Top Security Threats.

There are many threats to your computer and network security.  The threats can range from Port scanning to Trojan Horse viruses.  While there is no such thing as a 100% secure online system, it is possible to minimize risk with vigilance and education.  HIPAA has compiled a list of their Top 10 security threats and basic measures that can be enacted to help prevent unauthorized access to sensitive information.

Top 10 Security Threats

by S. K. Parmar, Cst / 1999

1. Firewall and System Probing

Hackers are using sophisticated, automated tools to scan for vulnerabilities of a company's corporate firewall and systems behind the firewall. These hacker tools have proved to be quite effective, with the average computer scan taking less than three minutes to identify and compromise security. Companies can prevent this by ensuring that their systems sit behind a network firewall and any services available through this firewall are carefully monitored for potential security exposures.

2. Network File Systems (NFS) Application Attacks

Hackers attempt to exploit well-known vulnerabilities in the Network File System application, which is used to share files between systems. These attacks, usually through network firewalls, can result in compromised administrator access. To combat this, ensure systems do not allow NFS through the firewall, and enable NFS protections to restrict who can access files.

3. Electronic Mail Attacks

Hackers can compromise network systems by simply sending an e-mail to it. Companies who accept e-mail from the Internet and who have exposed versions of the sendmail program are potential targets from this attack. Last year more than 20,000 systems were compromised due to this exposure. To prevent this from occurring, check with vendors to ensure systems are running a correct version of sendmail or some more secure mail product.

4. Vendor Default Password Attacks

Systems of all types come with vendor-installed user names and passwords. Hackers are well educated on these default user names and passwords and use these accounts to gain unauthorized administrative access to systems. Protect systems by ensuring that all vendor passwords have been changed.

5. Spoofing, Sniffing, Fragmentation and Splicing Attacks

Recently computer hackers have been using sophisticated techniques and tools at their disposal to identify and expose vulnerabilities on Internet networks. These tools and techniques can be used to capture names and passwords, as well as compromise-trusted systems through the firewall. To protect systems from this type of attack, check with computer and firewall vendors to identify possible security precautions.

6. Social Engineering Attacks

Hackers will attempt to gain sensitive or confidential information from companies by placing calls to employees and pretending to be another employee. These types of attacks can be effective in gaining user names and passwords as well as other sensitive information. Train employees to use a "call-back" procedure to verify the distribution of any sensitive information over the telephone.

7. Easy-To-Guess Password Compromise

Most passwords that are easy to remember are also easy to guess. These include words in the dictionary, common names, slang words, song titles, etc. Computer hackers will attempt to gain access to systems using these easy-to-guess passwords usually via automated attacks. Protect systems by ensuring that passwords are not easy to guess, that they are at least eight characters long, contain special characters and utilize both uppercase and lowercase characters.

8. Destructive Computer Viruses

Computer viruses can infect systems on a widespread basis in a very short period. These viruses can be responsible for erasing system data. Protect systems from computer viruses by using anti-virus software to detect and remove computer viruses.

9. Prefix Scanning

Computer hackers will be scanning company telephone numbers looking for modem lines, which they can use to gain access to internal systems. These modem lines bypass network firewalls and usually bypass most security policies. These "backdoors" can easily be used to compromise internal systems. Protect against this intrusion by ensuring modems are protected from brute force attacks. Place these modems behind firewalls; make use of one-time passwords; or have these modems disabled.

10. Trojan Horses

Hackers will install "backdoor" or "Trojan Horse" programs on businesses computer systems, allowing for unrestricted access into internal systems, which will bypass security monitoring and auditing policies. Conduct regular security analysis audits to identify potential security vulnerabilities and to identify security exposures.