Page 55 - CITS - Computer Software Application -TT
P. 55
COMPUTER SOFTWARE APPLICATION - CITS
Intrusions and Viruses, Firewalls, Intrusion Detection
What are Intrusions?
Intrusions, also known as security breaches or cyberattacks, occur when unauthorized individuals or entities
gain access to computer systems, networks, or data without permission. These intruders may have malicious
intent, such as stealing sensitive information, disrupting services, or causing damage. Detecting and preventing
intrusions is a critical aspect of maintaining the security and integrity of digital systems.
Types of Intrusions
1 External Intrusions
2 Internal Intrusions
1 External Intrusions: External intrusions, also known as external cyberattacks or external security breaches,
refer to unauthorized access and malicious activities initiated by attackers from outside an organization’s
network or systems. These intrusions can target a wide range of entities, including businesses, government
agencies, and individuals. The goal of external intrusions is often to compromise data, steal sensitive
information, disrupt services, or cause damage to the targeted organization.
• Brute Force Attacks: A brute force attack is a cybersecurity attack method in which an attacker attempts
to gain access to a system, network, or account by systematically trying all possible combinations of
passwords or encryption keys until the correct one is found. This method relies on the attacker’s ability to
automate the process of trying numerous combinations quickly and efficiently.
• Denial of Service (DoS) Attacks: Attackers overwhelm a system with excessive traffic or requests, causing
it to become unavailable.
• Phishing: Attackers use deceptive emails or websites to trick users into revealing sensitive information,
such as login credentials.
2 Internal Intrusions: Internal intrusions, also known as insider threats, occur when individuals with authorized
access to an organization’s systems, networks, or data misuse their privileges for malicious purposes. Unlike
external intrusions, which involve attackers from outside the organization, internal intrusions involve individuals
who are already part of the organization. These individuals could be employees, contractors, partners, or
anyone with legitimate access to the organization’s resources.
Internal intrusions can be particularly damaging due to the insider’s familiarity with the organization’s systems,
processes, and sensitive information. There are two main categories of insider threats:
• Malicious Insiders: These are individuals who intentionally misuse their access for personal gain, harm the
organization, or engage in activities that are against the organization’s interests. Motivations for malicious
insiders can include financial gain, revenge, ideology, or a desire to sell sensitive information.
• Negligent Insiders: Negligent insiders are individuals who unintentionally cause security breaches due
to carelessness, lack of awareness, or inadequate training. They might inadvertently share sensitive
information, click on phishing emails, or mishandle data.
42
CITS : IT&ITES - Computer Software Application - Lesson 01-17