Network Security: Ping Attacks, Phishing and Social Engineering

Network security is essential now more than ever. The cost related to cybersecurity continues to grow annually which poses a risk to both businesses and individuals. Some of the ways networks are exploited are through directly hacking systems and leveraging vulnerabilities in computer users. While using direct hacking techniques such as using ping attacks to create a denial of service (DoS) have become less common, attackers have become more sophisticated and successful in exploiting human users with social engineering and phishing campaigns.

A ping flood is one DoS attack using the ping command that seeks to compromise a system by flooding it with numerous requests until it can no perform any function other than trying to respond to the persistent requests. This is typically done with the use of multiple systems, or botnets, to coordinate a distributed denial-of-service (DDoS) attack (Cloudflare, 2020). The effectiveness of the attack is directly tied to the number of requests that can be directed at the targeted system. This can render a system completely useless or make a system vulnerable by taking down important infrastructure within the targeted system. For example, if an attacker were able to successfully target and DDoS a network’s firewall, it may allow traffic to still pass through while disregarding all the protection rules put in place to protect the network. Attackers would then potentially have unlimited access to exploit the rest of the network. These attacks can be mitigated through system administrative tools to restrict the ability of systems to accept and respond to ICMP traffic initiated through ping commands. Additionally, intrusion detection systems (IDS) should be implemented to detect when these types of attacks that alerts networks administrators of the questionable traffic to implement controls. These types of attacks have become less prevalent in recent years due to the development of advancement in protection systems leaving attackers to focus on vulnerable computer users as their target to gain access to systems.

With more focus on end users, attackers use multiple forms of social engineering to attempt to gain system access. According to Norton (2020), “social engineering is the act of tricking someone into divulging information or taking action, usually through technology” (para. 1). This trickery takes place in many forms, face-to-face, over the phone, or over email, and if successful poses a security risk to networks by giving away valuable information that attackers can use to infiltrate systems, such as valid login credential information. This can pose a significant risk as attackers who steal login credentials can now access systems as “valid” users. Attackers will play on user’s vulnerabilities by posing as legitimate people, such as security technicians, or people they know to gain trust to get them to reveal sensitive information that can then be used to access systems and steal additional information. Social engineering is something that must be recognized by users and requires training, which requires them to be skeptical and vet the source of the information. Additionally, software can help to mitigate threats from electronic sources such as phishing emails.

Phishing emails are the most prominent source of social engineering attacks and the culprit behind most cybersecurity breaches. Of reported cybersecurity incidents report, 80 percent were a result of phishing emails, representing $17,700 lost every minute globally over the last year (Fruhlinger, 2020). Phishing emails, which is also a form of social engineering, attempts to convince users the email is legitimate to get them to divulge information, open malicious attachments, or click on malicious links. This leaves networks vulnerable to attack as users give up sensitive login credentials to business systems, open attachments than installs malware, or click on links that plan to do the same damage. Both user awareness training and mitigation software is needed to combat this threat. Email security software can help to prevent emails coming into the network based on keywords, sending address or IP, and file type, but the user training is also required (Whitney, 2019). Technology will not block all inbound malicious emails, so users must be able to recognize a potential security risk when they receive them to avoid becoming a victim put themselves or their company at risk. 

References

Cloudflare. (2020) Ping (ICMP) flood DDoS attack. Cloudflare. https://www.cloudflare.com/learning/ddos/ping-icmp-flood-ddos-attack/

Fruhlinger, J. (2020, March 9). Top cybersecurity facts, figures and statistics for 2020. CSO Online. https://www.csoonline.com/article/3153707/top-cybersecurity-facts-figures-and-statistics.html

Norton. (2020). What is social engineering? Tips to help avoid becoming a victim. Norton. https://us.norton.com/internetsecurity-emerging-threats-what-is-social-engineering.html

Whitney, L. (2019, March 2). Most common cyberattacks we'll see in 2020, and how to defend against them. ZDNet. https://www.zdnet.com/article/most-common-cyberattacks-well-see-in-2020-and-how-to-defend-against-them/