Log in / Register
Home arrow Computer Science arrow The InfoSec Handbook
< Prev   CONTENTS   Next >

What if You Do Not Care About Security?

If you think you don't need to care about information security, you are creating more risk than you bargained for. With advanced technologies at the disposal of many people, it is only a matter of time until you are robbed or your reputation is tarnished. Hence, at this time, no person or entity can ignore or take its own security lightly, making it hard to sleep at night! For example, you could find that if you doze off, and ten minutes have passed, your debit card could be stolen by someone and already, all the money in your account could be swindled by someone. Maybe your laptop is stolen and the new proposal of millions of dollars you have been working on quite painstakingly is already in the hands of your competitors. Maybe the innovative concept you have been discussing over the phone is overheard, recorded, and patented by someone else. There are unlimited possibilities as to what can go wrong. If you do not care about security, your existence itself will be at risk. Beware of this!

There are instances of Automated Teller Machines (ATMs) being towed away or otherwise hacked by thieves.

There are many instances where information has been stolen from emails, laptops, or cell phones and used to blackmail the owners.

There have been instances of weak encryption being substituted by strong encryption, and entities/people have been blackmailed have had to shell out significant amounts of money to get the data decrypted. There have been instances where passwords have been changed or servers have been overtaken by others and then thieves demand a ransom to restore access. There have been instances where software applications have been pirated by overcoming built-in controls and thus, the entity that created the software loses a significant amount of revenue.

There have also been instances of identity theft, which can lead to huge losses. There have been instances where the data of strategic and military importance has been stolen physically or through logical means of hacking. There have been instances of gaining physical entry into secure areas and destroying crucial assets, including information assets. There have been instances where the data has been compromised, either by luring the people or by other means, which leads the party to huge losses. We cannot even fully imagine the kind of possibilities that are out there. Perhaps, the hacker is even able to intervene with the navigation system of an airplane or a missile and bring it down or make it strike somewhere else! The possibilities are endless, and we do not know the extent of damage information in the wrong hands could potentially cause. We can continue citing examples, but we hope to bring as many instances as possible to your attention as we write this book.

We have seen or heard of instances of hacking into banking accounts and initiating transactions or hacking into systems and obtaining credit card or debit card related information or credentials such as PIN or Telephonic PIN and misusing them. Phishing attacks are common as are instances of credit cards or debit cards being cloned. There have been instances of identity theft and fake profiles created on social media. Social engineering attacks, where attackers befriend persons and later misuse the information or relationship obtained, are becoming common.

Malicious software attacks through links or attachments in emails, through add-ins to the browser, or through the download of free applications or games is common. Tracking or hacking through mobile devices is a recent phenomenon that must be monitored. Exploiting the technical vulnerabilities of the applications, protocols, web browsers, web servers, or utilities is also a known phenomenon.

Eavesdropping on wireless communications or misusing wireless connections is on the rise. The rogue wireless access points set up by attackers attract many users which leads to the compromise of important information like login credentials.

In addition to the above, ineffective maintenance of the systems or utilities such as UPS or electrical cables can lead to system failure, thus reducing productivity.

There have also been instances of misuse of surveillance cameras, remote connection utilities used to hack into someone else's system, and application errors not known or not fixed by the vendor organizations.

With a lot of information getting distributed easily across the globe because of Web and Cloud technologies, there are a lot of challenges to ensure that data and information of value are well protected so that they are not compromised.

Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >
Business & Finance
Computer Science
Language & Literature
Political science