Network attacks have been discovered to be as varied as the system that they attempt to penetrate. Attacks are known to either be intentional or unintentional and technically competent intruders have been interested in targeting the protocols used for secure communication between networking devices. (Reed 2003). This review addresses how highly sophisticated intruders are penetrating internet networks despite high levels of security. But as the intruders increase, the network experts are deriving many techniques in preventing attackers from accessing company networks.
2.5 CATEGORIES OF SECURITY THREATS
Security threat can be categorized into four parts and these categories are the ways or forms through which threats can be carried out on a network.
i. Unstructured Threats
Unstructured security threat is the kind of threat created by an inexperienced person trying to gain access to a network. They commonly use common hacking tools, like shell scripts, and password crackers. A good security solution should easily thwart this kind of attack. In other words, these kinds of hackers could not be underestimated because they can cause serious damage to network.
ii. Structured Threats
Unlike unstructured threats, structured threat hackers are well experienced and highly sophisticated. They use sophisticated hacking tools to penetrate networks and they can break into government or business computers to extract information. On certain occasions, structured threats are carried out by organized criminal gangs or industry competitors.
iii. External Threats
Some unauthorized people outside the company who do not have access to the company’s computer system or network could cause external threat. They usually break into company's network via the Internet or server. Both experienced and inexperienced hackers could pose external threats.
iv. Internal Threats
This kind of threat could be by a disgruntled employee who has authorized access to the company's network. Like external threats, the damage that could be caused by such a hacker depends on the expertise of the hacker. (Orbit-Computer Solutions 2012)
2.6 PHYSICAL INSTALLATION ATTACK
Physical installation attacks, as the name implies originate from some basic threats that we can see with own eye but might not be prevented. Firstly, hardware threat is a common example of a physical installation attack; this could be due to the old age of a particular system, and as a result of that, it start acting erratically and damage some data before it totally dies.
Environmental threat, as discussed previously, can be caused by natural phenomena, such as extreme weather temperatures, earthquakes, and storms.
Furthermore, electrical threat can cause extensive damage to a network. This kind of threat is common in countries where the power supply is always interrupted unexpectedly. Examples of this type of threat are: blackout (unexpected interruption of power supply), brownout (insufficient supply of power voltage), and noise (unconditioned power).
Maintenance threat could also cause problem to network. Examples of maintenance threats are poor cabling, poor cable labelling, electrostatic discharge, and lack of critical spare parts.
2.7 DEVICE COMMUNICATION ATTACK
Technically competent hackers have been able to fashion a structured attack targeted at communication protocols. The OSI model has seven layers that are used for communication between networking devices, which are with vulnerabilities that can be controlled. Basically,higher layers cannot be secured while the lower layers are also not being secured, yet in recent years there has been limited attention to insecurities at the physical layer or data link layer despite changes in network operational practice that include developments like nation-wide layer two networks and national and regional optical networks.
Currently known threats at lower levels of the OSI stack include ARP spoofing, MITM (man- in-the-middle) attacks at layer two, and physical layer attacks such as passive optical taps or the interception of wireless network signals by attackers. While these attacks are well known, little research is currently focused on addressing those concerns.
1.P PHYSICAL LAYER
The physical layer is responsible for transferring data over network communication media. It could also be refer to as most changeable and vulnerable layer. When dealing with this type of layer, unserious incidents like unplugging the computer power cord or removing a network cable could sometimes cause a great and untraceable havoc on a particular network, and it could cause great damage to the computer. (Reed 2003)
There are plenty of vulnerabilities that the physical layer is facing, few of which include: loss of environmental control, damage of hardware and data, disconnection of physical data links, power loss, input logging like keystroke and other physical theft of data and hardware, and undetectable interception of data. These vulnerabilities could cause great damage to network security through physical layers if prevention is not done at the right time. Nevertheless, there are always solutions available for any threat of damage caused to a network.
As mentioned above, there are always solutions for every problem. Perimeters and enclosures lock, electronic lock mechanisms for logging and detailed authorization, data storage cryptography, PIN and password secured locks, electromagnetic shielding, biometric authentication systems, and video and audio surveillance can all be used to prevent or secure any threat that is coming to attack a network or that has attacked a network via the physical layer.
