Digital Transformation and Cybersecurity Challenges

Introduction

In the current digital environment that is slowly but steadily building up due to the fourth industrial (Industry 4.0) revolution and which has impacted the connection between physical and digital worlds, comes with a great deal of benefits and advantages as has already been witnessed. According to Jackson (2018) the digital technology has significantly impacted human life and experiences positively including increased efficient communications, access to analytics data and social networking as well as improving staff and customer experience. However the digital technology has not only impacted the business field, but has been of great influence to the human life in virtually all its facets as such coming with significant drawbacks and disadvantages such as network security and possibility of cyber crime. This chapter clarifies and highlights among other factors: network security, security set up for networks, network vulnerabilities and possible mitigation options as well as an evaluation of firewalls and rules of cyber security. The section also analyses DDOs attacks and detection through the use of means such as network traffic analysis.

Network Security

Network security comprises the practice of preventing and protecting corporate networks against unauthorized intrusion. Comodo (2019) describes Network security is an organization’s strategy developed to guarantee the security of its assets including all network traffic, software and hardware technologies as well as access to the network. Network security depending on the strategy and types taken up by an organization targets a wide range of threats and then arrests them from spreading or entering in the network thereby effecting the protection of organization information.

Whatsapp

Set up and types of network security

According to Force point (2020) an attack on a network can occur at any of the three layers considered within a network including: Physical, Technical and Administrative network security as such design of a network setup and strategy as well as selection of the type used should take into account all these three layers. Physical network security controls are designed mainly to protect the system against access by unauthorized personnel through physical network components such as routers, cabling cupboards and Ethernet cables. Technical security protects data that is stored within the network or which is in transit across, into or out of the network. It enables protection of data and systems from unauthorized personnel, as well as against malicious activities from employees.Administrative security controls on the other hand consist of security policies and processes that control user behavior, including how users are authenticated, their level of access and also how IT staff members implement changes to the infrastructure. (Fruhlinger, 2018). Different types of network security are however adopted by different organizations to be able to manage and mitigate network threats to their systems and among the most common according to Cisco (2018) include: Access control, Antivirus and antimalware software, Application security, behavioral analytics, cloud security, data loss prevention, email security, firewalls, network segmentation, VPN, web security, wireless security and intrusion prevention systems. While a majority of these types are effective to protect all three layers of the a network security they are not always sufficient and as such most networks engage the use of multiple types of network security on their systems to ensure maximum security. In addition to protecting assets and the integrity of data from external exploits, network security can also manage network traffic more efficiently, enhance network performance and ensure secure data sharing between employees and data sources as well as secure unnecessary downtime.

Network Vulnerabilities

A wide range of network vulnerabilities are highlighted by different scholars including (Beaver, 2013; Firch, 2019; Liwer, 2018; Ogden, 2017) in the recent past, some of these include: OS command injection, Buffer overflow, Missing authentication for critical function, Missing authorization, Unrestricted upload of dangerous file types, Social Engineering attacks, malware attacks,Use of broken algorithms, Outdated Software, Bugs, weak passwords as well as misconfigured firewalls. Four of these vulnerabilities however stand out according to Firch (2019) including: malicious software, social engineering attacks, outdated or unpatched software and misconfigured firewalls.

Malicious Software (Malware)

Malware according to Beaver (2013) refers to malicious software that is unknowingly purchased, downloaded or installed within a system. These software are used by hackers or designed to compromise the network and may impact the system in ways such as reduces system speed, random reboots, starting unknown processes or even sending emails without user action. According to Firch (2019) the use of malware to exploit network vulnerabilities continue to rise over the years with a maximum number of 812.67 million devices infected in 2018. The most common types of malware used include: Ransom ware, Trojans, Warms, bots and botnets as well as viruses and many others.

Social Engineering attacks

Social engineering attacks include activities that fool users into giving up personal information such as user names and passwords. Ogden (2017) points out that after malware, social engineering attacks is becoming a more popular method to bypass network authentication and authorization security protocols. Given the likelihood of internal users to accidentally download attachments or click on links to malicious websites due to lack of effective education or awareness, they represent the greatest security risk to an organization. Firch (2019) highlights the most common types of social engineering attacks to include: Phishing, Whaling, Vishing, Spam, Pharming, Tailgating and dumpster diving.

Outdated and Unpatched software

Computer systems and network components including software require consistent updating and patching to ensure enhanced security of the system and limitation of available vulnerabilities. Given that a majority of heavy applications include millions of lines of coding, vulnerabilities are somewhat an inevitable part of software. Developers as such, deploy patches as ways of correcting these mistakes and managing upgrades to limit system vulnerabilities. The lack of use of these patches leaves the network and systems highly vulnerable for attacks and provides in itself a significant vulnerability to a network.

Misconfigured Firewalls

Among the most significant threats to an organization is exposing your internal network or servers to the internet. When exposed, threat actors are easily able to spy on your traffic, steal data, or compromise your network. Firewalls are developed to act as buffers between the internet and the internal network so as to protect it from exploitation by threat actors, misconfiguration of firewalls or operating systems is another major vulnerability which impacts network security for major organizations all across the world.

Mitigation of Vulnerabilities and Attacks

Network security vulnerabilities despite being a major problem in the use of digital technology has also impacted the development of detection and mitigation strategies among which include tests such as the penetration test as well as the use of Firewalls to protect the network against complex attacks. Firch (2019) describes a penetration test as a simulated attack to exploit weaknesses and vulnerabilities within a system, network, application, website as well as employees and other security components. It consist of a variety of activities that are designed to stimulate real world attack scenarios against organization information, business IT and physical security controls with the ultimate goal of validating the vulnerabilities identified during the scanning phase, and investigate any other avenues of penetration through reconnaissance (Rouse, 2019).

Firewalls

A firewall is a software program that prevents unauthorized access to or from a private network. Rouse (2019) describes it asa system designed to prevent unauthorized access to or from a private network and can be implemented in either hardware or software form, or a combination of both. All messages and information entering or leaving the intranet (local network connected) must pass through the firewall where they are examined and confirmed or blocked depending on whether they meet specified security criteria and protocols. While firewalls are always used as the first line of defense in organization networks they only regulate information flow in and out of the network and therefore do not attempt toauthenticate individual users when determining who can access a particular computer or network. Firewall types are divided into several different categories based on their general structure and mode of operation including: Packet-filtering firewalls, Circuit-level gateways, Stateful inspection firewalls, Application-level gateways (a.k.a. proxy firewalls), Next-gen firewalls, Software firewalls, Hardware firewalls, Cloud firewalls (Dosal, 2019). The three major types however include:

Packet filtering firewall:the firewall examines and accepts or rejects each packet entering or leaving the network based on user defined rules. It is fairly effective and transparent to users however it is difficult to configure and quite susceptible to spoofing.

Circuit level gateway firewalls: Apply security mechanisms when a TCP or UDP connection is established. The connection establishes a filter tap which ensures the screening and approval of packet transfers. Once the connection has been made, packets can flow between the hosts without further checking.

Proxy Firewalls:A proxy server represents a form of gateway that hides the true network address of the devices that are connected through it. The server on behalf of the devices connects to the internet makes any request for data transfers and carries them out on behalf of the devices. In the same way proxy firewalls enables configurations to allow the passage of only selected traffic through it to the network thereby shielding the network from any intrusions.

All the other firewalls are categorized under web based firewalls which include hardware appliances, server plug-ins, or some other software filter that applies a set of rules to a HTTP conversation. Such rules are generally customized to the application so that many attacks can be identified and blocked.

Order Now

Continue your journey with our comprehensive guide to Cybercrime and Regulatory Challenges in Nigeria.

DDOS Attack and Detection

A Distributed Denial-of-Service attack involves a malicious attempt to disrupt normal traffic of a targeted network or system through overwhelming it or its surrounding infrastructure with a flood of internet traffic (Cloud Flaire, 2020). Through the utilization of multiple compromised computer systems as the source of attack, DDoS attacks achieve maximum effectiveness and can exploit devices such as computers and any other IoT devices. The traffic can consist of incoming messages, requests for connections, or fake packets. According to Weisman (2019) DDoS detection involves a process of distinguishing Distributed Denial of Service (DDoS) attacks from normal network traffic in order to ease the traffic, effect normal operations of the network and perform effective attack mitigation, The primary goal of a DDoS attack is to either limit access to an application or network service, thereby denying legitimate users access to the services. According to Kentik (2020) there are two primary means of detecting DDoS attacks: in-line examination of all packets and out-of-band detection via traffic flow record analysis. Some of the basic in-line DDoS detection techniques include Firewalls and intrusion prevention systems which can be effective in detection of small volume attacks. However high volume attacks often overwhelm these devices and techniques and as such require the use of out-of-band DDoS detection techniques. Bradbury (2016) points out that Out-of-band DDoS detection is accomplished by a process that receives flow data from NetFlow, J-Flow, sFlow, and IPFIX-enabled routers and switches, then analyzes that flow data to detect attacks. Mitigation of the attacks is then triggered manually or automatically, via routing or appliance-based methods. Eventually the intention is to detect and mitigate the attacks before they enter the private network and compromise information.

Continue your exploration of IoT in Transport: Revolutionizing Ticketing with our related content.

Conclusion

The increased application of the internet and investmentin the digital world by individuals and organizations has lead to new setbacks which include vulnerabilities to the systems which may affect the data and position of the organizations of companies. Different network protection mechanisms have been developed and despite none of them being quite effective for the maximum protection of an organizations systems and network, they can be applied simultaneously, where each technique and software is applied to target various specific vulnerabilities within the system when designing secure network strategies. Eventually the organization or individuals’ indulgences best provide the considerations for which methods and techniques to use.

Sitejabber
Google Review
Yell

What Makes Us Unique

  • 24/7 Customer Support
  • 100% Customer Satisfaction
  • No Privacy Violation
  • Quick Services
  • Subject Experts

Research Proposal Samples

It is observed that students are not able to pull out the task of completing their dissertation, so in that scenario, they prefer taking the help of the Dissertation Writer, who provides the best and top-notch Essay Writing Service and Thesis Writing Services to them. All the Dissertation Samples are cost-effective for the students. You can place your order and experience amazing services.


DISCLAIMER : The dissertation help samples showcased on our website are meant for your review, offering a glimpse into the outstanding work produced by our skilled dissertation writers. These samples serve to underscore the exceptional proficiency and expertise demonstrated by our team in creating high-quality dissertations. Utilise these dissertation samples as valuable resources to enrich your understanding and enhance your learning experience.