There are four primary classes of threats to network security
,
:
-
Unstructured threats
Unstructured threats consist of mostly
inexperienced individuals using easily available hacking tools such as shell
scripts and password crackers
. Even
unstructured threats that are only executed with the intent of testing and
challenging a hacker’s skills can still do serious damage to a company. For
example, if an external company Web site is hacked, the integrity of the
company is damaged. Even if the external Web site is separate from the internal
information that sits behind a protective firewall, the public does not know
that. All the public knows is that the site is not a safe environment to
conduct business.
-
Structured threats
Structured threats come from hackers that are
more highly motivated and technically competent. These people know system
vulnerabilities, and can understand and develop exploit-code and scripts. They
understand, develop, and use sophisticated hacking techniques to penetrate
unsuspecting businesses. These groups are often involved with the major fraud
and theft cases reported to law enforcement agencies.
-
External threats
External threats can arise from individuals or
organizations working outside of a company. They do not have authorized access
to the computer systems or network. They work their way into a network mainly
from the Internet or dialup access servers.
-
Internal threats
Internal threats occur when someone has
authorized access to the network with either an account on a server or physical
access to the network. According to the FBI, internal access and misuse account
for 60 to 80 percent of reported incidents.
As the types of threats, attacks, and exploits have evolved, various
terms have been coined to describe different groups of individuals. Some of the
most common terms are as follows:
-
Hacker – Hacker is a general term that has historically been used to
describe a computer programming expert. More recently, this term is commonly
used in a negative way to describe an individual that attempts to gain
unauthorized access to network resources with malicious intent.
-
Cracker – Cracker is the term that is generally regarded as the more
accurate word that is used to describe an individual that attempts to gain
unauthorized access to network resources with malicious intent.
-
Phreaker – A phreaker is an individual that manipulates the phone
network in order to cause it to perform a function that is normally not
allowed. A common goal of phreaking is breaking into the phone network, usually
through a payphone, to make free long distance calls.
-
Spammer – A spammer is an individual that sends large quantities of
unsolicited email messages. Spammers often use viruses to take control of home
computers in order to use these computers to send out their bulk messages.
-
Phisher – A Phisher uses email or other means in an attempt to trick
others into providing sensitive information, such as credit card numbers or
passwords. The Phisher will masquerade as a trusted party that would have a
legitimate need for the sensitive information.
-
White hat – White hat is a term used to describe individuals that
use their abilities to find vulnerabilities in systems or networks, and then
report these vulnerabilities to the owners of the system so that they can be
fixed.
-
Black hat – Black hat is another term for individuals that use their
knowledge of computer systems to break into systems or networks that they are
not authorized to use.