2Network security threats

Wherever there is a network, there are threats. The types of potential threats to network security are always evolving, and constant computer network system monitoring and security should be a priority for any network administrator. If the security of the network is compromised, there could be serious consequences, such as loss of privacy, and theft of information.

It is important to point out that not all the security threats are malicious. Non-malicious threats usually come from employees who are untrained in computers and are unaware of security threats and vulnerabilities. Errors and omissions can cause valuable data to be lost, damaged, or altered. Moreover, natural disasters are non-malicious threats. In this chapter, only malicious security threats are detailed.

Malicious threats consist of inside attacks by malicious employees and outside attacks by non-employees just looking to harm and disrupt an organization. The most dangerous attackers are usually insiders (or former insiders), because they know many of the codes and security measures that are already in place

Network attack tools and methods have evolved. Back in the days when a hacker had to have sophisticated computer, programming, and networking knowledge to make use of rudimentary tools and basic attacks. Nowadays, network hackers, methods and tools has improved tremendously, hackers no longer required the same level of sophisticated knowledge, people who previously would not have participated in computer crime are now able to do so.

The definition of "hacker" has changed over the years. A hacker was once thought of as any individual who enjoyed getting the most out of the system he or she was using. Now, however, the term hacker refers to people who either break in to systems for which they have no authorization or intentionally overstep their bounds on systems for which they do not have legitimate access. The correct term to use for someone who breaks in to systems is a "cracker." Common methods for gaining access to a system include password cracking, exploiting known security weaknesses, network spoofing, and social engineering.

There exists a “communication gap” between the developers of security technology and developers of networks. Although, network security is a critical requirement in emerging networks, there is a significant lack of security methods that can be easily implemented. In contrast to network design, secure network design is not a well-developed process. There is not a methodology to manage the complexity of security requirements.

Many network security threats today are spread over the Internet. It is important to point out that smart mobile terminals have come to be an integral part of the Internet. A close inspection of the features of both smart mobile terminals and human behaviours can be used to define a protection scheme in this environment.