Network Security – Safety Never Takes A Holiday

When someone says Network Security the first thing that comes to mind is Paul Blart Mall Cop (Sony Pictures 2009). The connotation is simple, security is a big thing that no one can see that supposedly protects your network. The network is the 400-pound gorilla in the room that everyone uses but most don’t know how it works, “just call IT (Paul Blart) he can fix it”. The two parts, network and security must work in harmony for it to be a seamless protective service. Paul Blart did not care what people thought of him, just did his job to the best of his ability.

 

At my company, probably similar to yours, we have a team of network security employees that we trust to keep everything safe. But what are they protecting? There are hardware and software components that are subject to attack from threats at any given moment. The software or hardware that every user is using can be compromised through email (spam or phishing), or side-by-side malicious downloads that come from seemingly harmless sources. It is the job of the security team to detect and mitigate these from accessing the company’s network and thus multiple machines and ultimately the entire company.

 

On the downside, if an attack is successful the attacker could easily seize control and demand anything from monetary ransom or other concession to “release” their hold and restore the soft/hardware to the company. In other cases, the attacker may not want anything more that to cause harm in which case a malware virus would simply “seek-and-destroy” company property on their network and thus cripple the company with no hope of recovery. Both of these are truly devastating to businesses and are very easily avoidable.

 

As computers have evolved from the large mainframes in their living room sized boxes have shrunk and developed into the tiny little phone laying next to this laptop the knowledge of the technology has migrated as well. Once it was only the large corporations and government that could afford computers. Now everyone has a computer, and in many homes probably several “devices”. As the technology moved to the public domain the “tech assassins” grew in numbers as well. The knowledge of technology was no longer only available to those with money but was now available to all via the internet. I looked just today as several viable trusted sites on the web to see how to unlock an iPhone and try to bypass the security. It’s actually quite simple, you just have to know where to look.

 

So, the need for a robust network security force exists for pretty much everyone. Now the odds of a hacker targeting you as an individual may be pretty slim, but attacks on corporations and the government are almost endless. This brings me to my big question, why is it so hard for us to make a security system that is unbreakable? It seems that if we could just stop changing the software on the user machines security would be basically impenetrable. This sounds absurd coming out of my mouth, but it is almost exactly what my company did for almost ten years.

 

Obviously if you stop doing upgrades and keeping up with the technology you will ultimately fall far behind, but who are you chasing? The competition, your friends, the “Jones’s”? That’s a question that I can’t answer but can tell you that technological advances will not stop and in fact increasing daily.

 

My company, I will not name them, had an archaic view of technology. The business that we are in is almost exclusively computer-based and is definitely a “tech field”. We are the forefront of our type of technology and are pioneering the tech that we produce. Which is freakishly frightening because in the front-of-the-house (customer service and basic computing) we just 4 years ago made the leap from Windows XP to Window 7 and last year from 7 to 10. The belief from our executive team was that we were insignificant and didn’t need the newer technology. It took two attacks, one was email spam and the other phishing, to get them to listen and understand. Spoiler alert, it also answered my big question.

 

Because of evolving technology in network architecture and the infinite resources on the internet it was quite easy for a hacker to get into our old outdated, unprotected email system. The OS developers search out exploits in the current software and patch it. So, when they send an update for their OS it will include the patch for the exploit. Since we never updated our OS (and Microsoft was no longer supporting it) it opened the door for attacks. Once they had access to our email, our network was wide open to them and they did what they wanted. Ironically the first was using our own email system to direct a DoS attack on our website. The second, phishing attack, installed ransomware and shut us down for a few days and was very costly to remove. I was never more thankful for backups than that day.

 

So, obviously we will never be protected from security threats by just doing nothing. The threat is always there and waiting for someone to find it. Since technology is now everywhere the need for network security has increased dramatically. The need exists both for digital control and situational awareness (Li, Y. et al, 2019). The digital control is for the virus detection and antimalware software to protect the software and hardware on the network. This is normally a real-time protection that is running on the system and relies on little to no input from the network security team. The situational awareness is for the users on the network and their education and awareness of what a threat looks like. The wideset gap in any security is not the hardware or software but the humans using them. The vast majority of attacks come through exploiting a person’s trust and getting inside the easy way (Gulshan, K., 2014). It is crucial for companies and individuals to education themselves and their employees on the types of threats and how to avoid them. Also, to empower them to report a breech when it happens to try and minimize the damage of a successful intrusion. Education and awareness are possibly the most important part of any network security.

 

“Safety Never Takes A Holiday!” – Paul Blart

 

 

 

 

 

 

 

References

 

Gulshan Kumar & Krishan Kumar (2014) Network security – an updated perspective, Systems Science & Control Engineering, 2:1, 325-334, DOI: 10.1080/21642583.2014.895969

 

Li, Y., Huang, G., Wang, C. et al. Analysis framework of network security situational awareness and comparison of implementation methods. J Wireless Com Network 2019, 205 (2019). https://doi.org/10.1186/s13638-019-1506-1

 

Vahid, F. & Lysecky, S. (2017). Computing technology for all. Retrieved from zybooks.zyante.com/

 

 

 

the keys to your kingdom: network security

Information and information systems are critical for day-to-day life of businesses and individuals. So, it follows that security of the hardware (system) and software (information) is also a critical component for day-to-day life. According to Frank Vahid and Susan Lysecky in Computing Technology for All, security is not only a function of the hardware and software, but a human component as well. While it is easiest for someone to target exploits in an OS it is almost as easy to target a user. Human curiosity will always be one of the easiest targets to exploit.

There are numerous ways that a business or individual can be attacked. The method for attack could come as a virus in a download, a spam or phish in an email, or malware, a general term similar to a virus, along side a download. Spam and phishing both normally exploit a user while a virus, malware, don’t need action once they are downloaded. We’ll explore phishing and spam a bit more below. All of these attacks are meant to control either software or hardware with intent to harm. The harm may be monetary, personal defamation, or business reputation. Any attack that is successful will almost always result in some kind of loss to the individual or business.

One particularly annoying and effective attack is a DoS or Denial of Service attack. This type of attack uses either a virus or email spam to attack a specific target. When the attack is ready to commence the virus or malware will send continuous ping requests to the target. The ping requests will overwhelm the target’s ability to accept new, legitimate, requests and return a “busy signal” or a denial or service/timeout. Now, the idea of a ping test is a single ping that returns information about the speed of the computer and network between locations. The continuous ping in a DoS attack is thousands of ping requests per second from a multitude of locations and all of them pinging a single location. If the attack is large enough it can cause a disruption of service across the location of the attack and the surrounding network. It is possible for a ping attack to take down an entire portion of the internet around a specific server.

The CAN-SPAM Act has defined spam as an unsolicited commercial email that the recipient has no affiliation with and was sent without consent of the recipient. Additionally, emails are considered if they were sent in bulk without the recipient’s consent. While not all bulk emails are considered spam, a vast majority is just that. Research from the Journal of Cyber Criminology indicates that 90% of the emails sent are possibly spam, depending on the definition adopted for spam. Email spam is primarily used for revenue generation or promoting products, however, there are also used for stealing information and phishing (hang in there we will get to it). When a spam attack is used properly it can infect an entire organizations network. With control of the organizations network and email it can launch attacks such as DoS attacks without disclosing the identity of the hacker inciting the attack.

Phishing according to Taking the Bait combines social engineering and complex attack vectors to create an illusion or deception in the eyes of the email recipient that the legitimacy of what is being offered or asked is not only truthful, but persuasive enough to prompt an action by the recipient in some form (Lacey et al.). Particularly phishing involves getting the recipient to open an email and/or click to another site and enter their personal information. Once they have either opened the message or entered their information the attacker has what they needed, access. If the email message is opened within a business network the phishing hacker can install ransomware or another type of virus to seize control and demand a monetary compensation for releasing the businesses information. To an individual the phishing scam may involve a person believing they are about to visit a trusted site and enter their personal information. If this a bank account, the thief now has your keys to the kingdom.

To protect against both of these types of attacks there are two primary defenses. The first of these is education. In instances of spam and phishing the attacker must gain access through a user accepting or opening the email sent in hostility. Educating the recipients on what warning signs exist and what to do with the attacker email is the best line of defense we have. Secondly, there are numerous security programs out there, like SolarWinds MSP, Spam Titan, and Mailwasher, that are used to filter emails, search for specific verbiage, and compare recipients on the users white/blacklists. While these types of security software are robust and can be very helpful they are not perfect. Because these types of software are available to the hacker just as readily as the user it is very difficult for the manufacturer to stay ahead. So, it is ultimately the end user’s responsibility to keep him/herself safe from attacks. Education is the best line of defense.

 

 

                                                                   References

 

Lacey, David, et al. “Taking the Bait: A Systems Analysis of Phishing Attacks.” Procedia Manufacturing, vol. 3, 2015, pp. 1109–1116, 10.1016/j.promfg.2015.07.185. Accessed 26 June 2019.

‌Vahid, F., & Lysecky, S. (2017). Computing technology for all. Retrieved from zybooks.zyante.com/

Yu, S. (2011). a under a creative commons Attribution-Noncommercial-Share Alike 2.5 India License 715 Email spam and the CAN-SPAM Act: A qualitative analysis. International Journal of Cyber Criminology, 5(1), 715–735. https://www.cybercrimejournal.com/Yu2011ijcc.pdf

‌

 

 

 

computers in the workplace, or up in the air?

Aviation. When you hear the word aviation you probably think of airplanes and pilots. Of course, they are the two primary components to all things aviation. However, there is so much more that goes into getting you from point A to point B.

Throughout the United States and all over the world there are aviation professionals working diligently, on computers, to keep you safe and get you there in the shortest time possible. Remember the safest place to be while traveling is on the ground. In the aviation field computers have for many years basically run everything, and now they are taking over the cockpit as well. 

As GPS technology unfolds and gets more and more precise, aircraft and aviation as a whole are relying on it for everyday operation. You may believe that the pilot up front is watching out the window for other airplanes and obstacles. You may think that they are responsible for keeping the airplane going in the direction you want to go, and even think that the pilot is “flying” the plane at takeoff and landing. If this is your thinking you are mostly wrong. In 2020 the airplanes can, and most times do fly themselves, the pilot is there to monitor and take over in the event of a malfunction. Of course, there are times when the pilots do fly the plane but most of the time they cannot do it without help from the plane itself. The inclusion of computers and new technologies in modern aircraft have helped tremendously and will continue to make powered air flight safer and more efficient.

 

Along with the emerging technology in the air, the same can be said on the ground as well. Just like the GPS and navigation aids in the airplane the air traffic control system is getting overhauled also. The instruments used by ATC are now more accurate than ever which allows the controllers to keep more aircraft closer together or more in line up in the sky. These enhancements are keeping you safe and helping you get to point B without incident.

 

So, as you can imagine the pilots, controllers, instructors, and maintenance technicians are working as quickly as they can to keep up. At my place of employment that is exactly what we do, teach pilot and aviation professionals the current and upcoming technologies. It is of the utmost importance for them to keep up as they are the people that help keep us moving and the globe shrinking. Keep these in mind the next time you fly and tell your Captain thank you when he slides on a nice smooth landing. See if he will give the computer on the airplane credit for it’s help. 

 

traveling through the network

Packets of data are sent through the networks bouncing from one router to the next until they reach their assigned destination, or IP address. As they travel from point-to-point, or hop, they request the next destination and then travel there. If they receive no reply or not in a specified amount of time they, time out. Once they reach their destination they complete their task. Then a response, or echo, is sent back to the origin via the same route in response. Thus communication happens.

The ping test to google was as expected very quick while the tracert took considerably longer, but the final destination reply for the tracert aligned closely with the ping test. So, I know that I have a stable quick route to google so the communication will be complete and speedy. The test to netregistry.com.au understandable took much longer to complete with higher times and lots of lost packets, but it was traveling to the opposite corner of the world, so that is to be expected. Interestingly though was that the ping test and the tracert came back with an almost identical time for the last hop to the destination. I got a very similar result from the mail.ru tests, and in fact the max ping and the first packet in the tracert arrived in exactly the same time.  

 

 

Pinged google.com with a total of 4 packets each with the size of 32 bits. The average time was 18ms, max 20ms, min 17ms. There were no packets lost on the trip.

 

Pinged netregistry.com.au with a total of 4 packets each with the size of 32 bits. Average time was 387ms, max 515ms, min 281ms. There was 1 packet lost on the trip.

Pinged mail.ru with a total of 4 packets each with the size of 32 bits, the average time was 280ms, max 332ms and a min 196ms. There was 1 packet lost on the trip.

 

 

 

Tracert for google.com took 11 hops. Times ranging from 6ms to 61ms. There were 2 timeouts but no failures due to timeouts.

Tracert for netregistry.com.au took 15 hops, from 7ms to 607ms. There were 13 time outs and 4 timeout failures.

 

Tracert for mail.ru took 11 hops. The time between hops was from 2ms to 397ms. There were 11 timeouts and 3 timeout failures.

 

This assignment is particular challenging for me as the ping and tracert have always been abstract ideas to me. So working through them was quite insightful.

I actually used the ping test to determine why my brand new very expensive router wasn’t performing to my expectation. I used another computer in the house and one of my family members nearby. The ping was okay with the first test and then was extremely long with many lost packages on the second. I tried updating the drivers on the router, modem, and computers to no avail. So I tried changing the ethernet cable and re-pinged both machines. Voila! Problem solved. I had a CAT 5 cable from my modem to my router that was choking down the signal and was not allowing the communication to flow as was expected. The ping proved it was the cord.

In another instance, and anyone in the Northeast US can use this test. I used a continuous ping test on a few Sunday afternoons to test my ISP. I will not name them as we may have classmates that work for them. On Sunday afternoons around 3PM we experience a dramatic drop in connectivity, and I have always believed that it was the ISP either throttling or intentionally dropping service in my area. So, I used a continuous ping around the time that I thought this would happen. On 3 of the 4 Sundays that I tested the ping was either extremely long or timed out for several minutes at a time. The time outs occurred between my router and the ISP, so I knew it was them. I sent them the data, but as I am only the customer, it made no difference to them, and I still suffer through Sunday afternoons.

 

a day in the Life

This project was quite fun I must admit. I use these applications daily with my work and thus made them easy for
me to complete. 

            Word, Excel, and PowerPoint all have their advantages and disadvantages. Word is great for a project like this one where you simply need to document a day. Hence the extension for a Word document is .doc(x). It was probably the simplest program to use during this exercise because it was putting words on paper. 

However, if we turn the project just a little and require a percentage of day spent, or total hours spent then Excel would be the front runner for this work. 

Lastly, I would choose PowerPoint. It is sometimes finicky, and the controls are not in obvious locations. Actually, some are hidden altogether until you paste or add a particular object. So, for this project it was the least likely candidate. That being said, if we turn this a little more and need to present our day to a class, team, or professor then it would be ideal. 

With Word and Excel the functionality to present images, animations, and words is lacking. That is not to say it can’t be done, but it is simpler in PowerPoint.

            So, each program has its pros and con depending on the needs of the creator. Word would be used exclusively for a written project such as this essay where charts and graphics are not needed. Excel is exclusively for displaying and calculating information in spreadsheet style or graphical chart. PowerPoint is for presentations to others, with animated and graphical capabilities. Collectively the three programs are a great set to accomplish most projects that would be assigned in a classroom or working environment.