Network Intrusion: How it happens and how to prevent it

Network Intrusion: How it happens and how to prevent it

A properly designed and deployed network intrusion detection system will help keep out unwanted traffic. However, it does help for defenders to have a general understanding of the types of attacks hackers use to steal data and absorb network resources so businesses can be sure they are properly protected.

Worms, which are a type of virus, are any computer code intended to replicate itself without altering authorized program files. A worm has the ability to copy itself from machine to machine. Worms use up computer processing time and network bandwidth when they replicate, and often carry payloads that do considerable damage. A worm usually exploits some sort of security hole in a piece of software or the operating system.

Trojan horses, a form of malware, do not replicate like worms; instead worms spread through email attachments or the Internet Relay Chat (IRC) protocol. Trojans can instigate a DDoS attack, data theft or other network harm. Trojans often employ a form of social engineering to persuade victims to install them on their computers. This often happens when an e-mail attachment disguised to be suspicious is unwittingly downloaded by a user. Some Trojans take advantage of a security flaw in older versions of web browsers.

Traffic Flood Attack
A flood attack is a type of DDoS attack initiated by sending a large number of UDP packets to random ports on a remote host, which results in traffic loads too heavy for the system to adequately screen. This attack can be managed by deploying firewalls at key points in a network to filter out unwanted network traffic. The potential victim never receives and never responds to the malicious UDP packets because the firewall stops them.

Buffer Overflow Attacks
Buffer overflow attacks are another form of DDoS attack that attempts to overwrite specific sections of computer memory within a network, replacing normal data in those memory locations with a set of commands that will later be executed as part of the attack, often a DDoS attack. Sometimes the intent is to gain remote access to the network.

Protocol Attacks or Spoofing
Application protocols, which tell devices how to perform network activities, may inadvertently leave openings for network intrusions. Protocol-specific attacks can easily compromise or even crash targeted devices on a network.

It is not necessary to for a business leader to completely digest all the technicalities behind a network attack, however it is very important that steps are taken to protect the network from vulnerabilities like those listed above. Sometimes defense can be a simple as a firewall, other types of attacks may require a more robust solution.

ACE IT Solutions has a full menu of cyber security solutions that can be customized to meet the needs of any size business and any budget. Contact us for a free security assessment and we will help you understand your security posture and the steps you can take to protect your network, your data and your client’s personal information.