NETWORK SECURITY

Network Security

Network Security

Computer security is a paradoxical term. The vast network of networks known as the Internet is complex, and it is open. As many have observed, without those two characteristics in place, there is no Internet. But with both present, there can be no perfect security, especially since there are many people on the Internet who have an interest in exploiting its weaknesses for simple amusement, for criminal purposes, or even for waging war.

Computer security threats take several forms (Richards, 1999). First, there are hackers, computer-savvy individuals using their skills to break into computer networks to steal or alter data, or simply to experience the thrill of virtual cat-burglary. Next, there are viruses, destructive programs designed to attach to system files or other handy files in a computer; a virus lies dormant until the file is accessed, and then executes its destructive functions (Harrison, 2006). Third, there are worms, powerful programs that usually gain access to computers through the Internet—often through email, sometimes by Web browsing. Many operate autonomously, but some, like the famous Internet Relay Chat-based PrettyPark worm, are executed only on the command of a hacker. Once worms infect a terminal, they usually seek other computers on the Internet to infect (Farmer, 2003). Some worms, like the email-driven Code Red, have been known to cause many millions of dollars in damage, especially to corporations experiencing expensive down time and the destruction of valuable equipment and data.

Background

The advent of computers and the proliferation of the Internet made possible the achievement of great advances in science, medicine, technology, and communication. Unfortunately, computers and the Internet have also provided a new environment for crime. As Janet Reno, U.S. attorney general during the Clinton administration, put it, “While the Internet and other information technologies are bringing enormous benefits to society, they also provide new opportunities for criminal behavior”. (Dasey, 2000)

Cybercrime is loosely defined as committing a crime through the use of a computer or the Internet. The Internet has been defined as “collectively the myriad of computer and telecommunications facilities, including equipment and operating software, which comprise the interconnected worldwide network of networks that employ the Transmission Control Protocol/Internet Protocol, or any predecessor or successor protocols to such protocol, to communicate information of all kinds by wire or radio” (Internet Tax Freedom Act of 1998: 112 Stat. 2681-719). In other words, the Internet is a large computer network, or a chain of computers that are connected together. This connectivity allows individuals to connect to countless other computers to gather and transmit information, messages, and data. Unfortunately, this connectivity also allows criminals to communicate with other criminals and with their victims. Although no universally accepted definition of cybercrime exists, a distinction is often made between a traditional crime that is perpetrated through the use of a computer or the Internet and a crime that involves specifically targeting computer technology (Richards, 1999).

Purpose

In defining purpose, we consider how the organization interprets the environment to develop statements of mission, vision, goals, strategies, objectives, and ...