Network Security

 

Importance of Information and System Security

Information and system security are vital for individuals and organizations alike. For individuals, security protocols safeguard personal data, financial details, and privacy. For organizations, these measures ensure data integrity, confidentiality, and availability, which are critical for sustaining trust, adhering to regulations, and guaranteeing business continuity. (Tenable, n.d.; ISMS Connect, n.d.).

Password Cracking

Vulnerability

Computer systems are susceptible to password cracking because of not very strong passwords, and the rehash of passwords across various sites, and insufficient encryption methods. Attackers employ nefarious techniques, and credential stuffing to guess or obtain passwords. (BeyondTrust, n.d.; Norton, n.d.).

Symptoms and Damage

When a system is breached via password cracking, attackers can obtain confidential information, resulting in data breaches, financial losses, and identity theft. Additionally, they can exploit compromised accounts to initiate more attacks across the network. (Password Lab, n.d.).

Recommendations

1. Use Strong Passwords: Implement policies requiring not easy to predict passwords that include a variety of symbols, letters, and lastly numbers (Safety Detectives, n.d.).
2. Enable Multi-Factor Authentication (MFA): MFA adds an extra layer protection that requires additional verification steps after the initial input of the primary password (Safety Detectives, n.d.).

Social Engineering

Vulnerability

Social engineering targets human psychology instead of technical weaknesses. It involves attackers deceiving users into giving up confidential information or taking actions that breach security, such as clicking on harmful links or disclosing passwords. (Cisco, n.d.; IBM, n.d.).

Symptoms and Damage

Successful social engineering attacks can result in major financial losses, major data breaches, and lastly damage to the reputation of the company/ user. A good example, phishing emails may deceive employees into disclosing their login details, attackers exploit the organization's network. (SentinelOne, n.d.; Social Engineer, n.d.).

Recommendations

1. Employee Training: Regularly educate a company’s employees about how these tactics can be used against them and how to recognize them (Enterprise Networking Planet, n.d.; Proofpoint, n.d.).
2. Implement Strong Security Policies: Form clear protocols for the verification of identity of the individual requesting such info and encourage skepticism of unsolicited communications (Fortinet, n.d.; Business Tech Weekly, n.d.).

By understanding and gaining more knowledge against password cracking and the malice that comes with it organizations can significantly their risk in falling victims to such attacks.

References

• Beyond Trust. (n.d.). Password cracking 101: Attacks & defenses explained. Retrieved from https://www.beyondtrust.com/blog/entry/password-cracking-101-attacks-defenses-explained
• Business Tech Weekly. (n.d.). How to prevent social engineering attacks. Retrieved from https://www.businesstechweekly.com/cybersecurity/social-engineering/how-to-prevent-social-engineering-attacks/
• Cisco. (n.d.). What is social engineering? Retrieved from https://www.cisco.com/c/en/us/products/security/what-is-social-engineering.html
• Enterprise Networking Planet. (n.d.). How to prevent social engineering attacks. Retrieved from https://www.enterprisenetworkingplanet.com/security/how-to-prevent-social-engineering-attacks/
• Fortinet. (n.d.). Social engineering. Retrieved from https://www.fortinet.com/resources/cyberglossary/social-engineering
• IBM. (n.d.). Social engineering. Retrieved from https://www.ibm.com/topics/social-engineering
• ISMS Connect. (n.d.). Why is information security important? 7 compelling reasons. Retrieved from https://isms-connect.com/insights/why-is-information-security-important-7-compelling-reasons
• Norton. (n.d.). Password attack. Retrieved from https://us.norton.com/blog/emerging-threats/password-attack
• Password Lab. (n.d.). Understanding password breaches: Causes, consequences, and prevention. Retrieved from https://passwordlab.io/blog/understanding-password-breaches-causes-consequences-and-prevention
• Proofpoint. (n.d.). Five ways to prevent social engineering attacks. Retrieved from https://www.proofpoint.com/us/corporate-blog/post/five-ways-prevent-social-engineering-attacks
• Safety Detectives. (n.d.). Password cracking techniques. Retrieved from https://www.safetydetectives.com/blog/password-cracking-techniques/
• SentinelOne. (n.d.). Social engineering attacks: How to recognize and resist the bait. Retrieved from https://www.sentinelone.com/blog/social-engineering-attacks-how-to-recognize-and-resist-the-bait/
• Social Engineer. (n.d.). What damage does social engineering really cause anyway? Retrieved from https://www.social-engineer.org/general-blog/what-damage-does-social-engineering-really-cause-anyway/
• Tenable. (n.d.). Information security principles. Retrieved from https://www.tenable.com/principles/information-security-principles