Data Security

Why is the computer security usually fail against attacks?

The reason is that system users are often unaware of the threats they're facing. The second aspect of data security that relates both to users and administrators is a failure to clearly identify the resources that require protection.

One problem that relates only to computer systems administrators is their unchecked belief in technology. We tend to think subconsciously that since we've paid a lot of money for security solutions provided by brands, but that's not case always.

If you don't know the mechanism behind the solution or technology or don't even know attack vectors running a piece of software or tool won't make you secure.

Users and administrators need to keep track of new developments and utilities in the system security field and deal with threats differently.

Why is this so hard? It is because of this trend these days known as the consumerization of I.T.. In the past, the creation was done and modified according to the need of the buisness, but now there is no recognizable boundary between consumer and corporate technology. These days, appliances are designed with user's in mind.

What are the effects of this reversal? Earlier days, it was well distinguished between a work computer and a play. But these days, the play and work are done on the same system. New developments mean that more and more people can work from home and we use our own devices a laptop or smartphones for work.

System administration has limited the control over user, because if they do, our productivity would be lowered. Companies can't ban email outside their company. While this would improve security it just simply isn't feasible.

To solve this problem, we had to introduce new term. It is sad to admit that our security can be challenged by a script kid who is attacking the system remotely. Saying that we can be susceptible to threats that are advanced and persistent is not equivalent to an admission of guilt.

Apt was coined and defined in 2006 by the US Army when the military began to realize that existing computer security models were ineffective. Originally referred to persistent threats or those threats that were a long term risk are a good example of persistent activity is the slow of attacks on American high tech companies that were detected by Google and occurred from 2006 to 2007.

In this attack, the user's mail was tracked for a year. Today advanced persistent threats are understood as attacks that successfully launch malicious software on target's system.

Local attacks and large scale attacks exploits vulnerabilities in security systems. For the most part internal attacks render any technological protection measures useless.

The last category of threats cluster Zepps or the attacks that target trusted communications channels, the amount of information exchanged between computer systems is huge.

Intrusion detection systems implemented in banks and insurance institutions, Often react only the active suspicious user actions. Attackers exploit the tendency of special's ideas tools to react to unauthorized claims payments, but ignore information extraction.