Measures it Can Take to Secure a Company's Network from Computer Hakers

In the business environment today technology is the backbone of just about every business's operations. In order to best serve and protect the customers and employees, IT Managers must remain current on all issues and options involving security measures. There are some more basic items that any IT manager can address to ensure basic levels of protection from hackers and outside intruders.

Password Management

IT managers need to conduct periodic revisions of passwords, including password which employees use on their own PCs. Making sure that chosen passwords are strong and not easy for an outside to guess is one aspect, and the periodic changing of the passwords as well as a process which locks a user out after a certain number of incorrect attempts to login. This would ensure that brute force attacks, in which a hacker attempts every possible password is easily used to exploit machines which simple passwords. The passwords for all customers and employees are held by IT Managers in database called a password table. This table should be encrypted using salted hash. This specific type of hashing (obscuring the password with a random alphanumeric value before it is stored in the password table) produces a random array of characters created and assigned to a user name's password before hashing it (Leon, 2009). If this extra measure is not taken any hacker can use what is called a "rainbow table" which is a list of precompiled hashed values of thousands of words in order to crack the password. One popular rainbow table, called Ophcrack, is a well known tool to crack passwords and easily available on the internet. If the passwords are hashed and salted, then only the user knows the password, and even the system administrator will only have the hashed value of the user's password (Leon, 2009). Additionally, encrypting customer data as well as segregating data, deleting old and unused accounts, and making separate networks is a good measure to mitigate the risk of the damage hackers can create hacking into one system.

Another measure that most businesses should take is using multi-factor authentication for customers logging into their server. Most businesses employ the use of a user name and password that must be entered, but additionally using another measure, such as displaying a token the customer posses, is an additional step to keeping intruders out (Zetter, 2009).

Protecting Wi-Fi

Installing a secure wireless router that supports encryption and conceals ones' identity is vital to protecting networks from hackers. There are simple measures one can take such as choosing a safe router name. Many people erroneously name their routers on the server after the brand of the router allowing outsiders the ability to determine how to best hack into the network. Another common mistake is to name the router in a way which reveals one's identity. Changing the router's factory default password as well as not broadcasting the SSDI (service set identifier) are additional basic measures. You can further enhance the security by limiting access to the network using MAC (Media Access Control) and filtering only approved addresses of PCs entered in by IT (Leon, 2008). One was to trick or frustrate a hacker is to set up what is called a "honey pot" that is a fake router which is not connected to any computers.

Combating Malicious Code

The most common types of viruses are warms and Trojans that contain malicious codes accidentally installed by the user. One theory on how to secure a network from these types of threats is using the analogy that a network has immunity that is similar to a human being's immunity. Much like humans receive vaccinations from diseases, computers have network defense systems and are infected with "ethical anti-worms" which contains an opposite version of the same self-replication as the bad worm, or malicious code (Toutonji, et al., 2009). This anti-worm spreads through the network and overcomes the bad worm.

This theory also advocates the use of passive network immunity in conjunction with the active network immunity. Passive immunity are measures most people are already familiar with like installing antivirus software, downloading update patches, using firewalls, and blocking arbitrary outbound connections.

Fighting distributed denial of service attacks

The most commonly used tactic, DDOS attacks, floods a networks' bandwidth with artificial activity stretching networks to their capacity. One thought process to eliminate this issue is to eliminate the conditions which need to exist in order to allow DDOS networks to occur. This requires vulnerability assessment tools, network penetration tests by third parties, and validation mechanisms against malicious codes. The use of a DDOS container enables the network to inspect all passing packets and blocks DDOS attacks in real time. The container both defects and prevents these attacks from occurring by archiving all attacks as a means of intelligence gathering. It is vital for IT Managers to have a log of all activity conducted on the network, both approved and unapproved access. The main objective of a container is to overcome the deficiencies of existing approaches. It enables the IT staff to inspect network traffic and conduct behavior analysis of typical traffic. Knowing this type of information makes it easier to detect DDOS traffic and other unsavory activities. (Chen et als., 2006).

Legal Means

Although the law is still very much developing when it comes to cybercrimes and prosecuting international cyber criminals, it is vital to stay on top of this growing body of statutory law and bother the federal and state level. In the US at least, cybercrimes can and should be prosecuted at both the criminal and civil level. The U.S. Computer Fraud and Abuse act was created in 1986 for government networks and later extended to include the public sector in 1996 (Davis, 2003). The law criminalizes any act which undermines the confidentiality, integrity, and availability of data. The most important thing an IT Manager can do in order to properly seek justice from hackers and cybercriminals is to saving all data which can be presented in court as evidence. This reinstates the importance of logging activity. While the international nature of many of these crimes backs seeking justice frustrating, they should still be reported in order to increase worldwide intelligence on new and upcoming threats to IT.

References

Chen, Z., Chen, Z., & Delis, A. (2007). An inline detection and prevention framework for distributed denial of service attacks. The Computer Journal, 50(1). Retrieved October 18, 2009, from the ProQuest database.

Davis, J. B. (2003). Cybercrime fighters. ABA Journal, 89, 36. Retrieved October 18, 2009, from the ProQuest database.

Leon, J. F. (2009). Password management strategies for safer systems. Journal of Accountancy, 208(1), 54. Retrieved October 18, 2009, from the ProQuest database.

Leon, J. F. (2008). Protect your wireless network-and your business. Journal of Accountancy, 206(5), 88. Retrieved October 19, 2009, from the ProQuest database.

Toutonji, O., & Yoo, S. (2009). An approach against a computer worm attack. International Journal of Communications Networks and Information, 1(2), 47. Retrieved October 20, 2009, from the ProQuest database.

Zetter, K. (2009, September 4). Court allows woman to sue bank for lax security after $26,000 stolen by hacker. Wired. Retrieved October 20, 2009, from http://www.wired.com/threatlevel/2009/09/citizens-financial-sued/