Network Threats and Security

 

Computers and supporting networks have become ingrained into nearly every aspect of American culture, from the public to the private, confidential, and even top secret. This scope of network usage makes Network Security of the utmost importance. The top impacts of corporate security breaches are extortion and data theft (IBM Security X-Force, 2023). As Check Point (n.d.) succinctly puts it, "Network Security protects your network and data from breaches, intrusions, and other threats" (p. 1). Network attacks can come in various forms, often mixing cyberspace attacks and social engineering.  

For our purposes in this post, a cyberspace attack will refer to any network attack that is primarily a digital-to-digital attack. A denial of service (DoS) is a type of cyberspace attack against a website or service. In a DoS attack, the attacker uses either an overwhelming volume of requests or specially formatted requests to overwhelm or crash a server making it unable to process requests from legitimate users. The legitimate users being denied access to the service is the source of the term (Vahid & Lysecky, 2019). Generating a Ping of Death (PoD) is one method of DoS. Pings are Internet Control Message Protocol (ICMP) echo requests, a helpful tool used in general monitoring, maintenance, and troubleshooting network connection between two devices. A Ping is corrupted into a PoD cyberspace attack by either oversizing or malformed the IP packets so that the receiving system crashes when trying to reassemble the message. The threat of PoD is mitigated by checking the request parameters and filtering out the high-risk ones (Radware, n.d). PoD are one example of attacks between network systems.  

By contrast, social engineering is when network attacks focus on taking advantage of the human element in network systems. By focusing on the human vulnerabilities prevalent in every computer system worldwide, attackers can bypass digital security to achieve their goals (Wang et al., 2021). The aim is to use deception to get an individual to reveal sensitive information or credentials, install malware, or commit fraud (IBM Security X-Force, 2023; National Institute of Standards and Technology, n.d.). While there are several ways to deceive people, IBM's X-Force (2022) found that 41% of all network attacks started with a Phishing scheme. Phishing is a play on the word "fishing," as social engineering will use bait to get the user to perform an action. This bait is usually an email intended to evoke an emotional response, commonly fear - "follow this link and log in to unfreeze your bank account" or hope - "provide me this information or follow these steps and you will earn a large payout." When the target takes the bait, they click on a link that either downloads malware to their computer or takes them to a convincing yet fake login page where they provide login credentials to the attacker (Wang et al, 2021). Corporations can implement software solutions that help reduce the effectiveness of social engineering. Most malware can be blocked with OS security not allowing the installation of any programs. They can also implement multi-factor authentication in which credentials are paired with another element, like fingerprints or one-time text pins, to allow access to a system (Indusface, n.d.). Many companies have also enabled consumers to use multi-factor authentication to protect their accounts. While these defenses undoubtedly help protect networks, social engineering remains effective and is likely here to stay.  

Bad actors are likely to use a combination of cyberspace attacks and social engineering to achieve their goals. Bad actors can start with a Phishing scam that results in many casual computer users having some malware installed on their computers. This malware acts as a dormant bot, waiting on the host computer for an activation signal. These computers make up a network of bots referred to as a botnet. Upon receiving that signal, the botnet activates, flooding a service with requests from each member. With the botnet activated, suddenly, traffic increases by a drastic amount that the service is not designed to handle, and it crashes. This kind of DoS attack from a wider network of computers is called a distributed denial of service (DDoS) attack. While a DoS attack with its single source can simply be blocked upon detection, the distributed nature of the source of DDoS makes blocking bad traffic harder because you want to keep good traffic. Blocking everything still denies the service's functionality, which is a win for the bad actor. While protecting against botnet DDoS attacks is more challenging, it is not impossible. One DDoS defense is rate limiting, which blocks specific device requests after reaching a certain number (PingIdentity, n.d.). Bad actors can combine and layer social engineering and cyberspace attacks to harm networks in countless other ways or users. 

This post only touchs the tip of the iceberg regarding cyberspace attacks, social engineering, and network security. Network attacks will come in various forms depending on the attackers' goals and means. Network security is a balance of protecting sensitive information and systems from bad actors while still allowing access to those who need it.  

Computers in the Workplace - Human Resources

This week I am going to write about computer literacy within and Human Resource Management (HR). HR is a broad support industry that every company has to some degree. While the exact functions can vary based on the industry or company being supported, there are common functions throughout. Overall, HR is about supporting the people aspect of a company like talent acquisition and retention, managing employee pay and benefits, and workforce monitoring and analysis (ADP, n.d).  

As degree seekers, we are likely to be dealing with HR recruitment systems in the future as we strive to put our earned knowledge to use. For years, HR departments have been using resume analysis programs to weed through applications in the hope of finding the best applicant without the interference of human bias (Dastin). However, reviews of the results revealed more of the same bias. As Martin (2018) puts it: 

“This is one major drawback to AI, where whatever goes in is what goes out. This means that if there is already a bias in the hiring process of things like years of experience and certainly preferred degrees over skills or men over women in tech, the AI bot only knows what it is being told” (para 4). 

The user may think that the cold logic of the computer is infallible when what they are actually getting is the repackaged logic of the people who came before. Dastin (2018) calls out that the transfer of these biases is likely unintentional but still a natural result of the training data.  

Imagine you have recorded and ranked all the socks you have ever purchased. Early in your life your mom only got you SoccySocks. When you got out on your own, you purchased a few CallySocz because they were convenient, but never got around to trying MadSocks. You enter all these soc rankings into a computer and ask what kinds of socks you should buy next. SoccySocks has more scores than CallySocz, so it gets recommended higher. The program doesn’t extrapolate that CallySocz has a new cotton bamboo blend that you would like to try if you knew about it. The program has no basis to make any conclusions about MadSocks at all.  

This example may sound silly, but if you apply this idea to collages on applicants' resumes, you can see how a program would keep with known successes, regardless of the actual causes of those successes. In the real world, this manifests as the resume programs downgrading applicants from all-girl women’s colleges (Dastin, 2018).  

This brings me to the computer literacy of HR professionals who would be using or implementing resume analysis programs. I do not expect HR professionals to be able to write or understand the line-by-line code of every program they are using, nor do I expect that of anyone, even programmers. What I do recommend is an understanding of logic flows: if this, then that. I think HR professionals should know the connection between the input and output of the software they use well enough (or have access to meaningful enough explanations for reference) that they could examine a resume or situation themselves that they can match the program output.  

This may delve more into critical thinking skills than computer literacy itself, but an ability without the critical eye to apply it well is meaningless at best, and actively harmful at worst.  

Initial Thoughts on Web/Mobile Apps

I am currently interested in the topic of web/mobile apps. In the short term, this topic interests me because I like to make tools that help me with repetitive tasks or calculations. In the past, I have modified a .html file that included some JavaScript to serve as a template generator for common tasks in my job. It has also been common for me to make a spreadsheet that helps me appraise the best path forward or the best value for games I play. As I expand my knowledge of Python, I am building more complicated custom apps to answer these questions for me, though from what I have read Python is not very viable in the web/mobile app space. I think these homemade tools could be even better and easier to share with others if I can learn how to execute these concepts as web/mobile apps for portability.   

In the long term, making or at least understanding the development of web/mobile apps can be a boon to my future career in IT. According to Jiangning et al, (2019), “90% of people’s mobile time is spent using mobile apps” and the Apple and Google app stores offer over 1.5 billion apps each (p. 828). This high usage and high volume of apps makes me feel secure that the demand for skills related to web/mobile apps can be well leveraged in my future carrier. 

Network Travel - Ping and Traceroute

Today I pinged and ran a traceroute on three websites:  

• Google.com - the recommended test, a US company. 
• CTRIP.com - a Chinese company I learned about in my last class. 
• Restaurant-les-impressionnistes.com - Frech business I found by zooming into France on Google maps.  

 Summary Table of results:

	Google.com	CTRIP.com	https://restaurant-les-impressionnistes.com/
Country	USA	China	France
Ping: Round Trip min-max	14 ms - 17 ms	240 ms - 244 ms	163 ms - 185 ms
Ping: Packet Loss	0%	0%	0%
Traceroute: Hop Count	11	25	21
Traceroute: Failed Hops	7 (out of 33)	29 (out of 75)	23 (out of 63)

Immediately noticeable is that the USA company had a faster round trip time and fewer hops, the French company was second, and the Chinese company had the highest round trip time and most hops according to the ping and traceroute. The two international traceroutes had a pair of matching IP addresses as intermediary steps showing that the routing started very similarly for these two. This demonstrates to me that there is a general connection between distance and response time when using the internet. 

Ping and traceroute can be helpful in determining a point of failure. If the troubleshooter is familiar with what the results of these two tests are in an ideal situation, they can better identify the breakpoint by comparing current results (Radware, n.d). For example, with ping. If the ping round trip to Google.com was unusually high, there may be an issue with the user's internet. For the traceroute, if I know that there are supposed to be 25 hops, but I stop getting results after the 11th, the point of failure could be the transition between hops 11 and 12. 

One of the things that strikes me as I work on progressing from just an internet user to someone who is trying to understand the internet is just how physical the digital landscape is. We use cell phones and other wireless devices all the time, basking in the mobility and convenience of it all, but just one or two network steps away is very physical hardware that exists and interacts with the real world. Wifi connects to routers, connect to modems, connect to ISP, connects to other ISP around the world, connects to the destination modem, then router, then the relevant target computer or server, just to send a response back the way it came. Packets of data - snippets of the information the user wants to send packaged with destination, source, and other relevant information, travel back and forth on this path all faster than we can comprehend (Vahid & Lysecky, 2019). 

 

Vahid, F., & Lysecky, S. (2019). Computing technology for all. zyBooks.

Radware. (n.d.) What is a Ping of Death (PoD) Attack? https://www.radware.com/security/ddos-knowledge-center/ddospedia/ping-of-death/#:~:text=A%20Ping%20of%20Death%20(PoD)%20attack%20is%20a%20form%20of,memory%20errors%20and%20system%20crashes