Top 10 Information Security Threats Every IT Pro Should Know
- select the contributor at the end of the page -
Information security threats are a problem for many corporations and individuals. Viruses, worms, Trojans, and spam are ubiquitous, but they are just the tip of the iceberg. Other common information security threats include privilege escalation, spyware, adware, rootkits, botnets, and logic bombs. Learn about 10 common security threats you should be aware of and get tips for protecting your sensitive data. Courses and certifications are available to help IT professionals stay up to date on current trends in cyber security.
Top 10 Security Threats Every IT Pro Should Know
Over the past decade, the number of information security threats has soared. As IT professionals scramble to stay abreast of the latest challenges in securing their environments, they must navigate an increasingly complicated playing field.
New terminology has developed, further adding to the confusion. It is not uncommon for some to use words like “worm” and “trojan” interchangeably these days.
What Constitutes a System Security Threat?
Definitions vary, but in the most general sense, a system information security threat is a malicious event or action targeted at interrupting the integrity of corporate or personal computer systems. The motivation is to compromise data for the purposes of exploitation.
There are two main types of data at risk. The first is sensitive information, such as credit card information, passwords or contact lists. The other is information that might interest advertisers, like your Internet browsing habits.
Top 10 Security Threats
What are the specific security threats that you should be aware of as an It professional? Here's a list of the top 10 security threats you need to know about to keep yourself and your clients safe from hackers and viruses.
1. Privilege Escalation
Privilege escalation occurs when an attacker exploits weaknesses within a system in order to gain access to unauthorized actions and information.
In some cases, an attacker will begin with limited access and look for ways to increase their capabilities within the system. They look for flaws and vulnerabilities in the software or use shady skills to get past security.
In other cases, a system may have already granted general access to many or all users, which is unsafe and unnecessary. Those looking for sensitive information don’t have to put much effort into breaching minimal protective measures. A good rule of thumb is that if someone doesn’t need to have access to information or processes within a system, they shouldn’t have it.
Horizontal Privilege Escalation occurs when someone uses an account that belongs to someone else and misuses it.
Vertical Privilege Escalation uses an existing account that has been compromised, such as a general user account, and then obtains increased authority, like those of an administrator.
The term "virus" has been used as a catch-all phrase for many technology-based security threats. Essentially, a virus is a computer program that, like a medical virus, has the ability to replicate and infect other computers. Viruses are transmitted over networks or via USB drives and other portable media.
A worm is a specific type of virus. Unlike a typical virus, it's goal isn't to alter system files, but to replicate them so many times that it consumes hard disk space or memory. Worm victims will notice their computers running slower or crashing.
Trojan horses, commonly referred to as Trojans, are programs that masquerade as normal, safe applications, but their mission is to allow a hacker remote access to your computer. In turn, the infected computer can be used as part of a denial of service attack and data theft can occur.
A particularly nasty Trojan is a keystroke logger that can be used to capture passwords, credit card numbers, and other sensitive information.
Spyware usually invades computers through software downloads. Shareware and freeware downloads, in addition to peer-to-peer file sharing are typical infection points. Like Trojans, spyware can pilfer sensitive information, but they are often used as advertising tools as well. The intent is to gather a user's information by monitoring Internet activity and transmitting that to an attacker.
Some view spam is more of an annoyance than a threat. Still, legislation like the CAN-SPAM Act has been enacted to help combat the problem, so that view may not hold weight with many others. Spam is unsolicited junk mail. It comes in the form of an advertisement, and in addition to being a time waster, has he ability to consume precious network bandwidth.
Adware, short for “advertising supported software” is similar to spyware in that it is used to observe a user's internet browsing habits. However, the purpose of Adware is to determine the type of ads a user may be most likely to view or interact with. It automatically generates target-specific ads in order to bring in revenue for the person or company that created it. It is generally directed at individuals rather than companies and is often unwanted, since it monitors, records, and uses your online activity for promotional purposes.
Rootkits are some of the most difficult to detect because they are designed to conceal their existence from the owner of the computer or system. They are activated when your system boots up -- before anti-virus software is started and provide administrative access to a remote, unauthorized user. Rootkits allow the installation of files and accounts for the purposes of intercepting sensitive informatio
A botnet is a group of computers that have been synced together to carry out a specific function. A botnet is not always a bad thing, but this type of technology can be used for negative outcomes, making it another important information security threat to be aware of.
There are a couple of ways you may be at risk for becoming part of a bad botnet. The first is when a program searches the internet for weak spots in security and enters automatically. The second way is by downloading programs that contain a Trojan horse, which links your computer, phone, or other device to the network created by the botnet.
Once the bot takes control, it can launch an IRC (Internet Relay Chat) client, and join a chat room in order to spam and launch denial of service attacks. It can also be used to create fake traffic on other websites in order to turn a profit, make changes to ads that show up in your browser, and generate pop-ups informing you of a problem and asking you to pay to have it removed.
10. Logic bomb
You may have also heard the term "slag code" to refer to logic bombs. They are bits of code added to software that will set off a specific function. Logic bombs are similar to viruses in that they can perform malicious actions like deleting files and corrupting data.
How to Arm Yourself Against These Threats
The list of system information security threats is extensive and growing. A defense strategy that includes anti-virus software, system patching and timely software updates are key to combating the problem. For system administrators and end-users alike, understanding the differences between these threats is the first step towards being able to eradicate them.
The SANS Institute publishes a list of top security threats that will help keep you up-to-date.
For an IT professional, it is also helpful to keep up on education and certifications. Take a course to brush up on security threat knowledge, advance your career, or simply to learn more about staying safe on the internet as an individual or corporation.
Gain hands-on experience, learn at our own pace, and keep up with current trends and threats by taking a course or earning a certification. Learn more about how you can protect your organization from information security threats with these top cyber security courses.