This tutorial explains the common network security threats and their possible solutions. Learn the types of hardware threats and the differences between hardware threats and software threats.
A computer network is built from two components: hardware and software. Both components have their vulnerabilities and risks. Hardware threats are easy to detect in comparison with software threats. Hardware threats cause more damage to the network than software threats. A software threat can only harm the data while a hardware threat can harm both; device and data.
If you are not familiar with the terms vulnerabilities, exploits, threats, and mitigation techniques, you can check the following tutorial. It explains these terms in detail.
Hardware threats and solutions
Hardware threats involve four types of threats: -
- Physical
- Electrical
- Environmental
- Maintenance
Physical
Improper installation, selecting wrong components, incomplete devices, lack of knowledge, unsecure or less secure network components can cause physical threats to the critical network resources. Physical threats are divided into two types; accidentally and intentionally. With proper planning, we can minimize accidental damage. For intentional damage, we have to increase security measurements.
Following measurements should be taken to deal with physical threats:-
- Always purchase branded and genuine components.
- Hire experienced and knowledgeable technical staff.
- Always remove console cable after use.
- Always log off from administrative interfaces before leaving a station.
- Critical resources should be kept in a room or location that meets with following requirements:-
- The room must be accessible only by a single secured access point.
- The access point must be monitored via security cameras.
- Only the authorized person should be allowed to access the room.
- Every entry should be logged by security systems and monitored by security personnel.
Electrical
Irregular power supply (such as fluctuations, high voltage, low voltage, or surge voltage) can cause serious damage to the network components. Following precautions should be taken to minimize the electrical threats:-
- Use UPS (Uninterruptible Power Supply) for critical network resources.
- Use RPS (Redundant power supplies) for critical devices.
- Use backup generator systems with auto inverter technology that switches on backup power supply automatically if the main supply went down.
- Use monitor and alarm system at device levels.
Environmental
Extreme weather conditions (such as moisture, EMI field, very high or low temperature, and humidity) can also damage network devices. To mitigate environmental threats the following action should be taken:-
- Wherever possible keep away EMI (Electro-Magnetic Interface) devices from critical networking devices such as routers, switches, PCs, and Servers.
- Usually, networking devices have recommended environmental parameters. Always maintain the room temperature and humidity level between these parameters.
- Keep the critical networking devices away from direct sunlight and heavy winds.
Maintenance
Improper disaster planning triggers maintenance threats. It includes lack of spare parts, poor cabling, incorrect or no labeling on components. To deal with maintenance threats, the following guidelines should be followed:-
- Clearly label all components.
- Secure cabling equipment in racks.
- Always maintain a sufficient stock of critical spare parts for emergency use.
Hardware threats are easy to find and patch. Hardware threats need physical access which makes it a difficult option for crackers. According to a study, over 90% of attacks are software-based.
Software threat and solutions
Gone are the days when hacking was the task of highly skilled developers. In modern times, anyone who has little knowledge of programming can become a hacker by downloading tools from the Internet. With these complicated tools, hacking is no more a programing game. A person who can use these tools may bring an unsecure network down.
Besides these tools, another reason for increasing threats is the balancing feature. People want software that is easy to use and contains many features. A featured rich and easy-to-use software is also easy to crack. Balancing between features and security is one of the toughest challenges. Sometimes a developer has to compromise with security to provide features.
Security threat involves three goals:-
- Confidentiality
- Integrity
- Availability
Confidentiality
This goal defines how we keep our data private from eavesdropping. Packet capturing and replaying are the example threats for this goal. Data encryption is used to achieve this goal.
Integrity
This goal defines how we avoid our data from being altered. MiTM (Man in the middle attacks) is the example threat for this goal. Data hashing is used to take the fingerprint of data. Through hashing, we can match data from its source.
Availability
This goal defines how we keep available data to our genuine users. DoS (Denial of service attacks) is the example threat for this goal. User rate limit and firewall are used to mitigate the threat for this goal.
An adversary (a person/hacker/cracker who is interested in attacking your network) can use any kind of attack to threaten the network infrastructures. A network may face several other attacks from an adversary while achieving the above goals.
Mitigating security threats
To protect the network from software threats, administrators use different approaches. No matter what approach you choose, there are some basic rules which you should always follow:-
- Use secure protocol for remote login such as use SSH instead of Telnet.
- Configure access lists or firewalls to permit only necessary traffic.
- Use genuine software and keep it up to date.
- Avoid pirated software as it may contain viruses and worms.
- Use comlex passwords.
- Disable unwanted or unnecessary services.
Besides these essential steps, you can also consider a security device or software as per network requirements. There are thousands of security solutions available in the market to choose from. You can choose a tool that suits your budget and meets your needs.
That's all for this tutorial. In this tutorial, we explored common hardware and software threats and their possible solutions.