Emerging Threats and Countermeasures

Emerging Threats and Countermeasures:Information security has become a crucial issue since technological advances have led to an increase in sophisticated attacks targeting personal and organizational data. Cyberattacks have significantly increased in the twenty-first century, indicating that cybercriminals are increasingly becoming advanced as technologies advance. Saravanan & Bama (2019) asserts that a 2015 survey of web applications found that 95% of web applications have vulnerabilities. Most organizations are vulnerable to cyber-attacks because they have not evolved as technologies advance. To overcome the cyberattacks, organizations have to be knowledgeable of the threats they are facing and the methods they can apply to protect themselves from the attacks. The following are the Emerging Threats and  probable countermeasures. 

Emerging Threats

One emerging threat is social engineering. Social engineering attacks are used by hackers to gain confidential information by manipulating the users of the system. The hackers trick people into sharing their passwords, sharing their bank information, and even allowing them to use their computers where they can install malicious software that gives them access to details of the user like passwords and bank information. Social engineering is a relatively easy way that hackers’ users to access confidential information since, unlike hacking, the actors only manipulate the trust of a person. One common form of social engineering is sending emails that appear to be from trusted sources. Financial institutions are the organizations that are mostly impersonated in the emails, and in the mails, customers of the organizations are encouraged to share their bank information.

Secondly is a denial of services (DOS) attacks. An attacker makes the DOS attacks with the aim of rendering services unavailable by disrupting the normal functioning of devices. The attacks function by flooding the machine with requests to the extent that it cannot process them and hence results in the denial of service to legitimate users. An advanced form of the DOS attacks is the Distributed Denial of Services (DDOS). Unlike DOS, DDOS attacks target several machines in a network. According to Zlomislić, Fertalj & Sruk (2017), says that DOS attacks aim at resource exhaustion through the generation of excess traffic. The resources that are abused connection limits, network resources, critical node capacity, disk, and memory space.

Malware is another security threat that is affecting organizations today. Malware refers to malicious software that damages systems and data as it gains access to networks. Malware is delivered as links through emails or files such that when users click the links, the file is executed, and the malware takes control of the computer. The files that attackers gain from using malware are used to demand ransom, especially is the data in their possession is sensitive. Even though malware has existed since the 1970s, it has evolved to match technological changes and security upgrades. According to Jang-Jaccard & Nepal (2014), malware evolves to exploit new flaws in emerging technologies and avoid detection. Some examples of malware are viruses’ worms, spyware, trojan, and ransomware, among other malicious software. All these malware operate uniquely, but they are all dependent on user actions. The common ways of propagating malware are emails, executable files, social media, and instant messaging.

A botnet is also a threat to information security. Botnets are interconnected devices that have been infected by malware and are controlled remotely. Most of the time, users are unaware that their devices are infected. Cybercriminals control the devices and often instruct them to perform specific functions, often malicious but hidden from the user. Botnets are used by criminals to send email spams, DDOS, and click fraud campaigns. Criminals that create botnets target vulnerabilities, and they aim to use computer resources to perform automated tasks but remain hidden. Babate, Musa, Kida & Saidu (2015) says that botnets are currently a critical security threat as it is designed to affect computers in varying ways deliberately. After devices are infected with a botnet, the attackers can control the devices using the client-server approach or the peer-to-peer botnet. In the client-server approach, the attacker creates a server for sending automated commands using internet relay chat. In the peer-to-peer botnet, the attacker programs the infected devices to scan and communicate with other botnet devices and share the latest versions of malware for controlling the botnets.

Countermeasures

People can protect their devices from social engineering by using various strategies. One method is desisting from sharing personal information with emails that request username, credit numbers, and passwords. Genuine organizations cannot ask users to share their information, and besides, genuine organizations use digitally signed emails. Another method is using official sites when communicating with financial organizations (Abass, 2018). Legitimate organizations use the https protocol, and therefore communicating with organizations that use the protocol limits cases of phishing attacks. For organizations, educating users about the need to secure systems is crucial in preventing social engineering attacks. The success of the attacks is dependent on the ability to manipulate users into trusting the links they receive. Educating users on the need to avoid clicking random links is crucial in preventing social engineering attacks.

There are various ways of defending against DOS. One method is border filtering, and this is achieved by deploying specialized protection devices that guard against malicious traffic entering the network. Then devices process traffic and prevent malicious data from reaching the internal network. Another method is infrastructure improvements. DOS and DDOS attacks are aimed at overwhelming servers and denying legitimate users services. Increasing server spaces and bandwidth can enable an organization to withstand the attacks. Another method is real-time monitoring. By monitoring a system, unusual behavior can be identified early, and hence the administrator can act accordingly.

There are various countermeasures for malware, and the use of antivirus is one strategy. Antivirus refers to software designed to detect and combat computer viruses. Even though the strategy is not always effective when dealing with targeted attacks, it can aid in preventing the malware from affecting the computer files. Another method is regularly updating software. The latest versions of the software are often advanced from previous ones, and updating aids sealing loopholes that previous versions had. Installing firewalls is another strategy. Firewalls protect against malware by blocking unauthorized access.

For botnets, protection can be achieved by focusing on the protection of the system when creating it. Intrusion prevention systems (IPS) are one way of preventing botnet attacks. The IPS protects devices by monitoring network activity and detects undesirable activities as it prevents them from affecting the device. When IPS detects an unwanted package, it isolates it and allows other traffic to flow. Amoroso (2012) says that early detection of malicious activities is vital in preventing attacks and planning on how to respond to the incidents. Another method is the correct coding of applications. When creating applications, the programmers have to make it resistant to botnet attacks.

Conclusion

Organizations have to be aware of the threats they are facing and strategies they can adopt to protect themselves against the threats. Some of the emerging threats that organizations currently face are malware, social engineering, botnets, and denial of service attacks. In all these attacks, the aim is to steal data, but the approaches are different. For social engineering, the attackers capitalize on the trust of the user to gain their personal information. There are various countermeasures for protecting organizations from the attacks. The methods include using antivirus software, avoiding clicking links from suspicious sources, installing firewalls, and intrusion prevention systems in addition to educating employees on the need to avoid clicking links they receive.

References

Abass, I. A. M. (2018). Social Engineering Threat and Defense: A Literature Survey. Journal of Information Security, 09(04), 257–264. https://doi.org/10.4236/jis.2018.94018

Amoroso, E. G. (2012). Cyber-attacks: protecting national infrastructure. Elsevier.

Babate, A., Musa, M., Kida, A., & Saidu, M. (2015). State of Cyber Security: Emerging Threats Landscape. International Journal of Advanced Research in Computer Science & Technology (IJARCST 2015), 3(1), 113-119. Retrieved 20 August 2020, from http://ijarcst.com/doc/vol3issue1/ver2/alhaji.pdf.

Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 80(5), 973-993. https://doi.org/10.1016/j.jcss.2014.02.005

Saravanan, A., & Bama, S. S. (2019). A Review on Cyber Security and the Fifth Generation Cyberattacks. Oriental Journal of Computer Science and Technology, 12(2), 50–56. https://doi.org/10.13005/ojcst12.02.04

Zlomislić, V., Fertalj, K., & Sruk, V. (2017). Denial of service attacks, defenses, and research challenges. Cluster Computing, 20(1), 661–671. https://doi.org/10.1007/s10586-017-0730-x