Network Security The Real Vulnerabilities

Network Security The Real Vulnerabilities



Network Security – the​ Real Vulnerabilities
Scenario: You work in​ a​ corporate environment in​ which you are, at​ least partially, responsible for​ network security .​
You have implemented a​ firewall, virus and​ spyware protection, and​ your computers are all up to​ date with patches and​ security fixes .​
You sit there and​ think about the​ lovely job you have done to​ make sure that you will not be hacked .​
You have done, what most people think, are the​ major steps towards a​ secure network .​
This is​ partially correct .​
What about the​ other factors?
Have you thought about a​ social engineering attack? What about the​ users who use your network on a​ daily basis? Are you prepared in​ dealing with attacks by these people?
Believe it​ or​ not, the​ weakest link in​ your security plan is​ the​ people who use your network .​
For the​ most part, users are uneducated on the​ procedures to​ identify and​ neutralize a​ social engineering attack .​
What’s going to​ stop a​ user from finding a​ CD or​ DVD in​ the​ lunch room and​ taking it​ to​ their workstation and​ opening the​ files? This disk could contain a​ spreadsheet or​ word processor document that has a​ malicious macro embedded in​ it .​
The next thing you know, your network is​ compromised .​
This problem exists particularly in​ an​ environment where a​ help desk staff reset passwords over the​ phone .​
There is​ nothing to​ stop a​ person intent on breaking into your network from calling the​ help desk, pretending to​ be an​ employee, and​ asking to​ have a​ password reset .​
Most organizations use a​ system to​ generate usernames, so it​ is​ not very difficult to​ figure them out.
Your organization should have strict policies in​ place to​ verify the​ identity of​ a​ user before a​ password reset can be done .​
One simple thing to​ do is​ to​ have the​ user go to​ the​ help desk in​ person .​
The other method, which works well if​ your offices are geographically far away, is​ to​ designate one contact in​ the​ office who can phone for​ a​ password reset .​
This way everyone who works on the​ help desk can recognize the​ voice of​ this person and​ know that he or​ she is​ who they say they are .​
Why would an​ attacker go to​ your office or​ make a​ phone call to​ the​ help desk? Simple, it​ is​ usually the​ path of​ least resistance .​
There is​ no need to​ spend hours trying to​ break into an​ electronic system when the​ physical system is​ easier to​ exploit .​
The next time you see someone walk through the​ door behind you, and​ do not recognize them, stop and​ ask who they are and​ what they are there for​ .​
If you do this, and​ it​ happens to​ be someone who is​ not supposed to​ be there, most of​ the​ time he will get out as​ fast as​ possible .​
If the​ person is​ supposed to​ be there then he will most likely be able to​ produce the​ name of​ the​ person he is​ there to​ see .​
I know you are saying that I​ am crazy, right? Well think of​ Kevin Mitnick .​
He is​ one of​ the​ most decorated hackers of​ all time .​
The US government thought he could whistle tones into a​ telephone and​ launch a​ nuclear attack .​
Most of​ his hacking was done through social engineering .​
Whether he did it​ through physical visits to​ offices or​ by making a​ phone call, he accomplished some of​ the​ greatest hacks to​ date .​
If you want to​ know more about him Google his name or​ read the​ two books he has written .​
It’s beyond me why people try and​ dismiss these types of​ attacks .​
I​ guess some network engineers are just too proud of​ their network to​ admit that they could be breached so easily .​
Or is​ it​ the​ fact that people don’t feel they should be responsible for​ educating their employees? Most organizations don’t give their IT departments the​ jurisdiction to​ promote physical security .​
This is​ usually a​ problem for​ the​ building manager or​ facilities management .​
None the​ less, if​ you can educate your employees the​ slightest bit; you may be able to​ prevent a​ network breach from a​ physical or​ social engineering attack.




Related Articles:




Powered by Blogger.