Network Security

POD and DDOS Attacks

    The Ping command is a handy tool for troubleshooting. The command sends packets of information to an organization's IP address/domain and requests an echoed response, allowing the user to ensure no connection issues. When used maliciously, it can wreak havoc on a network system. These attacks are referred to as Ping of Death (POD), a type of denial-of-service (DOS) attack (Newman, 2024). Attackers overwhelm the targets' system with packet requests, often from multiple compromised systems, causing an abrupt increase in traffic on the network and servers. This causes the system to become slow for the typical site user, eventually crashing the entire system.

    Though crashing an entire website sounds complex, the only information an attacker would need is the victim's IP address. Once the system crashes, attackers can locate vulnerabilities, leading to breached data or malware infections across the systems (Sansone, 2024). Organizations can use preventative measures to ensure system security by proactively monitoring traffic and implementing packet size validation, blocking oversized packets, and catching spikes in traffic prior to an attack (Newman, 2024).

Phishing

    Phishing is a form of social engineering that involves exploiting victims to provide sensitive information to gain access to accounts and systems (What Is Phishing | Cybersecurity | CompTIA, n.d.). This type of attack is carried out by cyber criminals, or “bad actors,” who take on the role of a business. Through emails, text messages, social media, or phone calls (known as Vishing), the actors manipulate the victim by instilling a sense of urgency with threats of a lost account (i.e., social media, banking, cloud), jail time, harm to a living being or fraudulent charges to their debit cards. Once the attacker has attention, they will utilize links to access the information or even get the information from them over the phone. Though there is much awareness around these security incidents, anyone can be tricked into falling for these scams.

    The best way to verify if the notice is legitimate is to know the signs of a phishing attempt. Check for errors in spelling within the text (ie “plaese contect us imedietly”), validate the phone numbers and email addresses of the party contacting you, and remember that the chance that a business is contacting you to get sensitive account information is doubtful. If you have even the slightest suspicion that the contact is illegitimate, contact the company directly, using the phone number or email address provided directly from their website, to ensure there is truly a need to be concerned before providing details or clicking any links.

Computer Viruses

    A computer virus is a malicious software (malware) that infects systems, leading to performance issues, compromised or lost data, and even a complete crash. Like a human virus, computer viruses can spread between devices (Vahid, 2019). The malware hides within downloadable files that a user can unknowingly install. The first contract of infection is commonly through links within a phishing email, which unknowingly continues to be sent to the user's contacts. However, viruses can be hidden anywhere, including websites, music downloads (I am sure we all remember LimeWire), and even videos. Infected devices may not show symptoms initially, keeping the user blind to the issue until it's too late.

    With thousands of viruses, it is almost impossible to check if you have infected your system with one on your own. Similar to phishing, you should never click links to emails you are unsure of, but even if you act with diligence, you are still likely to be infected. Most computer operating systems have preinstalled firewalls to monitor and protect devices from malicious software by monitoring and applying network safety. Firewalls can be helpful, but having an added layer of protection from a virus and using antivirus software on your computer is the best option. This software can detect suspicious files and stop the installation before infecting your system. The software is usually an additional purchase, but knowing your system is secure from lost and compromised data is worth the cost.

References

Newman, S. (2024, March 12). What is a DDoS attack? Corero Network Security. https://www.corero.com/what-is-a-ddos-attack/

Newman, S. (2024, November 21). What is a Ping of Death (PoD) DDoS Attack? Corero Network Security. https://www.corero.com/what-is-ping-of-death-ddos-attack/

Sansone, I. (2024, November 25). The damaging impacts of DDoS attacks. Corero Network Security. https://www.corero.com/the-damaging-impacts-of-ddos-attacks/

Vahid, F., & Lysecky, S. (2019). Computing technology for all. zyBooks.

What is phishing | Cybersecurity | CompTIA. (n.d.). CompTIA. https://www.comptia.org/content/articles/what-is-phishing