ty.Theyal
l
owy outodef
inewhichsystemsanddatayou’
d
l
iketobackup, al
l
ocatebackupstothestor
agedevi
ceofyourchoi
ce,andautomati
call
y
managet hebackupprocess.
Cl
oudBackupSer
vices
WhatI
sa3-
2-1BackupSt
rat
egy
?
A3- 2-
1backupst r
ategyisamet hodforensur
ingthatyourdataisadequat
elydupli
cat
edand
rel
iablyrecov
erabl
e.Inthi
sstr
ategy,thr
eecopiesofy ourdat
aarecreatedonatleastt
wo
dif
ferentstor
agemedi aandatleastonecopyisstoredremotely
:
Threecopi
esofdat
a—y ourt
hreecopi
esi
ncl
udeyouror
iginal
dat aandt
wodupl
i
cat
es.Thi
s
ensurest
hatal
ostbackuporcorrupt
edmedi
adonotaffectrecover
abi
l
ity
.
Twodif
ferentstor
agety
pes—reducest
heri
skoff
ail
uresrel
atedtoaspeci
fi
cmedium byusi
ng
twodi
ff
erenttechnol
ogi
es.Commonchoicesi
ncl
udeinter
nalandext
ernal
harddr
ives,
r
emov
abl
emedi
a,orcl
oudst
orage.
Onecopyoff-si
te—eli
minat
estheri
skassoci
atedwithasinglepointoff
ail
ure.Off
sitedupli
cat
es
areneededforrobustdi
sast
eranddat
abackupr ecover
ystrategi
esandcanal l
owf orfai
l
over
duri
nglocal
outages.
Thisstr
ategyi
sconsideredabestpr act
icebymostinformationsecur
ityexpert
sand
governmentauthor
it
ies.I
tprotectsagai
nstbothacci
dentsandmal ici
ousthreats,
suchas
ransomware,andensuresrel
iabledatabackupandrestorat
ion.
Ser
verBackup:Backi
ngUpCr
it
icalBusi
nessSy
stems
Theeasi
estwayt
obackupaserveri
swit
haser
verbackupsol
uti
on.Thesesol
uti
onscancome
i
nthefor
m ofsof
twar
eorappl
iances.
Ser
verbackupsol
utionsar et
ypi
cal
lydesignedt
ohel
py oubackupserverdat
atoanot
herlocal
ser
ver,acl
oudserver,orahybri
dsystem.Inpar
ti
cul
ar,
backuptohy br
idsyst
emsisbecoming
morepopular
.Thi
si sbecausehybri
dsy st
emsenabl
eyoutoopt i
mizeresour
ces,
supporteasy
mult
i-
regi
ondupli
cation,andcanenablefast
err
ecov
eryandfail
over.
I
ngener
al,
ser
verbackupsol
uti
onsshoul
dincl
udet
hef
oll
owi
ngf
eat
ures:
Suppor
tfordi
ver
sefil
etypes—shoul
dnotincl
udeanyfi
l
etypes.Inpar
ti
cul
ar,
sol
uti
onsshoul
d
suppor
tdocuments,
spreadsheet
s,medi
a,andconfi
gur
ati
onfil
es.
Backupl
ocat
ion—youshouldbeablet
ospecifybackupl
ocat
ions.Thesol
uti
onshoul
dsuppor
t
backupt
oavariet
yoflocat
ionsandmedi
a,includi
ngonandoff-
sit
eresour
ces.
Schedul
ingandautomat i
on—inaddi
ti
ontoenablingmanual
backups,
sol
uti
onsshouldsupport
backupautomati
onthroughschedul
ing.Thishel
psensur
ethatyoual
wayshav
ear ecentbackup
andthatbackupsarecreatedi
naconsistentmanner
.
Backupmanagement —youshouldbeabletomanagetheli
fecy
cleofbackups,
incl
udi
ngnumber
stor
edandlengthofti
mekept .I
deal
l
y ,
soluti
onsal
soenabl
eeasyexportofbackupsf
ort
ransf
er
toexter
nal
resourcesorforuseinmigrat
ion.
Part
it
ionselect
ion—parti
ti
onsarei
sol
atedsegmentsofast
orageresour
ceandareoftenused
toseparat
edatawi thi
nasy st
em.Sol
uti
onsshoul
denabley
out oi
ndependent
lybackupdata
andrestor
epartit
ions.
Datacompressi
on—tomini
mizet
hestorageneededfornumerousbackups,
solut
ionsshoul
d
compressbackupdat
a.Thi
scompressi
onneedst obelossl
essandmaintai
ntheintegr
it
yofal
l
dat
a.
Backupt
y pesel
ecti
on—y
oushouldbeabletocreateav ar
iet
yofbackupt
ypes,
incl
udingf
ull
,
di
ffer
ent
ial,
andincr
emental
backups.Di
ff
erent
ialbackupscreat
eabackupofchangessi
nce
thel
astful
lbackupwhi
lei
ncrement
alr
ecor
dsthechangessincet
helasti
ncrement
albackup.
Thesety
pescanhelpyoureducet
hesi
zeofyourbackupsandspeedbackupti
me.
Scal
ing—backupabi
li
ti
esshouldnotbel
imi
tedbythevol
umeofdataony
ourser
ver
s.Sol
uti
ons
shouldscal
easyourdatadoesandsuppor
tbackupsofanysi
ze.
BackupSt
orageTechnol
ogy
Whichev
ertechni
queyouuset
obackup,attheendoft
heday,dat
amustbest
oredsomewher
e.
Thestor
agetechnol
ogyusedt
ohol
dy ourbackupdat
aisver
ysigni
fi
cant
:
Themorecost-
eff
ecti
veiti
s,themoredat
aiti
sabl
etost
ore,
andt
hef
ast
ert
hest
orageand
ret
ri
eval
overanetwork,
thelowery
ourRPOandRTOwill
be.
Themor
erel
i
abl
ethest
oraget
echnol
ogy
,thesaf
ery
ourbackupswi
l
lbe.
Bel
ow,
you’
l
lfi
ndar
evi
ewofbackupst
oraget
echnol
ogi
esandt
hei
runi
queadv
ant
ages.
Net
wor
kShar
esandNAS
Youcansetupcent rali
zedst or
agesuchasNet wor
kAt t
achedSt or
age( NAS),St
orageAr ea
Network(SAN) ,orregularharddisksmount edasanetwor kshareusingNetworkFil
eSy stem
(NFS)protocol.Thi
si saconv enientopt
ionformakinglargestor
ageav ail
abl
etolocaldevices
forbackup.Howev er,itissusceptibl
etodisast
ersaff
ecti
ngy ourenti
redatacenter
,suchas
natur
aldisastersorcy berat
tacks.
TapeBackup
Cl
oud-
BasedObj
ectSt
orage
Whenusi ngcloudpr ovi
ders,
youhaveaccesstoav ari
etyofst
orageservi
ces.Cloudprovi
ders
chargeaf l
atpriceperGigabyte,
butcost
scanstarttoaddupforfrequentaccess.Therear
e
multipl
etoolsthatletyoubackupdatatoS3automatical
ly,
bothfr
om withi
nthecl oudandfr
om
on-premisemachi nes.
2.Soci
alNet
wor
king:whati
sit
?
Socialnetworki
ngist hepr
acti
ceofusi ngadedi catedonlineplatformt omaintai
ncontact,
i
nteractandcollaboratewi
thlike-
mi ndedindiv
idual
s, peers,f
ri
endsandf amil
y.Popularsoci
al
networkingsi
tes--suchasFacebook, Yel
p,Twi t
ter
, I
nstagram andTi kTok--enabl
eindivi
dual
s
tomai nt
ainsocialconnect
ions,stayinfor
medandaccess, aswel lasshare,awealt
hof
i
nformat i
on.Thesesi t
esal
soenabl emar keterstoreacht hei
rtargetaudiences.
HowSoci
alNet
wor
kingwor
ks.
Onli
nesocialnetworkingisdependentont echnologyandi nt
ernetconnectiv
ity
.Userscan
accesssocialnetworkingsit
esusi ngthei
rPCs,tabletsorsmar t
phones.Mostsocialnetworki
ng
si
tesrunonabackendofsear chabl
edatabasest hatuseadvancedpr ogramminglanguages,
suchasPy thon,t
oor ganize,st
or eandret
ri
evedat ainaneasy -
to-underst
andformat.For
example,Tumblrusessuchpr oductsandservi
cesi nitsdail
yoper at
ionsasGoogleAnalyti
cs,
GoogleWor kspaceandWor dPress.
Soci
alnet
wor
kingf
ulf
il
lst
hef
oll
owi
ngf
ourmai
nobj
ect
ives:
Shar
ing.Fr
iendsorfamil
ymember swhoar egeographi
call
ydispersedcanconnectr emotel
y
andshareinf
ormati
on,updat
es,photosandvideos.Soci
alnetworkingalsoenabl
esindivi
duals
tomeetotherpeopl
ewithsimil
ari
nterest
sortoexpandt hei
rcurrentsocial
networks.
Learni
ng.Soci
alnet
worksserveasgreatl
earni
ngplat
for
ms.Consumerscaninst
ant
lyr
ecei
ve
breaki
ngnews,getupdat
esregardi
ngfri
endsandfamil
y,orl
ear
naboutwhat'
shappeni
ngin
thei
rcommunity.
Interact
ing.Soci
alnetworkingenhancesuseri
nteract
ionsbybreaki
ngthebar
ri
ersoft
imeand
distance.Withcl
oud-basedv i
deocommuni cat
iontechnologi
essuchasWhatsApporI
nst
agram
Live,peoplecantal
kf acetofacewithanyonei
nt heworld.
Market
ing.Compani
esmaytapi
ntosoci
alnetworki
ngserv
icestoenhancebrandawar
eness
wi
ththeplatf
orm'
suser
s,i
mprov
ecustomerretenti
onandconversi
onrat
es,andpromot
ebrand
andv
oicei
dent
it
y.
Thedi
ff
erentt
ypesofsoci
alnet
wor
king?
Whi
l
ether
earevar
iouscat
egor
iesofsoci
alnet
wor
kingsi
tes,
thef
ivemostcommont
ypesar
e
t
hefol
l
owing:
Soci
alconnecti
ons.Thisi
sat y
peofsocialnet
workwher epeopl
estayintouchwithfr
iendsor
fami
lymember sthroughonl
i
nepr of
il
esandupdates,orfi
ndnewf r
iendsthr
oughsimilar
i
nter
ests.Popul
arexamplesincl
udeFacebook,I
nstagram,Twit
ter
,YelpandMy space.
Professi
onalconnecti
ons.Gear
edtowardprofessi
onal
s,thesesocial
networki
ngsitesmay
i
ncludeagener alf
orum whereprof
essi
onal
scanconnectwi thco-worker
sorofferanexcl
usi
ve
pl
atform basedonspecifi
coccupati
onsori
nterestl
evel
s.LinkedI
nandTwi t
terarethemost
commonexampl es.
Shar
ingofmul t
imedi
a.Vari
oussocial
networ
kspr
ovi
dev
ideo-andphot
ogr
aphy
-shar
ing
ser
vices,
incl
udingYouTubeandFli
ckr.
I
nformational.Thi
stypeofsocialnetworki
ngi
ncludescommuniti
esofpeoplewhoarelooki
ng
foranswerst oever
ydayproblems.Fosteri
ngasenseofhelpi
ngothers,memberspr
ovide
answerstoquest i
ons,conductdi
scussionfor
umsort eachot
hershowt operfor
mvari
oustasks
andprojects.Popul
arexamplesincludeReddi
t,QuoraandDoIt
Yourself
.com Communi
ty
Forums.
Educati
onal
.Educat
ionalsoci
alnetworkspromoteremotelear
ning,enabli
ngstudent
sand
teacher
stocoll
aborat
eonschool proj
ects,
conductresear
ch,andinteractt
hroughbl
ogsand
forums.Googl
eClassroom,Li
nkedInLearni
ngandePal sarepopularexamples.
Secur
it
yissuesi
nSoci
alNet
wor
king.
Social
networksoff
ersagreatwayt
oconnect,
int
eractandcol
l
abor
ate.Ther
eexi
sthowev
er,
securi
tyi
ssuesthatuser
shadtocontendwi
th.
Toav
oidbeenv
ict
imsofsoci
alnet
wor
k,t
hef
oll
owi
ngar
esaf
epr
act
icest
odepl
oy.
Saf
etyTi
psf
orSoci
alNet
wor
king
Soci
alnet
workingsi
tesl
ikeFacebookandTwitt
ercanbeagreatwaytoconnectwi
thf
ri
ends.
Butt
herearesomesocialnet
workingsaf
etyt
ipsyoushoul
dalwayskeepi
nmi nd.
Manageyourpr
ivacysetti
ngs.Lear
naboutanduset
hepri
vacyandsecuri
tyset
ti
ngsonyour
soci
alnet
worki
ngsites.Theyhelpyoucont
rol
whoseeswhatyoupostandmanageyouronl
ine
exper
iencei
naposit
iveway.You'
l
lfi
ndsomei
nfor
mat
ionaboutFacebookpr
ivacyset
ti
ngsat
thebott
om oft
hiswebpage.
Remember :
oncepost ed,al
wayspost ed.Prot
ectyourreput
ati
ononsocial
networks.Whatyou
postonl
i
nest aysonli
ne.Thinkt
wi cebeforeposti
ngpictur
esyouwouldn'
twantyourparent
sor
fut
ureemployerstosee.Recentresearchfoundthat70%ofjobrecr
uit
ersrej
ect
edcandidates
basedoninformati
ont heyf
oundonl i
ne.
Buil
daposi ti
veonli
nereput
ati
on.Recentr
esearchalsof
oundthatrecr
uit
ersr
espondtoastr
ong,
posit
ivepersonalbr
andonli
ne.Sodemonstrat
ey ourmaster
yoftheenvir
onmentandshowcase
yourtal
ents.
Keepper
sonali
nfopersonal.Becar ef
ulhowmuchper sonali
nfoyouprov
ideonsoci
al
net
worki
ngsit
es.Themor einformat i
onyoupost,
theeasieri
tmaybeforsomeonetousethat
i
nfor
mati
ontostealyouridenti
ty,accessyourdat
a,orcommitothercr
imessuchasstal
ki
ng.
Prot
ectyourcomputer
.Secur
it
ystar
twithprotect
ingyourcomputer.Inst
all
Anti
vir
ussoftware.
Keepyouroperat
ingsyst
em,webbrowser,andothersoft
warecurrent.YoucanusethePitt
Soft
wareUpdateServi
cetoautomat
ical
l
ydownl oadthelat
estsecurit
yupdatesforWindows.
Knowwhatactiontotake.Ifsomeoneishar
assi
ngorthr
eateni
ngy ou,
remov
ethem f
rom y
our
fr
iendsl
i
st,
blockthem, andrepor
tthem t
othesi
teadmini
strat
or.
Usestrongpasswor
ds.Makesur
ethatyourpasswordi
satleasteightchar
acter
slongand
consi
stsofsomecombinati
onofl
ett
ers,numbers,
andspecialcharact
ers(
forexample,
+,@,
#,
or$).
Becauti
ousonsocial
networkingsi
tes.Ev
enli
nkst hatl
ooktheycomef r
om f
ri
endscan
someti
mescontai
nhar mful
sof t
war
eorbepar tofaphishingat
tack.I
fyouar
eatall
suspi
cious,
don'
tcl
icki
t.Cont
actyourfr
iendtoveri
fythev
alidi
tyoftheli
nkfi
rst.
Ant
ivi
rusPr
otect
ion
Av ir
usisanyunwantedprogram t
hatent
ersauser ’
ssy stem withoutthei
rknowledge.Itcan
self-
repl
icat
eandspread.Itper
for
msunwant edandmal i
ciousactionsthatendupaf f
ecting
thesy st
em’sper
for
manceanduser ’
sdat
a/fi
les.Acomput ervir
uscanbet houghtofasan
i
llnessofthecomputer,
justli
kehumanvir
usest hatcausedi seasesinhumans.
Antiv
irusSoft
wareisadatasecuri
tyuti
li
tywhi
chi
sinst
all
edinacomputersystem wit
ha
purposeofprotect
ionfr
om vi
ruses,spy
ware,mal
ware,
root
kit
s,Tr
ojans,
phishi
ngattacks,
spam
att
ack, andot
heronli
necyberthr
eats.
TheNeedForAnt
ivi
rusPr
otect
ion
Asystem wit
houtanant i
vi
rusisjustl
i
keahousewi thanopendoor .Anopenandunpr otect
ed
doorwil
latt
ractal
ltheintr
udersandburglar
sintoyourhome.Simil
ar l
y,anunpr
otect
ed
computerwil
lendupi nvi
ti
ngallt
hev i
rusestothesyst
em.Anant i
vi
r uswill
actasacloseddoor
wit
hasecurityguar
df oryourcomputerfendi
ngoffallt
hemalici
ousi ntr
udi
ngvir
uses.
Ef
fectofv
irusonacomput
er
Sl
owdownt
hecomput
er
Damageordel
etef
il
es
Ref
ormathar
ddi
sk
Fr
equentcomput
ercr
ashes
Dat
aloss
I
nabi
l
ityt
oper
for
m anyt
askont
hecomput
erort
hei
nter
net
Adv
ant
agesofant
ivi
russof
twar
e
a.
Prot
ect
ionf
rom v
irusesandt
hei
rtr
ansmi
ssi
on.
Anantivirussof t
waremainl
yperfor
msapr ophylact
icf
uncti
on.I
tdetect
sanypotenti
alvi
rusand
thenwor kst oremoveit
.Keepinmindthatallt
hisismostl
ydonebeforethevi
rusgetstoharm
thesystem.So, t
hismeansthatmostofthevir
usesarecounter
edwaybef or
etheygettodoany
harmt oy oursystems.Ananti
vir
usmaycombatmanyv ir
usesinasingl
edaywi t
houtyour
knowledge.Av astandNortonaresomeoft hemostpopularant
ivi
russoft
warethati
savail
able
i
nt hemar kett
hesedays.
I
fav i
rushasat t
ackedyoursy
stem,y
oucanpotenti
all
ytr
ansfert
hattoyourf
riends,
famil
y,and
net
wor ks.So,
ifyouwanttoprot
ecty
ourcomputersyst
em aswellascomputersofyour
acquai
ntances,
thenconsi
derget
ti
nganant
ivi
rus.
b.Bl
ockspam andads
I
fy oudoaqui
cksurveyonhowv irusesenterthecomputersy
stemsofit
svict
ims,y
ouwil
lbe
amazedbytheproport
ionofvi
rusest hatusepopupadsandwebsi t
estomakethei
rwayi
nt o
yourcomput
ers.Pop-
upadsandspam websi t
esareonethemostusedgat
ewaysbythev
iruses
toinf
ecty
ourcomputerandthendamagey ourfi
l
es.
Soft
waresuchasBul
lguardI
nter
netSecuri
tyworksagai
nstthesemali
ciousvir
us-
cont
aini
ng
adsandwebsit
esbyblocki
ngthei
rdi
rectaccesstoyourcomputernet
wor k.
C.Def
enseagai
nsthacker
sanddat
athi
eves
Hackersusual
l
yuseamal wareorvi
ruspr
ogram t
oaccessthei
rvi
cti
m’ scomput er
.Theyinst
all
malwareint
othecomputerwit
houtt
heknowledgeofthevi
cti
m.Hacker sdosobysendi ng
mali
ciousemail
stothev
icti
ms.Thenthehackercaneasi
l
yhackint
ot heirdesi
redfil
esand
pr
ograms.
Aft
ert
hat,
theycanuset hev i
cti
m’sdat aaspertheirwil
l
;theycandeleteordamagei tandsteal
i
ttodemandransom lateron.Anti
mal waresuchasMal warebytesei
therputanant i
hackingl
ock,
ort
heyperf
ormregularscanst odetectthepresenceofanyhackerorhacki ngbasedprograms
i
nthecomputernet
wor k.So,anti
vi
russof t
warepr ovi
desfull
-pr
oofprotect
ionagainsthacker
s.
d.Ensur
espr
otect
ionf
rom r
emov
abl
edev
ices
Thi
nkoftheti
mesyouhavetransf
erreddat
atoandf
rom y
ourcomput
erbyusi
ngr
emov
abl
e
dev
icessuchasUSBs.Count
less,
right
?
Youmi ghthav
esuf f
eredf
rom sl
owingdowny ourcomputeroracomput ercrashaft
er
connecti
ngafriend’
sUSB.Everwonderedwhythathappened?Thatissobecauset heUSBor
removabledevi
ceservedasatransmissi
ondeviceforavi
rus.So,shoul
dy oustopusing
removabledevi
cesbecauseyouneverknowwhi chUSBmi ghtcontai
nav i
rus?
No!Justgetant
ivi
russoft
war
ethatwil
lscanal
lther
emov
abl
edev
icesf
oranypot
ent
ial
vir
uses
t
omakesur ethatnovir
usist
ransf
err
ed.
e.Pr
otect
syourdat
aandf
il
es.
Anti
vir
ussoftwarekeepsaney eonallthefi
l
est hatenteryoursystem.Al
lthosefi
l
esareput
underascantocheckf oranypecul
iari
tyormaliciousness.Vir
usescaneasil
ybetransmitt
edto
yournetwor
kv i
ainfect
edfiles,
andthese,i
nturn,canpot ent
ial
lyharmyourdataandfil
es.You
mayev ensuf
ferthecompl etel
ossofyourpreciousdat aatthehandsofsuchvir
uses.
Asol
uti
onf
rom Av
irasof
twar
emakessur
ethaty
ourdat
aandf
il
esar
eadequat
elypr
otect
ed.
f
.Fi
rewal
lpr
otect
ionf
rom spy
war
eandphi
shi
ngat
tacks.
Afir
ewall
,i
ngeneral,
monitor
sincomingandout goi
ngt r
affi
cfrom yourcomput ernet
work.
Whencoupledwit
hant i
vi
rus,f
ir
ewal
lprotect
iondoublechecksev eryfi
leorpieceofdatathat
yousendortr
ansferfr
om yourcomputervi
at heint
ernettoanothernetwork.
Thesamegoesf orthefil
esanddat athaty oureceivefr
om anext ernalnetwork.Youcan
unintenti
onallyopenadownr ightmalici
ouswebsi t
eoremai landthenf al
lpreytoaphishing
attack.Aphi shi
ngattackoccurswhent heat tackersspecif
ical
lyaimf oryourlogi
ncredenti
als,
creditcardinformati
on,oranyot herpersonalinfor
mat i
on/data.Suchanat tackcanresul
tin
subst ant
ialfi
nancial
lossorper sonall
eaks.Two- Wayf i
rewallprot
ectionfrom anti
vi
russoft
war e
suchasAv astblocksandr emov esanysuchemai l
sorf i
lesthatcanhar my ouinanysuchway .
Di
sast
er
Disast
ercanstr
ikeabusinessatanymoment .Researchshowsthatwithoutpreparat
ionand
dataprot
ecti
on,over50%ofbusinesseswil
lnotsurvi
veamaj ordi
saster.I
tiscruci
alto
assessyourI
Tinfrast
ruct
ureandunderst
andwhati nf
ormat i
onsecuri
tymeasur esyoucan
taketodecr
easethedamagecausedbyadi sast
erandr ecov
eroperat
ionsquickly
Whati
sDi
sast
erRecov
ery
?
Di
sast
err
ecover
yist
hepract
iceofantici
pati
ng,
planni
ngfor,
sur
viv
ing,
andr
ecov
eri
ngf
rom a
di
sast
ert
hatmayaff
ectabusiness.Di
saster
scanincl
ude:
Nat
uralev
ent
sli
keear
thquakesorhur
ri
canes
Fai
lur
eofequi
pmentori
nfr
ast
ruct
ure,
suchasapowerout
ageorhar
ddi
skf
ail
ure
Man-
madecal
ami
ti
essuchasacci
dent
aler
asur
eofdat
aorl
ossofequi
pment
Cy
berat
tacksbyhacker
sormal
ici
ousi
nsi
der
s
Whati
saDi
sast
erRecov
eryPl
an?
Adi
sasterr
ecover
ypl
anenablesbusi
nessestor
espondquickl
ytoadi
sast
erandtake
i
mmediateact
iontor
educedamage,andresumeoperat
ionsasqui
ckl
yaspossi
ble.
Adi
sast
err
ecov
erypl
ant
ypi
cal
lyi
ncl
udes:
Emer
gencypr
ocedur
esst
affcancar
ryoutwhenadi
sast
eroccur
s
Cr
it
icalI
Tasset
sandt
hei
rmaxi
mum al
lowedout
aget
ime
Tool
sort
echnol
ogi
est
hatshoul
dbeusedf
orr
ecov
ery
Adisast
err
ecover
yteam,t
heircontacti
nfor
mat
ionandcommuni
cat
ionpr
ocedur
es(
e.g.who
shoul
dbenoti
fi
edincaseofdisast
er)
Whyi
sDi
sast
erRecov
eryI
mpor
tant
?
Draf
ti
ngadisasterr
ecov
erypl
an,andensur
ingy
ouhav
ether
ightst
affi
npl
acet
ocar
ryi
tout
,
canhavet
hef ol
lowi
ngbenef
it
s:
Mini
mizeint
err
upt
ion–intheeventofadi
sast
er,ev
enifi
tiscompl
etel
yunexpect
ed,
your
busi
nesscancont
inueoper
ati
ngwithmini
malint
err
upt
ion.
Li
mitdamages–adi sast
erwil
linevi
tabl
ycausedamage, butyoucancont
rolt
heextentof
damagecaused.Forexampl
e,i
nhur ri
cane-
proneareas,
businessespl
antomoveallsensi
ti
ve
equi
pmentoffthefl
oorandi
ntoar oom wit
hnowi ndows.
Traini
ngandprepar
ati
on–hav i
ngadi sast
errecoverypr
ogr am i
nplacemeansyourstaf
fare
trai
nedtoreacti
ncaseofadisast
er.Thispreparat
ionwil
llowerstr
esslev
elsandgiveyour
team acl
earplanofact
ionwhenanev entoccurs.
Restorat
ionofserv
ices–havingasoli
ddisast
errecov
erypl
anmeansyoucanr est
oreall
missioncri
ti
calser
v i
cestot
heirnor
malstatei
nashortperi
odoft
ime.YourRecoveryTime
Objecti
ve(RTO)willdet
ermi
nethelongestt
imeyouarewil
li
ngtowai
tunti
lserv
iceisrestor
ed.
5.Whati
sint
ernetsecur
it
y?-Def
ini
ti
onandmeani
ng
I
nter
netsecurit
yi sat ermthatdescri
bessecurityforacti
vit
iesandtransact
ionsmadeov ert
he
i
nter
net.I
t’
sapar t
icularcomponentofthelargerideasofcy ber
securit
yandcomput ersecur
it
y,
i
nvolv
ingtopi
csi ncludingbrowsersecur
ity
,onlinebehav i
orandnetwor ksecuri
ty.Wespenda
l
argeproport
ionofourl i
vesonli
ne,andsomeoft heinter
netsecuri
tythreat
swecanencount er
i
ncl
ude:
Hacki
ng,wher
eunaut
hor
izeduser
sgai
naccesst
ocomput
ersy
stems,
emai
laccount
s,or
websi
tes.
Vir
usesormali
cioussoft
ware(
knownasmal
war
e)whi
chcandamagedat
aormakesy
stems
vul
nerabl
etoot
herthreat
s.
I
dent
it
ythef
t,wher
ecr
imi
nal
scanst
ealper
sonalandf
inanci
ali
nfor
mat
ion.
Whatar
ethemostcommoni
nter
netsecur
it
ythr
eat
s?
Toensur
eprivacyandsecuri
tyontheint
ernet
,it
’simportantt
obeawar
eofdi
ff
erentt
ypesof
i
nter
netat
tacks.Commoni nt
ernetsecur
it
ythreatsi
nclude:
Phi
shi
ng
Phishi
ngisacy ber
-at
tackinvolv
ingdisgui
sedemails.Hackerstr
ytot r
ickemailr
eci
pient
sint
o
bel
ievi
ngthatamessagei sgenuineandrel
evant–ar equestfr
om theirbankoranotefr
om a
co-worker
,forexampl
e–sot hattheycli
ckonalinkoropenanat tachment.Thegoalist
o
deceiv
epeopl ei
ntohandingovert hei
rper
sonali
nformati
onordownl oadingmalware.
Phishingisoneoft heoldestint
ernetsecuri
tyt
hreats,
dati
ngbacktothe1990s.I
thasremained
populartothisdaysinceitisoneoft hecheapestandeasi
estwaysforcr
iminal
stosteal
i
nformat i
on.Inrecentyears,phi
shingtechni
quesandmessageshav ebecomeincreasi
ngl
y
sophisti
cated.
Hacki
ngandr
emot
eaccess
Hackersarealwayslooki
ngtoexploitaprivatenetworkorsystem'svul
nerabi
l
iti
essotheycan
stealconfi
dent
ial
inf
ormationanddat a.Remot eaccesstechnologygi
vesthem anot
hertargett
o
exploi
t.Remoteaccesssoftwar
eallowsuser st
oaccessandcont r
olacomputerremotel
y–and
si
ncet hepandemic,wit
hmor epeoplewor kingremotel
y,it
susagehasi ncr
eased.
Theprotocol
whichall
owsuser stocont
rolacomputerconnectedtotheint
ernetremotel
yis
call
edRemoteDesktopProtocol,
orRDP.Becausebusinessesofallsi
zessowi del
yuseRDP,
thechancesofanimproper
lysecurednetwor
karerel
ativel
yhigh.Hacker
susedi ff
erent
techni
quest
oexploi
tRDPv ul
nerabi
l
iti
esunt
ilt
heyhaveful
laccesstoanet
workandi
tsdev
ices.
Theymaycarryoutdat
atheftt
hemselvesorel
sesel
lthecredent
ial
sonthedar
kweb.
Mal
war
eandmal
ver
ti
sing
Malwareisapor t
manteauof"mal
i
cious"and"sof
tware"
.It
'sabr
oadtermrel
atedt
ov i
ruses,
worms,tr
ojans,andotherhar
mful
programsthathacker
susetocausehavocandsteal
sensi
ti
veinfor
mat i
on.Anysoft
war
eintendedtodamageacomput er
,ser
ver,
ornet
wor kcanbe
descr
ibedasmal ware.
Malverti
singisapor t mant eauof“ malici
ous”and“ adverti
sing” .Theter
mr ef
er stoonline
advert
isi
ng, whichdi str
ibut esmal ware.Onli
neadv erti
singisacompl execosystem invol
ving
publi
sherwebsi tes,adexchanges, adservers,r
etargeti
ngnet works,
andcont entdeliv
ery
networks.Malv ert
isersexpl oitt
hiscomplexityt
opl acemal iciouscodeinplacest hatpubli
sher
s
andadnet worksdon’ talway sdetect
.Int
ernetuserswhoi nteractwithamaliciousadcoul d
downloadmal war eont ot hei rdevi
ceorber edir
ectedt omal iciouswebsit
es.
Ransomwar
e
Ransomwareisat y
peofmal
warethatpreventsyoufrom usi
ngyourcomput eroraccessi
ng
speci
ficf
il
esonyourcomput
erunl
essar ansom ispaid.I
tisoft
endist
ri
butedasat rojan–that
i
s,malwaredi
sguisedasl
egi
ti
matesoftware.Onceinstal
l
ed,itl
ocksyoursystem’sscreenor
cert
ainfi
l
esunti
lyoupay.
Becauseoftheirper
ceiv
edanony mity,r
ansomwareoper ator
st y
pical
lyspecifypaymenti
n
cry
ptocur
renciessuchasBitcoin.Ransom pri
cesvar
ydependi ngont heransomwar evar
iant
andthepri
ceorexchanger ateofdigit
alcurr
enci
es.I
tisn’tal
way sthecaset hati
fyoupay,the
cri
minal
swillrel
easetheencryptedfil
es.
Ransomwareattacksareonther
ise,
andnewr ansomwarevari
ant
scontinuetoemerge.Some
ofthemosttal
ked-aboutr
ansomwarevar
iant
si ncl
udeMaze,Cont
i,Gol
denEye,BadRabbit
,
Ji
gsaw,Locky,
andWannaCr y.
Bot
net
s
Theterm botneti
sacontr
act
ionof“
robotnetwork”
.Abotnetisanet
workofcomputer
sthat
havebeenintenti
onal
l
yinf
ect
edbymal waresotheycancarr
youtautomatedt
asksonthe
i
nternetwit
houtthepermi
ssi
onorknowledgeofthecomputers’
owners.
Onceabotnet
’sownercont
rol
syourcomput
er,
theycanusei
ttocar
ryoutmal
i
ciousact
ivi
ti
es.
Thesei
ncl
ude:
Gener
ati
ngf
akei
nter
nett
raf
fi
cont
hir
dpar
tywebsi
tesf
orf
inanci
algai
n.
Usi
ngyourmachine’
spowert
oassi
sti
nDi
str
ibut
edDeni
alofSer
vice(
DDoS)at
tackst
oshut
downwebsi
tes.
Emai
l
ingspam t
omi
l
li
onsofi
nter
netuser
s.
Commi
tt
ingf
raudandi
dent
it
ythef
t.
At
tacki
ngcomput
ersandser
ver
s.
Comput er
sbecomepar tofabotnetinthesameway sthattheyar
einf
ectedbyanyot hertypeof
malwar e–forexample,openi
ngemailattachment
st hatdownloadmalwareorvi
sit
ingwebsi t
es
i
nfectedwithmalware.Theycanalsospreadfrom onecomput ert
oanothervi
aanet wor k.The
numberofbot sinabotnetvar
iesanddependsont heabi l
i
tyofthebot
netownertoinf ect
unprotect
eddevices.
Wi
-Fi
thr
eat
s,i
npubl
i
candathome
PublicWi-Fi
car ri
esr i
sksbecausethesecurit
yont hesenetworks–i ncoffeeshops,shoppi
ng
malls,ai
rport
s, hotel
s,restaur
ants,
andsoon–i softenlaxornon-exist
ent.Thelackofsecur
it
y
meanst hatcy bercri
minalsandidenti
tythi
evescanmoni torwhatyouar edoingonli
neandsteal
yourpasswor dsandper sonali
nfor
mat i
on.Otherpubli
cWi -
Fidangersincl
ude:
Packetsnif
fi
ng–at
tacker
smoni
torandi
nter
ceptunencr
ypt
eddat
aasi
ttr
avel
sacr
ossan
unprot
ectednet
wor
k.
Man-
in-
the-middl
e-at
tacks–at
tacker
scompr
omiseaWi-
Fihotspott
oinser
tthemsel
vesint
o
communicati
onsbetweenthevi
cti
m andt
hehot
spott
oint
erceptandmodif
ydataintr
ansit
.
RogueWi-
Finetworks–attacker
ssetupahoneypotint
heform off
reeWi-
Fitoharvestv
aluabl
e
dat
a.Theatt
acker’
shotspotbecomesthecondui
tforal
ldat
aexchangedoverthenetwork.
Howt
opr
otecty
ourdat
aonl
i
ne
Ifyouarewonderinghowtoensur
eint
ernetpr
otect
ionandhowt
opr
otecty
ourdat
aonl
i
ne,
sensibl
eint
ernetsecur
it
yti
psyoucanfoll
owincl
ude:
Enabl
emul
ti
fact
oraut
hent
icat
ionwher
every
oucan
Mult
if
act
oraut hent
icat
ion(
MFA)i sanauthenti
cati
onmet hodthatasksuserstoprovi
detwoor
morever
if
icati
onmet hodstoaccessanonlineaccount.Forexample,i
nsteadofsimpl
yaski
ng
f
orausernameorpasswor d,multi
fact
orauthent
icat
iongoesf ur
therbyrequest
ingaddi
ti
onal
i
nfor
mati
on, suchas:
Anext
raone-
ti
mepasswor
dthatt
hewebsi
te'
saut
hent
icat
ionser
ver
ssendt
otheuser
'sphone
oremai
laddr
ess.
Answer
stoper
sonal
secur
it
yquest
ions.
Af
inger
pri
ntorot
herbi
omet
ri
cinf
ormat
ion,
suchasv
oiceorf
acer
ecogni
ti
on.
Multi
fact
orauthent
icati
ondecr easestheli
keli
hoodofasuccessfulcy
ber -
attack.Tomakeyour
onl
ineaccountsmor esecure,iti
sagoodi deat oi
mplementmul t
if
act
oraut henti
cati
onwher
e
possibl
e.Youcanalsoconsi derusingathir
d-part
yauthent
icat
orapp,suchasGoogl e
Authenti
cat
orandAut hy,t
ohel pwithint
ernetsecuri
ty.
Useaf
ir
ewal
l
Af i
rewall actsasabarri
erbetweeny ourcomputerandanothernet work,suchasthei nternet.
Fir
ewal l
sbl ockunwantedt r
aff
icandcanal sohelptobl
ockmal i
cioussoftwarefr
om infect i
ng
yourcomput er.Of
ten,y
ouroper at
ingsystem andsecuri
tysystem comewi t
hapre-install
ed
fi
rewall.Itisagoodideat omakesur ethosefeatur
esareturnedon, withyoursett
ings
configuredt orunupdatesautomat i
cal
ly,
tomaximizeinter
netsecur i
ty.
Choosey
ourbr
owsercar
eful
l
y
Ourbrowsersareourpri
mar ygatewaytot
hewebandt hereforeplayakeyr olei
ninter
net
securi
ty.Agoodwebbrowsershoul dbesecureandhelptoprotectyoufrom databreaches.The
Freedom oft
hePressFoundat i
onhascompiledadetai
ledguidehere,explaini
ngthesecurit
y
prosandconsoftheleadingwebbr owser
sont hemarket.
Cr
eat
est
rongpasswor
ds,
anduseasecur
epasswor
dmanager
Ast
rongpasswor
dwi
l
lhel
pyoumai
ntai
nint
ernetsecur
it
y.Ast
rongpasswor
dis:
Long–madeupofatl
east12char
act
ersandi
deal
l
ymor
e.
Ami
xofchar
act
ers–t
hati
s,upper
-andl
ower
-casel
ett
erspl
ussy
mbol
sandnumber
s.
Avoi
dstheobv
ious–suchasusi
ngsequenti
alnumbers(“
1234”)orper
sonal
inf
ormat
iont
hat
someonewhoknowsyoumightguess,
suchasyourdateofbi
rt
horapet ’
sname.
Av
oidsmemor
abl
ekey
boar
dpat
hs.
Theseday s,i
t’
snolongerenought osubstit
utelookalikecharact
ersforlet
ter
sornumbers–for
example,“P@ssw0r d”for“password”–sincehacker sarewisetoit.Themorecomplexand
i
nvolv
edy ourpasswor d,theharderi
tistocrack.Usingapasswor dmanagerwi l
lhel
p–by
gener
ating,stor
ing,
andmanagi ngally
ourpasswor dsi nonesecureonli
neaccount.
Keepyourpasswordspr
ivat
e–avoi
dshari
ngthem wit
hot
her
sorwri
ti
ngt
hem down.Tryt
o
avoi
dusingthesamepasswordf
orall
youraccount
sandr
emembert
ochangethem r
egul
arl
y.
Keepanup-
to-
dat
esecur
it
ypr
ogr
am i
nst
all
edony
ourdev
ices
Internetsecuri
tyantiv
irusiscri
ti
calforensur
ingpr i
vacyandsecur i
tyonli
ne.Thebestint
ernet
secur i
tysoftwareprotectsyoufrom dif
fer
enttypesofi nternetatt
acksandpr otect
syourdata
online.It
’simportanttokeepantivi
russoftwareupt odat e–mostmoder npr ogramsupdate
themsel vesautomat i
call
ytostayont opofthelatestinternetsecuri
tythr
eats.
6.Cr
edi
tcar
dFr
auds
Cr
edi
tcar
dfr
audrefer
stoascammerusingy ourcr
edi
tcardnumberandPINoryourst
olen
cr
edi
tcar
dforf
inanci
alt
ransact
ionsf
rom y
ouraccountandwi
thouty
ourknowl
edge.
Whenani ndivi
dualusessomeoneelsecreditcar
dinf
ormati
oni
ll
egal
l
yorf
oruninfor
med
personalspendi
ng, i
tiscl
assi
fi
edascreditcardfr
aud.Cr
edi
tcar
dscamsfal
lunderident
it
y
theftandhavebecomei ncr
easedi
noccur r
ence.
Howcr
edi
tCar
dinf
ormat
ioni
sst
olen
i
.Ski
mmi
ng.Adev
icei
spl
acedont
hecr
edi
tcar
dswi
pingmachi
newhi
chr
eadst
hecar
d
i
nfor
mat
ionasi
tisent
eredbyt
heownerdur
ingt
ransact
ion.
i
i.Dumpst
erdiv
ing.Whenyoudiscar
dy ourbi
l
lsorpay
mentsl
i
pswi t
hyourf
ull
credi
tcar
d
numberonthem .
Thi
evescanr
etri
evethesedetai
l
sandcommitf
raud.
i
ii
.Hacki
ng.Thi
evescanhackcompani
eshav i
nglar
gedat
aofcl
ient
sorfi
rmst
hatper
for
m
cr
edi
tcardpr
ocessi
ngacti
vi
ti
es.t
heywil
lthenengagei
ndatabr
eaches.
i
v.Phishi
ng.Thi
sisascam si
tuat
ionwher
econsumer
sar
eper
suadedt
odi
vul
gesensi
ti
vedat
a
andinfor
mati
onbytr
icki
ngthem.
Whati
shomenet
wor
ksecur
it
y?
Homenet worksecuri
tyr
efer
stotheprot
ecti
onofanetwor
kthatconnect
sdev
ices—suchas
rout
ers,
comput er
s,smart
phones,andWi-
Fi-
enabl
edbabymonit
orsandcameras—t
oeachother
andtotheint
ernetwit
hinahome.
Manyhomeuser
sshar
etwocommonmi
sconcept
ionsaboutt
hesecur
it
yoft
hei
rnet
wor
ks:
i
.Thei
rhomenet
wor
kist
oosmal
ltobeatr
iskofacy
ber
att
ack.
i
i
.Thei
rdev
icesar
e“secur
eenough”r
ightoutoft
hebox.
Mostattacksarenotpersonali
nnatur
eandcanoccuronanytypeofnet
work—bi
gorsmall
,
homeorbusi ness.I
fanetworkconnect
stot
heint
ernet,
iti
sinher
entl
ymorevul
nerabl
eand
suscept
iblet
oout si
dethreat
s.
Howt
oimpr
ovet
hesecur
it
yofhomenet
wor
k?
Byf ol
l
owi ngsomeofthesimplebutef
fect
ivemit
igat
iont
echni
quesbel
ow,youcansignif
icantl
y
reducetheattacksur
faceofyourhomenetworkandmakeitmoredi
ffi
cul
tforamal
iciouscy ber
actortolaunchasuccessf
ulatt
ack.
Updateyoursoft
wareregul ar
ly.Regularsoftwareupdatesareoneoft hemosteffect
ivesteps
youcantaketoimprovet heov eral
lcybersecuri
typostureofyourhomenet worksandsystems.
Besi
desaddingnewf eaturesandf unctional
ity,
softwareupdatesoftenincl
udecri
ti
calpatches
andsecuri
tyfi
xesfornewl ydiscoveredthreatsandv ul
nerabi
li
ti
es.Mostmoder nsoftware
appl
icat
ionswil
lautomaticall
ycheckf ornewl yrel
easedupdates.Ifautomatedupdatesarenot
avai
labl
e,consi
derpurchasingasof twar eprogram t
hatident
if
iesandcent r
all
ymanagesal l
i
nst
all
edsof
twar
eupdat
es.
Adjustfactory
-defaul
tconf i
gurat
ionsonsof twareandhar dwar e.Manysof twareandhar dware
productscome“ outofthebox”wi t
hov erlypermi
ssivefactory-
def aultconf
igurat
ionsintended
tomaket hem user-
fri
endlyandreducet hetroubl
eshootingt i
mef orcustomerserv i
ce.
Unfortunatel
y,thesedefaultconf
igurati
onsar enotgearedt owar dssecurit
y.Leavingthem
enabledaf t
ertheinstall
ati
onmaycr eatemor eavenuesf oranat tackertoexploit
.Usersshoul d
takestepst ohardent hedefaul
tconfigurati
onparameterst oreducev ul
nerabi
li
ti
esandpr otect
againstintr
usions.
Changedef aul
tlog-inpasswordsandusernames.Mostnet workdevi
cesar epr e-conf i
gur
edwith
defaultadmi ni
stratorpasswordstosi
mplif
ysetup.Thesedefaultcr
edentialsar enot
secure—t heymayber eadil
yavail
abl
eonthei nt
ernet
,ormayev enbephy sicallylabeledonthe
deviceitself
.Leav i
ngtheseunchangedcreatesopportuni
ti
esformalici
ouscy beract orst
ogain
unauthor i
zedaccesst oinformati
on,i
nst
allmalici
oussoft
ware,andcauseot herpr oblems.
Usestronganduni
quepasswords.Choosestr
ongpasswor
dst ohelpsecureyourdevices.
Addit
ional
ly
,donotusethesamepasswordwithmult
ipl
eaccounts.Thi
sway ,i
foneofy our
accountsi
scompromised,t
heattackerwi
l
lnotbeabl
etobreachanyot herofyouraccounts.
Installanetworkfir
ewal l
.Inst
allafi
rewal
lattheboundaryofy ourhomenet worktodefend
againstext er
nalthr
eats.Af ir
ewallcanbl
ockmalicioustr
af fi
cfrom enter
ingy ourhomenet wor
k
andal ertyoutopotentiall
ydangerousactiv
ity
.Whenpr operlyconfi
gured,itcanalsoserveasa
bar r
ierforint
ernalt
hreats,prevent
ingunwantedormal i
cioussof t
waref r
om reachingouttothe
i
nt ernet.Mostwirel
essr outerscomewi t
haconfigurabl
e, bui
lt-
innetworkfir
ewal l
thati
ncludes
additi
onalfeat
ures—suchasaccesscont rols,
web- fi
lt
ering,
anddeni al-
of-ser
vice( DoS)
defense—thatyoucant ail
ortofi
tyournet workingenv i
ronment.Keepi nmi ndt hatsomef i
rewall
featur
es,i
ncludingthefir
ewalli
tsel
f ,
maybet urnedoffbydef ault
.Ensuringthaty ourfirewalli
s
onandal lt
heset t
ingsareproperl
yconf i
guredwi l
lst
rengthenthenet worksecur it
yofy our
network.Note:yourint
ernetser
v i
cepr ovi
der(ISP)maybeabl etohel pyoudet ermi newhether
yourfir
ewallhasthemostappr opriatesetti
ngsf oryourparti
cularequipmentandenv i
ronment .
Instal
lfi
rewall
sonnet workdev ices.Inaddi ti
ont oanet workfir
ewal l
,considerinstal
li
nga
fir
ewallonallcomput ersconnect edtoy ournet work.Oftenreferr
edt oashost -orsoftwar e-
based,thesefir
ewallsinspectandf i
lt
eracomput er’
sinboundandout boundnet worktraffic
basedonapr edeter
mi nedpolicyorsetofr ul
es.Mostmoder nWi ndowsandLi nuxoperating
systemscomewi thabui l
t-
in,cust omizable,andf eatur
e-ri
chf i
rewall
.Additionall
y,mostv endors
bundletheiranti
vi
russof t
warewi thadditi
onal securit
yfeaturessuchaspar entalcontr
ols, emai
l
protect
ion,andmal i
ciouswebsi tesblocking.
Regularl
ybackupy ourdata.Makeandst ore—usingeit
herexternalmediaoracl oud-based
serv
ice—regularbackupcopi esofallval
uableinfor
mationresidi
ngony ourdevice.Consider
usi
ngat hird-
partybackupappl i
cati
on,whichcansi mpl
ifyandautomatet heprocess.Besur et
o
encryptyourbackupt oprotecttheconfi
dential
it
yandintegri
tyofyouri
nformat i
on.Dat a
backupsar ecruci
al t
omi ni
mi zethei
mpacti fthatdat
aislost,corr
upt
ed, i
nfect
ed, orstol
en.
I
ncr
easewirelesssecurit
y.Fol
lowthestepsbel
owtoincr
easethesecuri
tyofyourwirel
ess
r
out
er.Note:consul
ty ourrout
er’
sinstr
ucti
onmanual
orcontactyourI
SPf orspeci
fi
c
i
nst
ruct
ionsonhowt ochangeapar ti
cul
arset
ti
ngonyourdevi
ce.
Uset hest
rongestencrypti
onprotocol
av ai
l
able.CISAr ecommendsusi ngtheWi -
FiProtect
ed
Access3( WPA3)Per sonalAdvancedEncrypt
ionSt andard(AES)andTempor ar
yKeyIntegri
ty
Protocol(
TKIP),whi
chi scurr
entl
ythemostsecur er outerconfi
gurat
ionavail
abl
eforhomeuse.
Iti
ncorporat
esAESandi scapabl
eofusingcryptogr aphickeysof128,192,and256bits.This
standardhasbeenappr ovedbytheNationalI
nsti
tuteofSt andardsandTechnology(NIST).
Changetherout
er’
sdefaul
tadmini
str
atorpasswor
d.Changeyourr
outer
’sadmi
nist
rat
or
passwor
dt ohel
pprot
ectitfr
om anatt
ackusingdefaul
tcr
edent
ial
s.
Changethedefaultservicesetidenti
fier(SSI
D).Somet i
mesr eferr
edt oasthe“networ kname,”
anSSIDisauniquenamet hatidenti
fi
esapar ti
cularwir
elesslocalareanetwork(WLAN) .Al
l
wir
elessdevi
cesonaWi rel
essLocal AreaNet work(WLAN)mustuset hesameSSI Dt o
communicatewitheachot her.Becauset hedevice’
sdefaultSSIDtypical
l
yidenti
fi
est he
manufactur
erortheact ual devi
ce,anat t
ackercanuset hi
st oidenti
fythedevi
ceandexpl oi
tany
ofi
tsknownv ul
ner abil
it
ies.Makey ourSSI Duniqueandnott iedtoyourident
ityorlocati
on,
whichwouldmakei teasierfortheatt
ackertoi dent
if
yyourhomenet work.
DisableWi
-FiPr
otect
edSet
up(WPS).WPSprov
idessimpli
fi
edmechanismsforawi
reless
devicetoj
oinaWi-Fi
net
workwi
thoutt
heneedtoentert
hewi r
elessnet
wor
kpassword.
Howev er,adesignflawint heWPSspeci fi
cati
onf orPI
Naut henticat
ionsignifi
cantlyr
educesthe
ti
mer equiredforacy berat
tackert
obr utefor
ceanent ir
ePI N,becauseitinformst hem whenthe
fi
rsthalfoftheeight-di
gitPINiscorrect
.Manyr outer
slackapr operlockoutpol i
cyaftera
cert
ainnumberoff ail
edattemptstoguesst hePI N,makingabr ute-
for
ceat tackmuchmor e
l
ikelyt
ooccur .SeeBr uteForceAttacksConduct edbyCy berActors.
Reducewi rel
esssignal st
rengt h.YourWi -Fisignalfr
equent l
ypropagatesbey ondt heperimet er
s
ofyourhome.Thi sext endedemi ssi
onal l
owseav esdroppingbyi nt
rudersoutsidey ournet work
peri
met er.Therefore,carefull
yconsi derant ennaplacement ,ant
ennat ype,andt ransmission
powerl ev
el s.Byexper i
ment i
ngwi t
hy ourr outerpl
acementandsi gnalstr
engthl evels,y
oucan
decreaset hetransmittingcov erageofy ourWi -
Finetwork,thusreducingthisri
skof
compr omi se.Note:whi l
ethisr educesy ourr i
sk,amot i
vatedat t
ackermayst i
l
lbeabl eto
i
nterceptasi gnalthathasl imitedcov erage.
Tur
nt henetworkof fwhennoti nuse.Whi l
eitmaybei mpracti
caltoturntheWi-Fisi
gnalof
fand
onfr
equent l
y,considerdisabl
ingitduri
ngt ravelorext
endedperiodswheny ouwil
lnotneedto
beonline.Addit
ionall
y,manyr outer
soffert heoptiont
oconfigureawi r
elessschedul
ethatwil
l
aut
omat ical
lydisabl
et heWi-Fiatspeci
fiedt i
mes.Wheny ourWi -
Fiisdisabl
ed,youprevent
out
sideat t
ackersfrom beingabletoexpl oi
ty ourhomenetwork.
Disabl
eUni ver
salPlugandPl ay( UPnP)whennotneeded.UPnPi sahandyf eatur
et hatall
ows
networkeddev i
cestoseaml esslydiscov erandestabl
ishcommuni cati
onwi t
heachot heronthe
network.Howev er,
thought heUPnPf eatureeasesini
tialnetworkconfi
gur at
ion,i
tisalsoa
securi
tyri
sk.Recentlarge-scalenetwor kattacksprov
et hatmal warewithinyournetwor kcan
useUPnPt obypassyourr outer’
sfir
ewal l,
allowatt
ackerst otakecontrolofyourdev i
ces
remotely,
andspr eadmal waret ootherdev i
ces.Youshoul dtherefor
edi sabl
eUPnPunl essyou
haveaspeci fi
cneedf ori
t.
Upgradefir
mware.Checkyourroutermanuf
actur
er’
swebsitetoensur
ey ouarerunningthe
l
atestfi
rmwareversi
on.Fir
mwar eupdat
esenhanceproductperf
ormance,fi
xfl
aws, andaddress
securi
tyvul
ner
abil
iti
es.Note:
somer out
ershav
et heopt
iontoturnonautomaticupdates.
Disabl
eremot emanagement .Mostrouter
soff
ert
heopti
ontovi
ewandmodifythei
rset
ti
ngs
overtheint
ernet.Tur
nthisf
eatureofftoguar
dagai
nstunaut
hor
izedi
ndi
vi
dual
saccessi
ngand
changingyourrouter
’sconf
igurat
ion.
Monit
orf
orunknowndev i
ceconnecti
ons.Usey ourrout
ermanufactur
er’
swebsit
etomoni t
orfor
unaut
hor
izeddevi
cesj
oini
ngorattempti
ngt ojoinyournet
work.Alsoseethemanufacturer
’s
websi
tef
ortipsonhowtopreventunauthor
izeddev i
cesfr
om connecti
ngtoyournetwork.
Mi t
igateEmai l
Threat
s.Phishi
ngemai l
sconti
nuetobeoneoft hemostcommoni ni
ti
alat
tack
vectorsempl oyedbyformalwaredeli
veryandcr
edenti
alharvest
ing.Attacki
ngthehuman
element —consider
edtheweakestcomponentineverynetwork—continuestobeextremel
y
effecti
ve.Toinfectasyst
em, t
heattackersi
mplyhastopersuadeausert ocl
ickonali
nkor
openanat tachment.Thegoodnewsisthattherearemanyindi
cat
orst haty
oucanuseto
qui
cklyidentif
yaphishingemai
l.Thebestdefenseagai
nstt
heseattacksistobecomean
educatedandcautioususerandfamil
iar
izeyoursel
fwit
hthemostcommonel ementsofa
phi
shingattack.
Bl
uet
oot
hSecur
it
y
Bluetoot
hi snowawidely-
usedtechnol
ogy,
thankstoitsincl
usi
onindev i
ceslikesmartphones
andtablets.Andwhi
lewe'vegrownaccust
omedt ousingi tt
oconnectdevicestoour
earphones,cars,
andothersof
tware,Bl
uet
oothnonethelesshasit
sfairshareofvulner
abil
iti
es.
Soi
sitsaf
etouseBl
uet
oot
h?Howcanhacker
sat
tackusi
ngBl
uet
oot
h?
HowDoesBl
uet
oot
hWor
k?
I
n1989, t
hetelecommunicat
ionscompany ,Er
icsson,star
tedtoworkonawi rel
essalt
ernat
ive
t
oRS- 232ser
ialcommunicati
on.In1996,Nokiaandsi mil
arcompaniesbegantolookforshort
-
dist
anceprotocolssuchasBluet
ooth.Al
ltheseor gani
zati
onsfor
medt heBluetoot
hSpecial
I
nter
estGroup( SI
G).
General
ly,Bl
uet
ootht
echnol
ogyconsist
softhepar
entdeviceandchil
ddev i
cesconnectedto
i
t.That'
sapiconet
.Chi
lddevi
cesarewithi
n10metersoftheparentdevi
ce.Piconetsuni
te,
andcreatescat
ter
net
s.Theparentdevi
ceher
ecommuni cateswit
hthechil
ddev ices.
HowBl
uet
oot
hSecur
it
yWor
ks
Ther
ear
ethr
eebasi
csecur
it
ymodel
sint
heBl
uet
oot
hpr
otocol
:
Non-securemode:Therearenosecur
it
yapplicat
ionsi
nthi
smode.Stepssuchas
aut
henticati
on,
encrypt
ion,
andcommuni cat
ionsecuri
tyar
enotav
ail
able.
Servi
celevelsecuri
tymode:I
nthi
smode,secur
it
yisonl
yattheser
vicel
evel
.Inot
herwords,
evenifanapplicat
ionusi
ngthesecur
eser
vicei
srel
ati
vel
ysecur
ewhencommuni cat
ing,
ther
e
i
snoext raprotect
ion.
Li
nk-l
evelsecuri
tymode:Thi
smodewor ksattheconnecti
onl
evel,
unl
iket
heot
hers.The
pur
poseher eistopr
eventunaut
hor
izedaccessandtotrytof
ull
yprot
ectt
hesy
stem.
EachBl
uet
oot
hser
vicehasasecur
it
ymodebasedoni
t,andpr
ovi
dessecur
it
ywi
tht
hree
l
evel
s.Someser v
icesmayuseauthori
zati
onandaut
hent
icat
ion,whil
eother
smayonlyuse
aut
henti
cat
ion.Therear
etwodif
ferentsecur
it
ymodel
sfordevicesusi
ngthi
spr
otocol
.
Inaddit
ion,di
ffer
entsecur
it
ylev
elsar
edefinedforbothdevi
cesandser
vicesi
ntheBl
uet
oot
h
securi
tyarchi
tectur
e.Ther
earetwosecur
it
yl ev
elsfordevi
ces:
Secure:Thesear
edevicesthaty
ou'veprevi
ouslyest
abli
shedanypersi
stentconnect
iont
o.
Theyhav eunl
imit
edaccesstoallser
vicesaslongastherear
enolimit
ationsatthe
appl
icati
onlayer
.
Unsafe:Devicesyouhavenothadanyconnect
iont
oorcommunicati
onwit
hbeforeareint
his
category
.Inaddit
ion,t
hesedevi
cesaresometi
mesdescr
ibedasri
skyandunsaf
ef orot
her
reasons,ev
eni fy
ouconnecttothem.
.
Howt
oincr
easeBl
uet
oot
hSecur
it
y
Avoidstor
ingyourcrit
icalinfor
mation—suchassoci alsecur
it
ynumber s,
identi
tyi
nf or
mation,
seri
alnumbers,passwor ds,andcreditcardi
nformation—onyourBluet
ooth-enabl
eddev i
ces.If
youdot hi
sanyway ,
atleastmakesur ethosearestoredonsandboxedservicesusingcompl ex
passwordsandextralayersofv er
ifi
cationli
keTwo-FactorAuthent
icat
ion(2FA).
I
fyouar
egoingtoconnectwi
thadevicevi
aBluet
ooth,
maket hisconnect
ioni
nasaf
epl
ace.
Thi
swil
lli
mitt
henumberofpotent
ial
intr
uder
sinyourvici
nit
y..
Possi
bleexpl
oit
sfr
om av
ulner
abl
eBl
uet
oot
hdev
icei
ncl
udes:
Maki
ngcal
lsort
ext
s.
Vi
ewi
ng,
modi
fyi
ng,
orupdat
ingf
il
es.
I
nter
fer
ingwi
thmedi
athatmaycont
ainsensi
ti
vecont
entsuchasphot
os,
videos,
oraudi
o.
Dat
athef
tort
hef
tofmat
eri
alv
alue.
Di
spl
ayi
ngsomet
hingof
fensi
veont
hedev
ice.
Whyi
smobi
lesecur
it
yimpor
tant
?
Thef ut
ureofcomput ersandcommunicati
onlieswi t
hmobi l
edevices,suchasl apt
ops,tabl
ets
andsmar t
phoneswithdesktop-
computercapabili
ti
es.Thei
rsize,
oper ati
ngsystems,
appl
icati
onsandpr ocessingpowermakethem idealtousefrom anypl acewithanint
ernet
connection.Andwiththeexpansi
onofruggedizeddev i
ces,
theInternetofThings(I
oT)and
operati
ngsy st
ems,suchasChr omeOS, macOSandWi ndows10, everypieceofhardware
that
'senhancedwitht hi
ssoftwar
eandcapabilit
iesbecomesamobi lecomput i
ngdevice.
Becausemobi l
edeviceshavebecomemor eaffor
dableandportabl
e,or
ganizati
onsandusers
havepreferr
edtobuyanduset hem overdeskt
opcomputers.Andwithubiqui
touswirel
ess
i
nternetaccess,
allv
ariet
iesofmobil
edev i
cesarebecomingmor evul
nerabl
etoattacksand
databreaches.
Authenticationandaut hor
izat i
onacr ossmobi l
edev i
cesof f
erconv enience,
buti ncr
easerisk
byremov ingasecuredenter priseperimeter’
sconst r
aints.Forexampl e,asmar t
phone’s
capabili
tiesareenhancedbymul t
i-
touchscreens,gyroscopes, acceler
ometer s,
GPS,
microphones, mult
i-
megapi xelcamer asandports,al
lowi ngt heattachmentofmor edevi
ces.
Thesenewcapabi l
it
ieschanget hewayuser sareaut henticatedandhowaut hori
zati
onis
provi
dedl ocal
lytothedeviceandt heapplicat
ionsandser vicesonanet work.Asar esul
t,the
newcapabi li
ti
esarealsoincr easingthenumberofendpoi ntsthatneedpr otecti
onf r
om
cybersecur i
tythr
eats.
Todaycy bercr
iminal
scanhacki nt
ocars,
securi
tycamer as,
babymoni torsandimplanted
healt
hcaredev i
ces.Andby2025, t
her
ecouldbemor et
han75bi l
li
on“ t
hings”connectedtothe
i
nternet—i ncl
udingcameras,ther
mostat
s,doorlocks,
smar tTVs,heal
thmoni t
ors,l
ighti
ng
fi
xturesandmanyot herdevices.
Mobi
lesecur
it
ythr
eat
s
Whi l
eit'
scer tai
nlycri
ti
caltoest abli
shandenf or
ceanent erpri
se-widesecuritypoli
cy,apol
icy
aloneisn'tsuffi
cientt
ocount erthev ol
umeandv ari
etyoft oday'smobilethreats.In2019,
Verizonconduct edast udy( PDF, 77KB, l
inkresi
desout sideofi bm.com)wi t
hl eadingmobil
e
securit
ycompani es,i
ncludingIBM, LookoutandWander a,surveyi
ng670secur it
y
professionals.Thestudyf oundt hat1outof3oft hosesur veyedr epor
tedacompr omise
i
nv olvi
ngamobi l
edev i
ce.47%sayr emedi at
ionwas" di
fficultandexpensive,"and64%say
theysuf f
ereddownt ime.
Andcompani esembr acingbring-
your-
own-dev i
ce(BYOD)pol i
ciesal
soopent hemselvest o
highersecurityrisks.Theygivepossiblyunsecureddevicesaccesstocor por
ateserv
er sand
sensit
ivedat abases, openingthem t
oat t
ack.Cy ber
cri
mi nal
sandf r
audsterscanexploitthese
vulner
abili
ti
esandcausehar m ordamaget ot heuserandt heorgani
zati
on.Theyseekt rade
secrets,
insiderinf or
mat ionandunauthori
zedaccesst oasecur enetworktofindanythingthat
couldbepr ofitable.
Phi
shi
ng
Phishi
ng—t henumber -
onemobil
esecurit
yt hr
eat—isascammi ngattemptt ost
ealuser
s’
credent
ial
sorsensi
tivedat
a,suchascreditcardnumbers.Fr
audster
ssenduser semail
sor
shortmessageservi
ce(SMS)messages( commonl yknownastextmessages)designedto
l
ookast houghthey
’recomingfr
om alegit
imatesource,usi
ngfakehyperl
inks.
Mal
war
eandr
ansomwar
e
Mobil
emalwareisundetectedsoftware,suchasamalici
ousapporspy ware,
creat
edto
damage,di
sruptorgaini
ll
egit
imateaccesst oacli
ent
,comput er
,ser
verorcomputernet
wor
k.
Ransomware,aform ofmalware,thr
eatenstodest
royorwithhol
dav i
cti
m’sdataorfi
les
unl
essaransom ispaidtodecryptfi
lesandrest
oreaccess.
Cr
ypt
ojacki
ng
Crypt
ojacki
ng,afor
m ofmalwar e,
usesanorganizati
on’scomput i
ngpowerori
ndi
vidual
’
s
computerpowerwithoutt
heirknowledgetominecryptocurr
enciessuchasBi
tcoi
nor
Ether
eum, decr
easi
ngadev i
ce’sprocessi
ngabil
it
iesandeffecti
veness.
Unsecur
edwi
fi
Unsecuredwif
ihotspotswit
houtav ir
tualpr
ivatenetwor k(VPN)makemobi l
edev i
cesmor e
vul
nerablet
ocyberatt
ack.Cybercri
minalscani nt
ercepttraff
icandstealpri
vatei
nformation
usi
ngmet hodssuchasman- in-
the-middl
e(Mi t
M)at tacks.Cybercr
iminal
scanal sodeceive
user
sintoconnecti
ngtoroguehot spots,makingiteasiertoextr
actcorporateorpersonaldat
a.
Out
dat
edoper
ati
ngsy
stems
Olderoperati
ngsy stems(OS)usuall
ycontai
nvulner
abil
iti
esthathavebeenexploi
tedby
cybercri
minals,anddevi
ceswi t
houtdat
edOssr emainv ul
nerabl
etoattack.Manuf
actur
er
updatesoftenincludecri
ti
calsecur
it
ypatchest
oaddr essv ul
ner
abil
it
iesthatmaybeacti
vel
y
exploi
ted.
Excessi
veappper
missi
ons
Mobil
eappshav ethepowert ocompr omisedat
apriv
acythroughexcessiveapppermissi
ons.
Apppermissi
onsdet er
mineanapp’ sfuncti
onal
it
yandaccesstoauser ’sdevi
ceandfeatur
es,
suchasit
smi crophoneandcamer a.Someappsar eri
ski
erthanothers.Somecanbe
compromised,andsensit
ivedatacanbef unnel
edthr
oughtountrustworthyt
hirdpar
ti
es.
Under
standi
ngOSSecur
it
y:Thr
eat
sandSecur
it
yCont
rol
s
Whati
sOSSecur
it
y?
Theterm operat
ingsystem (
OS)securi
tyrefer
stopract
icesandmeasur
est
hatcanensur
ethe
conf
identi
ali
ty,i
ntegr
it
y,andavai
labi
li
ty(CIA)ofoper
ati
ngsystems.
ThegoalofOSsecuri
tyi
stoprot
ecttheOSfr
om vari
ousthr
eats,i
ncl
udi
ngmalicioussof
twar
e
suchasworms,t
rojansandot
hervi
ruses,
misconf
igur
ati
ons,andremot
eint
rusions.
OSsecur
ityt
ypi
cal
lyi
nvol
vest
heimplement
ati
onofcontr
oltechni
quest
hatcanpr
otecty
our
asset
sfr
om unaut
hor
izedmodi
fi
cat
ionanddel
eti
onortheft
.
Themostcommont echniquesusedtopr
otectoper
atingsyst
emsincl
udet heuseofantiv
irus
soft
wareandot herendpointprot
ecti
onmeasures,r
egularOSpatchupdates,afi
rewal
lfor
monitor
ingnetworktraff
ic,andenfor
cementofsecureaccessthr
oughleastpri
vi
legesand
usercontr
ols.
Thi
sispar
tofourser
iesofar
ti
clesaboutsandboxi
ng.
Whatar
eCommonOSSecur
it
yThr
eat
s?
Her
ear
eaf
ewoft
hemostcommont
hreatv
ect
orst
hatcanaf
fectanoper
ati
ngsy
stem.
Mal
war
e
Malwareisshortf
ormal i
cioussoftware,
whichencompassesar angeofattackv ector
ssuch
asvir
uses,worms,tr
ojans,androotkit
s.Malwarei
sinjectedint
oasy stem withouttheowner’s
consent
,orbymasquer adi
ngasl egit
imatesoft
ware,withtheobjecti
veofstealing,destr
oyi
ng
orcor
rupt
ingdat
a,orcompr
omi
singt
hedev
ice.
Malwarecanalsorepli
cate,all
owingittospreadfur
therinacor poratenetworkandbey ond.
Malwareatt
acksof t
engoundet ectedbythet ar
getuser,al
lowingf orthequi
etextracti
onof
sensi
ti
vedata.Inothercasesattackerssi
lentl
y“her
d”compr omi seddev i
cesint
obot netsand
usethem f
orcriminalact
ivi
tiessuchasdistri
buteddenialofservices(DDoS)attacks.
Deni
alofSer
viceAt
tacks
ADeni
alofServi
ce(DoS)at t
ackisint
endedtoclogasystem wi
thfakerequestssoitbecomes
ov
erl
oaded,andeventual
lystopsservi
nglegi
ti
materequest
s.SomeDoSat t
acks,inaddit
iont
o
ov
erwhel
mingasy stem’sresour
ces,cancausedamaget otheunderl
yi
nginfrast
ructur
e.
ModernDoSattacksar
ewagedbyadistri
butednet
workofthousandsormil
li
onsofbot
s
(aut
omatedagents)
—thi
sisknownasdist
ribut
eddeni
alofservi
ce(DDoS)
,andcanbe
extr
emel
ydiff
icul
ttomiti
gat
eduetoit
shugescale.
Anexampl eofaDoSattackistherepeat
eduseofsystem r
equest
sinati
ghtl
oop,ora“
syn
fl
ood”inwhichtheat
tackersendsalargenumberofnetworkr
equest
s,r
equi
ri
ngtheser
vert
o
acknowledgeeachone,andexhausti
ngitsr
esour
ces.
Net
wor
kInt
rusi
on
Networ
kintr
usionoccur
swhenanindi
vi
dualgainsaccesstoasyst
em f
ori
mpr
operuse.Ther
e
ar
eseveralt
ypesofnetwor
kint
rusi
ondependi
ngont hetypeofi
ntr
uder
:
Carel
essi
nsider
s—authori
zeduserswhonegl
ectt
ofol
lowsecur
it
ypol
ici
esorbestpr
act
ices,
causi
ngexposureofsensi
ti
veassets.
Mal
ici
ousi
nsi
der
s—aut
hor
izeduser
swhomi
suset
hei
rpr
ivi
legesf
ormal
ici
ousi
ndi
gence.
Masquerader
s—externalindi
vi
dual
swhoposeaslegit
imateuser
s,expl
oit
ingt
heaccountor
cr
edenti
alsofanauthorizedusert
ogai
naccesst
ot hesystem.
Clandesti
neusers—at
tackerswhopenet
rat
ethesy
stem bygai
ningsuper
visor
ycont
roland
goingaroundaccesscontrol
s.
Buf
ferOv
erf
low
Themainfunct
ionofabuf f
eristotemporar
il
ystoredata.Eachbufferhasacapacit
yofdatai
t
canhol
d.Duri
ngabuf ferover
fl
owat t
ack,t
hebufferorothertemporarydatast
oresare
over
fl
owingwit
hdat a.Whenthebufferov
erfl
ows,theprogram att
empt i
ngtowrit
ethedata
mayoverwri
teothermemor yl
ocati
onscontaini
ngimportantinf
ormation.
Threatact
orsl
ookf orbuf
ferover
fl
owv ul
ner
abi
li
ti
es,
whi
cht
heycanexpl
oitt
oinj
ectscr
ipt
s
thathel
pthem hi
jackthesyst
em orcr
ashit.
HowCanYouEnsur
eOper
ati
ngSy
stem Secur
it
y?
Her
ear
eaf
ewway
syoucani
mpr
oveoper
ati
ngsy
stem secur
it
yiny
ouror
gani
zat
ion.
Aut
hent
icat
ionMeasur
es
Authenti
cati
oninvolv
esmat chi
nganident
if
ieduserwiththeprogr
amsordat
atheyar
e
al
lowedt oaccess.Alloperati
ngsyst
emshav econtr
olsthatcanbeusedt
overi
fyt
hatuser
s
whor unaparti
cularprogram areaut
hori
zedtodoso.
Youcanuset
hef
oll
owi
ngt
echni
quest
oaut
hent
icat
euser
satt
heoper
ati
ngsy
stem l
evel
:
Secur
it
ykeys:keysarepr
ovidedbyakeygener
ator
,usual
lyi
nthef
orm ofaphy
sicaldongl
e.
Theusermustinser
tthekeyint
oasloti
nthemachinetologi
n.
User
name-passwordcombinat
ions:Theuserent
ersauser
namet
hati
sregi
ster
edwi
tht
heOS,
al
ongwit
hamat chi
ngpassword.
Bi
ometri
csi
gnat
ures:Theuserscansaphy
sicalat
tri
but
e,suchasaf
inger
pri
ntorr
eti
na,
to
i
dent
if
ythemsel
ves.
Mult
i-
fact
orauthenti
cati
on:Modernauthent
icati
onsy stemsusemult
iplemet
hodstoident
if
ya
user
,combiningsomethi
ngtheuserknows( credent
ials),
somethi
ngtheyown(suchasa
mobil
edevice),and/
oraphysi
calcharact
eri
stic(bi
omet ri
cs)
.
Usi
ngOne-
TimePasswor
ds
One-
ti
mepasswor
dsof
feranaddi
ti
onall
ayerofsecur
it
ywhencombi
nedwi
thst
andar
d
aut
hent
icat
ionmeasures.User
smustent
erauniquepasswor
dgener
atedeacht
imet
heyl
og
i
ntothesystem.Aone-t
imepasswor
dcannotbereused.
Exampl
esofone-
ti
mepasswor
dsi
ncl
ude:
Networkpasswor
ds:Anappl
icat
ionsendsaone-ti
mepasswordtotheusersvi
aar
egi
ster
ed
emailaddr
essormobil
ephonenumber .Theusermustent
ert
hispasswordtol
ogi
ntothe
computer.
Random number
s:Theuserr
ecei
vesacar
dwithl
ist
ingnumber
sthatcor
respondt
omatchi
ng
l
etter
s.TheOSrequi
rest
heusert
oentert
henumbersthatmat
chasetofrandoml
ygener
ated
l
etter
s.
Secr
etkeys:Theuserr
ecei
vesadevi
cethatgener
atessecr
etkeys.Theuserthenent
ersthe
secr
etkeyint
otheOSsy st
em,whi
chident
if
iestheusercr
edent
ialsassoci
atedwit
hthekey.
Vi
rt
ual
izat
ion
Vir
tual
izati
onenabl
esy outoabstractsoftwaref r
om hardware,
effect
ivel
ysepar atingthetwo.
Themai nadvant
ageofv i
rt
uali
zati
oni sthatitintr
oducesahighlevelofeffi
ciencyand
fl
exibi
li
ty,
whil
eprovidi
nggreatersecuri
tycov erage.Therear
emanyt ypesofv ir
t uali
zati
on,
i
ncludi
ngdesktop,appl
icat
ion,network,server,networ
k,stor
age,andOSv ir
tualization.
Whati
sOSv
irt
ual
izat
ion?
OSvirt
uali
zati
onenablesyoutomult
iplei
solat
eduserenvir
onmentsusingthesameOSker nel
.
Thetechnol
ogyt hatcr
eat
esandenablesthi
stypeofi
solati
oniscal
leda“ hy
pervi
sor
”,whi
ch
ser
vesasal ayerlocat
edbet
weenthedeviceandthevi
rtual
izedr
esources.
Thehyper
v i
sormanagesthevir
tualmachi
nes(VM)runningonthedevi
ce(ty
pical
ly2-
3Vms) .
EachVM isusedforeachuseroreachsecur
it
yzone.Therearesev
eralt
ypesofVMst hatcan
runal
ongsideeachother
.Herearethethr
eemaincategori
es:
Ful
lyl
ocked-
downVM
Shouldbeusedtopr
ovideaccesstosensit
ivedataandcor
porat
esy
stems,
suchasI
T
envi
ronments,
paymentsyst
ems, andsensi
tivecust
omerdata.
Unl
ocked,
openVM
Shoul
dbeusedtoprovi
deunrestr
ict
edaccesstonon-cor
por
ater
esources.Forexampl
e,f
ull
webbrowsi
ngsessi
ons,i
nst
allat
ionofappl
icat
ions,
anduseofext
ernaldevices.
Semi
-l
ocked-
downVM
Shouldbeusedt
opr ov
ideaccesstostandardcorporat
eappl
icat
ionsandr
esour
ces,
suchas
off
icedocument
s,companyemai l
,andinter
nalservi
ces.
Adv
ant
agesofOSv
irt
ual
izat
ion
EachtypeofVM isl
imitedt
otheacti
onsallowedbydesign.Anyfurt
heracti
onisrest
ri
cted.
Thiskeepstheenvi
ronmentsecur
e.Thehypervi
sorrunsbelowtheOSoft hedevi
ceandsplit
s
thedevicei
ntomult
ipleVMsrunni
nglocal
lywiththei
rownOS—ef fect
ivel
yisol
ati
ngusers.
Becausetheuser
sarei
solat
ed,thedev
icesremai
nsecure.Thi
sensur
esthatempl
oyeesand
thi
rdpart
iescangai
naccesstocompanyresour
ceswit
houtendanger
ingcompanyresour
ces.
Anothermajoradvant
ageofOSvi
rtuali
zati
onisthatnoneofthevi
rt
ual
izedenvironment scan
di
rectl
yaccessthenetwor
k.I
nst
ead, connect
ivi
tyi
senabledviaani
nvi
sibl
e,vir
tualized
networkl
ayerthatimpl
ement
snetwor ksegmentati
ondir
ectl
yontheendpointdevice.
Whati
sacy
berat
tack?
Acy
berat
tacki
sanyat
temptt
ogai
nunaut
hor
izedaccesst
oacomput
er,
comput
ingsy
stem
orcomputernet
workwit
ht hei
ntentt
ocausedamage.Cyberatt
acksaimtodisabl
e,di
srupt,
dest
royorcontr
olcomputersy
stemsortoalt
er,
block,
del
ete,manipul
ateorst
ealthedata
hel
dwithi
nthesesyst
ems.
Anyindi
vi
dualorgr
oupcanl
aunchacy
berat
tackf
rom any
wher
ebyusi
ngoneormor
evar
ious
at
tackstr
ategi
es.
Gov er
nment-sponsoredgr oupsofcomput erexper
tsal
solaunchcyberattacks.They'
re
i
dent i
fi
edasnat i
on-stateattackers,andtheyhavebeenaccusedofattackingtheinf
ormat i
on
technology(
IT)infr
astructureofot hergovernment
s,aswellasnongovernmentent i
ti
es,such
asbusinesses,nonprofit
sandut i
li
ties.
Whydocy
berat
tackshappen?
Cyberat
tacksar
edesi
gnedt
ocausedamage.Theycanhav
evar
iousobj
ect
ives,
incl
udi
ngt
he
fol
lowi
ng:
Financi
algai
n.Cybercri
minalsl
aunchmostcyberat t
acks,especial
lythoseagainst
commer ci
alenti
ti
es,forfi
nanci
algai
n.Theseattacksoftenaimtost ealsensi
ti
vedata,such
ascustomercreditcardnumbersoremployeepersonalinformati
on,whichthecy ber
cri
minal
s
thenusetoaccessmoneyorgoodsusi ngthevicti
ms' i
dent i
ti
es.
.
Otherfinanciall
ymot i
vatedatt
acksaredesignedtodi
sablecomputersyst
ems, wit
h
cybercri
mi nalslocki
ngcomput er
ssoowner sandauthor
izeduserscannotaccessthe
appli
cationsordat atheyneed;att
acker
st hendemandthatthetar
getedorgani
zati
onspay
them ransomst ounlockthecomputersystems.
Sti
ll
,ot
herat
tacksai
mt ogai
nval
uabl
ecorporatedat
a,suchaspropr
iet
yinf
ormati
on;
these
ty
pesofcyberatt
acksareamoder
n,computeri
zedfor
m ofcorpor
ateespi
onage.
Disrupti
onandrevenge.Badact or salsolaunchatt
acksspecifi
call
ytosowchaos, confusion,
discontent
,fr
ustr
ationormi str
ust .Theycouldbetaki
ngsuchact ionasawayt ogetr evenge
foractstakenagainstthem.Theycoul dbeaimingtopubli
clyembar rasstheat
tackedent i
ti
es
ortodamaget heor ganizat
ions'reputati
ons.Theseatt
acksareof tendir
ectedatgovernment
entit
iesbutcanalsohitcommer cialenti
ti
esornonprofi
torganizati
ons.
Nation-
stateat
tacker
sar ebehi
ndsomeoft hesetypesofattacks.Ot
hers,
call
edhackt
ivi
sts,
mightlaunchthesetypesofatt
acksasaf or
m ofprotestagainstt
hetar
getedent
it
y;a
secreti
vedecentr
ali
zedgroupofint
ernat
ional
istacti
vi
stsknownasAnony mousisthemost
wellknownofsuchgr oups.
I
nsi
dert
hreat
sar
eat
tackst
hatcomef
rom empl
oyeeswi
thmal
ici
ousi
ntent
.
Cyberwarf
are.Gover
nment sar
oundt heworldarealsoinvolvedincyberatt
acks,withmany
nati
onalgovernmentsacknowledgi
ngorsuspect edofdesigningandexecutingatt
acks
agai
nstothercountr
iesaspartofongoingpolit
ical
,economicandsoci aldi
sputes.These
ty
pesofat t
acksareclassi
fi
edascy berwar
fare.
Howdocy
berat
tackswor
k?
Thr
eatactor
susev ar
ioustechniquestol
aunchcyberatt
acks,dependi
ngi
nlar
gepar
ton
whethert
hey'
reat
tackingatargetedoranuntar
getedenti
ty.
Inanunt ar
getedattack,wherethebadact or
saretryi
ngt obreakint
oasmanydev i
cesor
systemsaspossi bl
e, t
heygener al
lyl
ookforvul
nerabil
it
iesinsoft
war ecodethatwil
lenable
them togainaccesswi thoutbeingdetect
edorblocked.Or,t
heymi ghtemployaphishing
attack,email
ingl
argenumber sofpeoplewit
hsociall
yengineeredmessagescr af
tedtoentice
recipi
entstocli
ckal i
nkt hatwil
ldownloadmali
ciouscode.
Inatar
getedattack,t
hethreatactorsar
egoingaf t
eraspecif
icorgani
zat
ion,andthemet hods
usedvarydependingontheattack'sobj
ect
ives.Thehackti
vi
stgroupAnony mous,forexampl e,
wassuspectedina2020di str
ibuteddeni
al-
of-ser
vice(
DDoS)attackontheMi nneapoli
sPolice
Depart
mentwebsi teaft
eraBlackmandi edwhi l
ebeingar
restedbyMinneapolisoff
icer
s.
Hackersalsousespear-phi
shingcampai gnsinatarget
edattack,craf
ti
ngemail
stospecif
ic
i
ndivi
dualswho,iftheycli
ckincludedli
nks,woulddownloadmal i
cioussof
twar
edesignedto
subver
ttheorganizati
on'stechnologyorthesensi
ti
vedataitholds.
Cybercrimi
nal
softencreatethesof
twaret
ool
stousei
nthei
rat
tacks,
andt
heyf
requent
ly
sharethoseontheso-
calleddarkweb.
Cyberatt
acksoftenhappeninstages,starti
ngwi thhacker
ssurv
eyingorscanningfor
vul
nerabi
li
ti
esoraccesspoints,
init
iati
ngt heinit
ialcompromi
seandt henexecuti
ngthef
ull
att
ack--whetherit
'sst
eal
ingval
uabl edata,disabli
ngthecomputersystemsorboth.
I
nf act,mostorganizati
onst akemont hstoidenti
fyanat tackunder wayandt hencont ainit
.
Accordingtothe" 2022CostofaDat aBreach"reportfrom IBM, organizat
ionswi thful
ly
deployedarti
fi
cialintel
li
genceandaut omat i
onsecur i
tytoolstookanav er
ageof181day sto
i
dent i
fyadatabr eachandanot her68day stocont ai
nit,foratotalof249day s.Organizati
ons
withparti
all
ydepl oyedAIandaut omat i
ontookat otalof299day stoidentif
yandcont aina
breach,whil
ethosewi t
houtAIandaut omat i
ontookanav erageof235day st oident
ifya
breachandanot her88day st ocontai
ni t
,foratotalof323day s.
Whatar
ethemostcommont
ypesofcy
berat
tacks?
Cy
berat
tacksmostcommonl
yinv
olv
ethef
oll
owi
ng:
Malwareismali
cioussoftwarethatatt
acksinf
ormationsystems.Ransomwar e,
spywareand
Troj
ansareexamplesofmal ware.Dependi
ngont hetypeofmal i
ciouscode,malwarecoul
dbe
usedbyhackerstostealorsecret
lycopysensit
ivedata,
blockaccesstofil
es,di
sruptsyst
em
operat
ionsormakesy st
emsi noperabl
e.
Phishingoccurswhenhacker ssociall
yengineeremailmessagest oenti
cerecipientstoopen
them.Themessagest r
ickr ecipi
entsintodownloadingthemal warewit
hintheemai lbyeit
her
openinganat t
achedfil
eorembeddedl ink.The"2022Stateoft hePhi
sh"reportfrom
cybersecuri
tyandcompl iancecompanyPr oofpointf
oundt hat83%ofsurveyrespondentssaid
thei
ror gani
zati
onexperiencedatl eastonesuccessfulphishingatt
ackin2021, up46%ov er
2020.Mor eover,t
hesurveyal sorevealedthat78%ofor ganizat
ionssawanemai l
-based
ransomwar eattacki
n2021.
SMiShing(al
socal l
edSMSphi shi
ngorsmishing)i
sanev ol
utionofthephishingattack
methodologyvi
at ext(t
echnicall
yknownasShor tMessageSer vi
ce,
orSMS) .Hackerssend
soci
all
yengineeredtextsthatdownloadmalwar ewhenreci
pientscl
ickont hem.Accordingto
theProofpoi
ntreport,
74%ofor gani
zat
ionsexperi
encedsmishingattacksin2021,upf r
om
61%in2020.
Man- i
n-t
he-middl
e,orMitM, occurwhenat t
acker
ssecret
lyinser
tthemsel vesbet
weent wo
parti
es,suchasindiv
idualcomput erusersandt hei
rfi
nanci
alinsti
tuti
ons.Dependingont he
actualatt
ackdetai
ls,t
hist y
peofat tackmaybemor especi
fical
lyclassi
fi
edasaman- i
n-the-
browserattack,monster
-in-t
he-middleattackormachi
ne-i
n-the-
middleattack.Mi
tMi salso
somet i
mescal l
edaneav esdroppingattack.
DDoSt akepl
acewhenhacker
sbombar
danor
gani
zati
on'
sserver
swit
hlargev
olumesof
simult
aneousdat
arequest
s,t
her
ebymaki
ngt
heser
versunabl
etohandl
eanylegi
ti
mate
requests.
SQLinj
ect
ionoccur
swhenhackersinser
tmali
ciouscodei
ntoserver
susingt
heStr
uct
ured
Quer
yLanguageprogr
amminglanguagetogettheserv
ert
orevealsensi
ti
vedat
a.
Zero-dayexploi
thappenswhenhacker sfi
rstexploitanewl yidenti
fi
edv ul
nerabi
li
tyinIT
i
nfrastruct
ure.Forexample,
aseriesofcri
ticalvulner
abili
ti
esi nawi del
yusedpieceofopen
sourcesoftware,theApacheLog4jProj
ect,wasr eportedinDecember2021, wit
ht henews
sendingsecurit
yteamsator gani
zati
onswor ldwidescrambl i
ngt oaddressthem.
Domainnamesy
stem (
DNS)tunneli
ngisasophist
icat
edat t
ackinwhichatt
ackersest
abl
i
sh
andt
henuseper
sist
entl
yav
ailabl
eaccess--oratunnel-
-intot
heirt
arget
s'syst
ems.
Dri
ve-by,
ordri
ve-bydownl
oad,
occur
swhenanindi
vi
dualv
isi
tsawebsi
tet
hat
,int
urn,
inf
ect
s
theunsuspect
ingindi
vi
dual
'
scomputerwi
thmal
ware.
Credential
-basedatt
ackshappenwhenhackersstealthecredenti
alsthatI
Tworker
suseto
accessandmanagesy stemsandthenusethati
nformationtoill
egall
yaccesscomput
erst
o
stealsensiti
vedataorot
herwisedi
sruptanor
ganizati
onandi tsoperati
ons.
Credent
ialst
uff
ingt
akesplacewhenatt
ackersusecompromi
sedl
ogi
ncr
edent
ial
s(suchas
anemailandpassword)t
ogainaccesstoothersy
stems.
Brute-
forceatt
ackinwhichhacker
sempl
oytri
al-
and-
err
ormethodstocr
acklogi
ncr
edenti
als
suchasuser names,passwor
dsandencr
ypt
ionkeys,
hopingt
hatthemult
ipl
eatt
emptspayoff
witharightguess.
.
Howcany
oupr
eventacy
berat
tack?
Ther
eisnoguar
anteedwayforanyorgani
zati
ontopr
eventacy
berat
tack,butt
hereare
numerouscy
ber
securi
tybestpr
act
icesthator
gani
zat
ionscanf
oll
owtoreducetheri
sk.
Reduci
ngtheri
skofacy berat
tackrel
iesonusi
ngacombi
nat
ionofski
ll
edsecur
it
y
prof
essi
onal
s,processesandtechnol
ogy.
Reduci
ngr
iskal
soi
nvol
vest
hreebr
oadcat
egor
iesofdef
ensi
veact
ion:
pr
event
ingat
tempt
edat
tacksf
rom act
ual
lyent
eri
ngt
heor
gani
zat
ion'
sITsy
stems;
det
ect
ingi
ntr
usi
ons;
and
di
srupt
ingat
tacksal
readyi
nmot
ion-
-ideal
ly
,att
heear
li
estpossi
blet
ime.
Bestpr
act
icesi
ncl
udet
hef
oll
owi
ng:
i
mplementi
ngper
imet
erdef
enses,suchasfi
rewal
ls,
tohel
pbl
ockat
tackat
tempt
sandt
o
bl
ockaccesst
oknownmali
ciousdomains;
adopti
ngazerotrustfr
amework,whi
chr
equi
resever
yatt
emptt oaccessanorgani
zati
on'
s
networkorsy
stems- -whet
heri
tcomesfr
om ani
nter
naluserorfr
om anothersy
stem -
-to
ver
ifyi
tcanbetrusted.
usi
ngsoft
waretoprotectagainstmalwar
e,namel
yant
ivi
russof
twar
e,t
her
ebyaddi
nganot
her
l
ayerofpr
otect
ionagainstcyberatt
acks;
havi
ngapatchmanagementpr
ogr
am t
oaddr
essknownsof
twar
evul
ner
abi
li
ti
est
hatcoul
dbe
expl
oit
edbyhacker
s;
set
ti
ngappr
opr
iat
esecur
it
yconf
igur
ati
ons,
passwor
dpol
ici
esanduseraccesscont
rol
s;
mai
ntai
ningamoni
tor
inganddet
ect
ionpr
ogr
am t
oident
if
yandal
ertt
osuspi
ciousact
ivi
ty;
i
nsti
tut
ingathreathunti
ngprogram,wheresecurit
yteamsusingaut
omat i
on,i
ntel
li
genttool
s
andadvancedanalysesact
ivel
ylookforsuspi
ciousacti
vi
tyandthepresenceofhacker
s
bef
oretheystr
ike.
cr
eat
ingi
nci
dentr
esponsepl
anst
ogui
der
eact
iont
oabr
each;
and
tr
aini
ngandeducat
ingi
ndivi
dualuser
saboutatt
ackscenar
iosandhowt
heyasi
ndi
vi
dual
s
havearol
etoplayi
nprotect
ingtheor
gani
zati
on.
WhatI
sLogAnal
ysi
s?
Loganalysi
sistheprocessofint
erpreti
ngcomputer-
generatedrecor
dscall
edlogs.Logscan
cont
ainav ar
iet
yofinformati
onabouthowadi gi
talproductorservi
ceisused,
sot he
appl
icat
ionsofloganalysi
sareendless.
Exampl
esofl
ogsmi
ghti
ncl
ude:
Si
gn-
inandsi
gn-
outr
equest
sonawebsi
te
Tr
ansact
ionsmadeonacur
rencyexchange
Cal
lsmadet
oani
nfor
mat
ionalAPI
Var
iousot
heri
ndust
ry-
speci
fi
cact
ions
Appl
icat
ions
Logsareoftenusedformonit
oring,
auditi
ng,ordebuggi
ngpurposes.Asar esul
t,t
he
appli
cat
ionsofloganaly
siswil
lusuall
yfal
lunderoneofthesecategori
es.Let’
srevi
ewal
l
thr
eeofthem inmoredepth.
Moni
tor
ing
Audi
ti
ng
Debuggi
ng
Logsareespeci
all
ypopularf
ordebuggi
ngcomputerpr
ocesses,whichi
soneofther
easons
theyar
esof r
equentl
yused.I
faprogrammerobserv
esthataproductorser
vicei
s
mal
funct
ioni
ng,
heorshecanr
efert
otheappr
opr
iat
elogst
ofi
ndr
easonswhyt
hatmaybe
t
hecase.
Whent
oDoLogAnal
ysi
s
Howt
oDoLogAnal
ysi
s
I
t’
sremarkabl
yeasytogetstar
tedwithl
oganal ysi
s,t
hankstotheplet
horaoftool
sand
t
echni
quesavail
abl
etothegeneralpubl
ic.Below,we’
lll
ookatsomeoft heset
oolsand
t
echni
questogiveyouanideaofwhatthistypeofanalysi
sinv
olves.
Techni
ques
Likewithanytypeofdat aanalysi
s, y
oursuccesswithloganalysi
sult
imatelycomesdownt o
thetechniquesyouuset oi nt
erpr
etdata.I
nloganalysis,fi
vecommont echniques(al
soknown
asprocesses)arenor malizati
on,patt
ernr
ecognit
ion,classi
fi
cati
onandtagging,corr
elat
ion
analysi
s,andarti
fi
cialignorance.
Nor
mal
izat
ion
Normali
zati
onistheprocessofcleani
nglogssothatt
heyadheretothesamestandardsor
for
mats.Forexample,
iflogsfr
om v ar
ioussour
cescontai
nvar
yingdatet
imefor
mat s,
they
shoul
dbenor mal
izedbeforeproceedi
ng.
Pat
ter
nrecogni
ti
on
Pat t
ernrecogni
ti
onisthepr ocessofidenti
fyi
ngpatter
nsinlogs,
sot hati
ndi
vi
duall
ogentri
es
canbehandl edappropri
ately.Forexample,consi
derthelogscol
lect
edbyanecommer ce
platfor
m.Logent r
iesthatrefertouserssi
gninginshouldbeseparat
edf r
om l
ogentr
iest
hat
refertouserssi
gningout.
Cl
assi
fi
cat
ionandt
aggi
ng
Cl
assifi
cati
onandt aggingi
sanotherprocessthatinvol
vescat
egori
zingi
ndi
vi
duallogentr
ies.
I
nthi
scase, logentri
esshouldbefurt
herclassi
fied;f
orexample,
basedonkeywordsthatmay
bepresenti
nt heentri
esthemsel
ves.
Cor
rel
ati
onanal
ysi
s
Correl
ationanalysi
sistheprocessoffi
ndinglogent r
iesthatarecor
relat
ed.Thismayr ef ert
o
i
dent i
fyi
ngwhichent r
iespert
aintoaspecifi
cev ent,
oridentif
yingwhichent
ries(pertai
ningto
separateevents)arecorr
elat
ed.Asinothertypesofdat aanalysi
s,i
denti
fyi
ngcor r
elati
onsi s
anessent i
alst
epi ndrawi
ngmeani ngf
ulconclusionsfrom logs.
Ar
ti
fi
ciali
gnor
ance
Arti
fi
ciali
gnor
anceistheprocessof“i
gnoring”entr
ieswhicharenotusefulforanalysi
s.I
n
web-basedappli
cat
ions,ar
ti
fi
ciali
gnorancemaybeusedt oidenti
fywhi
chl ogsrel
ateto
i
ntendedusagepatter
ns.Withthehelpofarti
fi
ciali
gnorance,i
tispossi
bletosignif
icantl
y
reducethenumberoflogswhichmustbeanal yzed,whichcanspeedupaut omati
canalysis
processesorevenmakemanualanal ysi
sapossi bi
li
ty.
Tool
s
Ther
earepl
ent
yofl oganalysi
stoolsonthemarket
,whi
challowy out
oquickl
yandeasi
ly
i
mport,
normal
ize,
andpr ocessdata.I
ntermsofpai
dsolut
ions,someofthemostpopul
arar
e:
Spl
unk:Thi
sfr
eeandpai
dpl
atf
orm ai
desi
nal
lar
easofdat
aanal
ysi
s,i
ncl
udi
ngl
oganal
ysi
s.
Ret
race:Thi
spopul
arSaaSsol
uti
ont
akesy
ourl
ogsandf
indsway
stoi
mpr
oveapp
per
formance.
Sumol
ogi
c:Thi
sdedi
cat
edl
ogmanagementt
ooli
spur
pose-
bui
ltf
orcl
oudappl
icat
ions.
Asf
oropen-
sour
cesol
uti
ons,
somenot
abl
echoi
cesar
e:
Gr
ayl
og:Thi
sopen-
cor
esol
uti
oni
s—onceagai
n—adedi
cat
edl
ogmanagementt
ool
.
GoAccess:Thi
sfr
eeof
fer
inghel
pst
obot
hvi
sual
izeandanal
yzel
ogs.
Logz.
io:Thi
sfr
eeof
fer
ingt
arget
sthosewi
thcl
oud-
basedpr
oduct
s.