® 2019 HelpMyEssay.com
Total Length: 1375 words ( 5 double-spaced pages)
Total Sources: 4
Page 1 of 5
Computer Vulnerabilities
Computer Security Vulnerabilities
The extent of the problem
This is not a small issue. The book "Analyzing Computer Security" lays out the following scenario: "First, 20 million U.S. smart phones stop working. Next follow outages in wireline telephone service, problems with air traffic control, disruptions to the New York Stock Exchange, and eventually severe loss of power on America's East Coast" (Pfleeger & Pfleeger, 2011, 3). The authors are talking about a situation in which the computer networks that control those devices and services are compromised. As has been seen in recent years, this lack of computer security is something that is not an apocalyptic myth, but an unfortunate reality. As soon as systems are designed to thwart attackers, they are broken and new security measures have to be put in place. It is a never-ending battle that requires a vigilant and resourceful security team to police. Unfortunately, these large breaches have only increased in recent years.
Vulnerabilities that caused major loss/damage
It does not matter whether it is an individual, company or government, computer vulnerability can cause endless problems such as identity theft, loss of customer data, or an event such as the one that occurred in Iran in 2010.
"Siemens equipment…called Industrial Control Systems or ICS, is the product targeted by Stuxnet, the sophisticated computer worm discovered last year to have crippled Iran's nuclear power program. Stuxnet reprogrammed the computer-controlled centrifuges used to enrich uranium so that they spun out of control and destroyed themselves" (Waterman, 2011).
This was an incident that could have caused even more serious damage if the hackers had been able to penetrate security even further.
Virus/Hacking statistics
The trend in viruses and computer hacking attacks has been escalating for many years. "As of June 2006, Symantec's Norton Antivirus software checked for over 72,000 known virus patterns" (Pfleeger & Pfleeger, 2011, 87). This statistic was current more than five years ago, which means that at the rate of growth of these types of attacks it can be assumed that that number could easily have exceeded 200,000.Hackers have been enjoying a lot more publicity and scrutiny in recent years. There are no real statistics regarding how many hackers exist and the exact figures of how much hacking has cost U.S. companies is also hard to determine. The reason is that "disclosures about monetary damages caused by hackers rarely were made public, and many companies do not bother calculating the total because they are too busy fending off hackers, or they are too embarrassed to report the incident to law enforcement" (Nowak, 2011).
Security standards
The government has tried to determine standards as computer technology has blossomed, but it is difficult keeping up with the changes that are constantly being made. The government organization that controls security standards is called the National Institute for Standards and Technology (NIST). Since the early 1970's, this organization has been attempting to write encryption standards. Originally this was done for the military, but eventually the need was for a common set for all entities that held information that could be considered a national security risk.
Direct causes of vulnerabilities
SQL Injection
The term SQL is actually an abbreviation of structured query language which is used in database management systems (Pfleeger & Pfleeger, 2011, 541). In this type of attack a hacker can use the language, from a browser, to tell the database to release information. This can be used to tell a banking website to release the names and account information of all of the people that they have on record if the user knows just a few simple commands.
Phishing
This is an interesting play on words that can be one of the most personally damaging vulnerabilities around. Hackers know that certain problems with an account can cause an individual to lose their vigilance and respond to a message in which they need to give personal information. Phishing occurs when an individual is asked to give personal information to clear a problem that looks legitimate. The problem is that the phisher has copied the website logo and other vital information.....