Page 55 - CITS - Computer Software Application -TT
P. 55

COMPUTER SOFTWARE APPLICATION - CITS

            Intrusions and Viruses, Firewalls, Intrusion Detection



           What are Intrusions?
           Intrusions, also known as security breaches or cyberattacks, occur when unauthorized individuals or entities
           gain access to computer systems, networks, or data without permission. These intruders may have malicious
           intent, such as stealing sensitive information, disrupting services, or causing damage. Detecting and preventing
           intrusions is a critical aspect of maintaining the security and integrity of digital systems.
           Types of Intrusions

            1  External Intrusions
            2  Internal Intrusions

























           1  External Intrusions: External intrusions, also known as external cyberattacks or external security breaches,
              refer  to  unauthorized  access  and  malicious  activities  initiated  by  attackers  from  outside  an  organization’s
              network or systems. These intrusions can target a wide range of entities, including businesses, government
              agencies,  and  individuals.  The  goal  of  external  intrusions  is  often  to  compromise  data,  steal  sensitive
              information, disrupt services, or cause damage to the targeted organization.
              •  Brute Force Attacks: A brute force attack is a cybersecurity attack method in which an attacker attempts
                 to  gain  access  to  a  system,  network,  or  account  by  systematically  trying  all  possible  combinations  of
                 passwords or encryption keys until the correct one is found. This method relies on the attacker’s ability to
                 automate the process of trying numerous combinations quickly and efficiently.
              •  Denial of Service (DoS) Attacks: Attackers overwhelm a system with excessive traffic or requests, causing
                 it to become unavailable.
              •  Phishing: Attackers use deceptive emails or websites to trick users into revealing sensitive information,
                 such as login credentials.
           2  Internal Intrusions: Internal intrusions, also known as insider threats, occur when individuals with authorized
              access to an organization’s systems, networks, or data misuse their privileges for malicious purposes. Unlike
              external intrusions, which involve attackers from outside the organization, internal intrusions involve individuals
              who are already part of the organization. These individuals could be employees, contractors, partners, or
              anyone with legitimate access to the organization’s resources.
              Internal intrusions can be particularly damaging due to the insider’s familiarity with the organization’s systems,
              processes, and sensitive information. There are two main categories of insider threats:
              •  Malicious Insiders: These are individuals who intentionally misuse their access for personal gain, harm the
                 organization, or engage in activities that are against the organization’s interests. Motivations for malicious
                 insiders can include financial gain, revenge, ideology, or a desire to sell sensitive information.
              •  Negligent Insiders: Negligent insiders are individuals who unintentionally cause security breaches due
                 to  carelessness,  lack  of  awareness,  or  inadequate  training.  They  might  inadvertently  share  sensitive
                 information, click on phishing emails, or mishandle data.



                                                           42

                              CITS : IT&ITES - Computer Software Application - Lesson 01-17
   50   51   52   53   54   55   56   57   58   59   60