The Power of Knowledge Against Hackers

Without a doubt, hackers are very persistent and that they have the advantage against their victims. However, hackers are still human and if we are aware of their methods, then it is possible to defend the sensitive data of the company. The knowledge on how the company can defend their data could possibly deter any future attacks. If the companies could determine how hackers work, then they could make the right countermeasures against them.

The bright minds behind the maintenance and security of company networks are familiar with DDoS attacks, spear phishing and also defacements on company websites. They have a clear understanding about some methods of hackers such as foot-printing and others that are used in stealing important data. In fact, they are aware the danger hackers pose; a risk of losing millions of dollars that could damage the company’s reputation and economical structure. Thus it is important to have knowledge and of course action.

Security Information and Event Management

There are some indispensable tools that could determine how serious or severe the real-time threats in the network of the company are. These are the Security and Event Management software and they work round the clock, providing the latest reports regarding the activities in the system and these could assist those responsible for network security.  These tools will report events, such as the alerts regarding the TCP port scan on firewalls, suspicious anomalies on the system as well as the intrusions. All of these reports will be passed to those responsible individuals like those masters degree in information security graduates who will take action.

SIEM can even detect suspicious activities with their employees. For example the company has a swipe ID card system used for identification and an employee entered the business premises after regular business hours and the same identification is used to enter other facility miles away. SIEM can surely tell that something is really off like the ID was cloned and used unknowingly by the owner of the ID. Such events will be detected in short notice and it can be used to investigate on what happened.

Intrusion Detection

We know the importance of security cameras on company premises and on how they can help the security of the company. Intrusion detection systems work the same way and the only difference is that they keep watch on the network of the company. If security cameras watch the people going in and out inside the company premises, IDS will inspect any network activity, whether it is inbound or outbound. These systems can catch hackers or even disgruntled employees, which will automatically lead to the cut-off of the access to the network system of the company and alert the ms in information security officials.

Basically, there are two types of IDS; the Network-based and host-based. Network-based is responsible for the network, while the host-based examines the desktops of employees. Furthermore, these types of IDS are divided in 2 types the passive system that detects problems and signals and alert; the reactive system that reacts to any suspicious activities and shutting down or logging off the user. Sometimes, IDS can reprogram firewall to deter intrusions.

Sharing the Knowledge

Companies may choose one strategy over the other to deter hackers, but it can still suffer attacks from hackers. Even if the attack has been discovered and investigations take place, it would be too late since the hacker has erased all his presence and is hidden.

However, security officials of a company may have knowledge upon certain knowledge against certain cyber attacks and one could have knowledge against another one. Then it would be much better to pool their knowledge together and share the information they have to different companies as well. This can be called sharing or intelligence sharing and it is to gather and collect as much data and information against such attacks. Together, companies can learn more against hackers and make better defenses for their networks.

Security officials of companies believe the importance of information gathering and intelligence sharing, since hackers are getting more and more persistent and they have the advantage against their victims. In fact, most masters degree information security graduates and security experts believe that sooner or later, companies who haven’t experienced being hacked must prepare themselves against potential attacks and join the sharing of information.

It is important to share the knowledge between companies so that they are always prepared and ahead against attackers.

EC-Council University is a licensed university that offers degrees and master’s degrees on Security Science online. The degrees are recognized worldwide and may be used in any employment worldwide as well as the graduate certificates that they offer. With excellence and dedication as the core values, many professionals and degree holders have benefited from undergoing the programs in this university.

More information about master’s degrees in information security available at www.eccuni.us

It’s a Matter of Privacy

Everyday people make compromises to their privacy and some of us do not have as much privacy as we really want. You may not be a celebrity, but the moment you woke up in the morning your privacy could be compromised. Why? It is because some Android Phones have GPS enabled on the phone so any of the widgets installed on it could possibly know your geo location.

A recent study from master’s degree in information security experts have reviewed 30 regular phone widgets and half of them are gathering the user’s geo location information and sending it to advertising servers. Seven of those send phone identifier info’s – phone number and the SIM card’s serial number to the developers.

Unlike the widgets of Android Phones,Foursquare application of other phones doesn’t track the location of the person all the time. The person must update his location; personally checking in. However, this doesn’t mean that another person cannot use the same system to check on other persons.

Even some cars could be used to track you down. For example the OnStar system of recent car models, which can track the cars geo location anytime and anywhere. It also gathers diagnostic information such as the speed of the vehicle. That information was shared to authorities, credit card companies and others. It may sound agreeable, but it could be used by others who have other plans in their mind.

As a person drives downtown, he or she could be monitored by traffic light cameras. Although, one could be photographed only when beating the red light; the idea of cameras monitoring you while driving isn’t exactly heartwarming. In parking garage, there are cameras mounted above each ticket dispensers and from that distance and angle, the camera could capture clear images of the license plate as well as the face of the person.

When it comes to free internet access on establishments with wireless networks, a person could be at risk with wireshark or perhaps fireshark. Any person who has vile intent can use the wireshark to sniff any wireless packets and steal cookies or any other information. For example, if a person logs into his or her Facebook, they can steal the person’s authentication cookies and use the person’s Facebook account –impersonating the person.

Facial recognition technologies could be a heaven for stalkers.  For example, the Augmented ID system makes it possible for a person to capture a photo of someone using the phone. The application will then search its database for any matching face. This software will then identify the person and their social accounts using their pictures only.

A person doesn’t need to become a master’s degree information security expert just to understand the danger of credit card purchases to the privacy of an individual. In some purchases using credit cards, store clerks will ask for the person’s zip code. Together with the credit card information and the name and address, anyone could easily use the information to target the person. There are others who shop at grocery stores using credit cards; when paying for the purchase, the person has to put their fingers on the fingerprint reader to register that data together with the credit card info on the stores database. Thus the store will have all the records regarding the purchase, name and address of the person aside from credit card details.

A person could be tracked using Facebook with the location services offered by the social network. If left by default, anyone could know where the person has been; where he or she is now or where he or she is going. This geo location is completely voluntary just like Foursquare. The person has control over it; he or she can define who can access and view the information. If a person will leave his or her viewable information public, then he or she is saying that I am willing to be followed or stalked all the time.

Some privacy concerns can be small while some can be larger; it is a matter of personal preference.The concern of every ms in information security expert is that most people are unknowingly making compromises on their own privacy. In fact, some are losing their prized privacy everyday.

EC-Council University is a licensed university that offers degrees and master’s degrees on Security Science online. The degrees are recognized worldwide and may be used in any employment worldwide as well as the graduate certificates that they offer. With excellence and dedication as the core values, many professionals and degree holders have benefited from undergoing the programs in this university.

More information about master’s degrees in information security available at www.eccuni.us