As technology evolves in the world, personal information becomes more and more used saved, and accessible on technological devices. However, this information is very personal that can lead to distress in an individual’s life if this information is stolen and can cause many issues for that individual. Most of the time the person’s information is sold on the black web, which is the part of the internet where users are anonymous and untraceable, this leading to illegal activities, like an impersonation of identities, credit card, and debit card information being stolen, bank account information could be stolen, there are so many different outcomes that can be devasting when a system becomes hacked. As Vahid & Lysecky (2017) explains, “a malicious breach done by unauthorized access” (Section 8.1, para. 1). Hacks are what are some of the leading causes for personal information being stolen. One kind of hack that can occur from the ping command that we use to establish if there is a connection available between your computer and the server is an overload of pings to a server to deny their service this is also known as a "DDoS" attack or also known as Denial of Service attack. What this attack does is the server that is being threatened by the overwhelming amounts of ping requests is to turn off the victim's server to shut down their network. The likelihood of successfully shutting down a network or computer using a DDoS attack by a single person is unlikely, however, if someone were to use a Botnet then the success rate would be significantly increased. Botnets in other words a large number of networks that have been hijacked and controlled remotely by the hacker, the botnet then controls every command on all of these systems, putting this into effect by using the ping command and sending all of the transacting ping echoes towards that computer or server would most likely cause it to fail and shut down. I will be further expressing two other hacks that are possible security risks for users and businesses, these are known as phishing and password cracking.
Different technology devices are vulnerable to all kinds of different threats. Vahid & Lysecky (2017), explains “phishing is an internet scam that baits a user to share sensitive information like a password or credit card number” (Section 8.4, para. 1). These types of hacks are very critical to keep attention to, as they can lead to the most devasting loss of financial information and other sensitive information like social security numbers. The reason why technology is so vulnerable to this type of threat is that a lot of these threats come in from an email that is created to look like an actual representation of the website that a user may have data stored on. A prime example that a lot of people have data stored would be websites like Netflix or Amazon. An email would be sent to a user’s personal email, and it would request to click on a link to bring the user to a website that looks like Netflix’s official website where a user would input a username and password, this actually sends the information to the creator of this falsified website to steal the account information. This being on the lower-tiered scams, however, this exact method could create even larger issues if an email were sent as a banking email, where the user could put their bank account information and password. As Jensen et al. (2017) expresses, “the U.S. Federal Bureau of Investigation posted a warning in April 2016 that it received reports from more than 17,000 victims, which accounted for $2.3 billion in losses” (2017). This expressing how dangerous phishing can be to everyone, it can result in a very bad financial loss, that most likely could never be traced back to the original developer of the phishing links or programs. A few recommendations that would help prevent such breaches of privacy to occur would be to not click on links in emails sent to a user’s personal email that they did not request from websites. Also, another recommendation would never submit personal information on a website that is not well known or reputable, as these websites can also just be scamming websites to steal your information. This also leads to another computer breaching threat is known as password cracking.
Password cracking is a leading cause of user accounts being compromised and accessed, notoriously used on emails and other personal accounts. A password cracking software is designed to recover a lost password, it may not be as malicious as it sounds, however, this can lead to accessing accounts without user authorization, thus, leading down a path of personal information being stolen, through emails and other means necessary. Shi et al. (2021) expresses, “strong passwords are always hard to remember, so it is not surprising that users often create easy-to-guess passwords for convenience, which puts password-based authentication systems in a high-risk situation (para. 1). This indicating that passwords should be hard to establish, even for software that exists that enables password brute force, thus enabling software to continue writing random characters on an account to access the account eventually. This may seem like a time-consuming process which it is, however, eventually access will be granted to the account and that is where the threat has begun establishing their illegal activity. There are a few different ways to prevent this from occurring, one recommendation is to create a password that is entirely random and write down a copy of it somewhere safe, maybe on a piece of paper and hidden away. Another recommendation to prevent password cracking is to have a user change their password frequently, this way, even if a program was trying to establish a connection to the account using brute force technology, will continue to keep failing.
After establishing what phishing and password cracking is, computer threats still lurk, and not one person is entirely safe from them, however, with the recommendations that were presented within this paper, the possibilities of having phishing or password cracked, should be minimal. There will always be some sort of computer breach no matter how hard the user attempts to protect themselves, practicing good fundamental knowledge of cybersecurity will help prevent any negative outcomes that may arise. Doing so will help prevent personal information from being found on the dark web or being sold to others for illegal purposes.
References
Himawan Pramaditya. (2017). Brute Force Password Cracking Dengan Menggunakan Graphic Processing Power. Jurnal Teknologi Dan Manajemen Informatika, 2(1). https://doi-org.proxy-library.ashford.edu/10.26905/jtmi.v2i1.615
Jensen, M. L., Dinger, M., Wright, R. T., & Thatcher, J. B. (2017). Training to Mitigate Phishing Attacks Using Mindfulness Techniques. Journal of Management Information Systems, 34(2), 597–626.
Shi, R., Zhou, Y., Li, Y., & Han, W. (2021). Understanding Offline Password-Cracking Methods: A Large-Scale Empirical Study. Security & Communication Networks, 1–16.
No comments:
Post a Comment