Internet Threats and Security for Protection

Published Date: 02 Mar 2018

Introduction

Technology is still under development in Saudi Arabia and has not reached the advance level as its reached in UK and USA. Therefore Internet Security is still a main as well as a major issues to most businesses and organisations in Saudi Arabia.

Media hype surrounding the topic of Internet security can scare the general public, as the novice users. The continual talk of the latest virus alerts, which have corrupted thousands and stories of teenagers hacking into networks and stealing numerous information's such as personal details, credit card details other details which relates to different institution, is enough to put anyone off the idea using their personal details over the Net. All this media hype needs to be addressed to see if it is just that, or is there a ground for all this sensationalism.

The chances to actually undergo extensive research and establish leads and ideas that I have not come across before about Internet Security, it is a major challenge for me and I feel that by conducting this research it will broaden my knowledge about Internet Security and also make people understand the aspects of Internet Security which they haven't come across before.

Abstract

This dissertation looks at the question: ‘Is The Internet Secure'?. Where secure is defined as ‘secure enough to trade or pass information' via the Internet. With the constant media hype of Internet Security, it felt that this title to be one of interest and appealed. Therefore, research include, determining what types of organisations are present on the net, and categorising them into several groups. Studying past literature to determine all possible threats on the Internet and then to discuss possible solutions to these threats.

As society is in the information revolution, in which the Internet is the main channel for distribution, this area of research is related to each and every one of us. Internet trading is a common practice amongst the new age. However, this is a subject that needs to be addressed to see whether all this ‘Media Hype' is just that, or is their just grounds for concern.

With the number of users on the Internet growing daily, and businesses becoming completely dependant on technology, serious issues of vulnerability need to be looked at. To ensure that no gaps appear in the security aspects of Internet, which will in turn trap the new users. Conclusions where made by in viewed and researched based companies.

This research aims to provide the reader with a deeper understanding of Internet Security. The Internet is a medium that will be a part of future generations, and it is paramount that it is managed correctly and to ensure it does not have devastating consequences for those involved in its operation. The research carried out draws the conclusion, that the Internet is not a secure for trading, and that a regulatory body is required or a more structured policing.

Therefore more actions from organisations are needed as well as from the government. Future research can concentrate on data recovery methods, application methods and interviewing in more depth and on a longer scale.

Acknowledgement

Chapter Outline

Chapter1:

The introductory of this chapter starts with the definition of I.T security. It follows on with what the aims and objectives are and the methodology followed during the fact - finding exercise. The chapter outlines the scope and the limitations of the project.

Chapter 2:

This chapter describes how the internet was formed and how it has developed. Finally it highlights the key developments of the internet throughout its early life cycle, and the growth of its user base.

Chapter 3:

Defines the types of businesses that trade on the net categorising them into several divisions, which are further explained in the appendix. This chapter also talks about on-line banking and how to purchase over the Internet.

Chapter 4:

Starts by discussing the potential threats of viruses, how they work and how they spread. It also discusses what different authors believe to be the main threats of the Internet. It also talks about all the potential threats and briefly defines each one.

Chapter 5:

Discusses the potential answers to the security issues, broadly discussing all of the security applications available. The chapter introduces computer security as well as the different application.

Chapter 6:

The fact finding stage highlights the responses gained from the organisations, which were interviewed. The findings were incorporated into graphs to illustrate the answer.

Chapter 7:

To conclude this study, the author discusses what the project aims were, how the findings were achieved and why came to this conclusion. A SWOT analysis was also carried out to assist the conclusion.

Appendix:

Any information that did not fit in the thesis, which the author felt important, is included in the appendices. There are also other documents and information, which has been referenced in the dissertation in the appendices.

I.T security as defined in this dissertation is the practices, procedures, applications and services which ensure a security breach or loss of use of a computer system does not occur. Security provides protection for IT system resources from human action. The security products, services and procedures used will aim to protect any hardware or data in the system.

1 Introduction

Media hype surrounding the topic of Internet security can scare the general public, as the novice users. The continual talk of the latest virus alerts, which have corrupted thousands and stories of teenagers hacking into networks and stealing numerous information's such as personal details, credit card details other details which relates to different institution, is enough to put anyone off the idea using their personal details over the Net. All this media hype needs to be addressed to see if it is just that, or is there a ground for all this sensationalism.

1.1Human Action

Human-inspired security breaches are defined as accidental or deliberate, passive or active attacks, which result in the loss or damage of I.T system hardware, software or data. This can come in many guises, as the following shows:

• Viruses - where a program is placed on a system with the intention of corrupting its processing.

• The theft of data.

• Hacking - deliberately gaining unauthorised access to a computer system.

• The invasion of privacy, through the unauthorised disclosure of data and breaches of data protection legislation.

• Sabotage - interfering with the processing of a system, such as the placing of a ‘clone machine'.

1.2The Key areas of I.T Security

I.T security involves a number of key areas. The most important of these are introduced under the following headings.

1.2.1 E-Commerce

E-Commerce (Electronic Commerce) enables measures to secure web merchants sites from external hacking and intrusion, with the aim to develop secure online transactions. E-Commerce requires the means to engage in electronic transactions without the fear that credit card details and bank details could get into the wrong hands. These involve, for example, the use of secure payment servers and secure software servers.

1.2.2 Network Security

The aim of network security is to create a secure environment in which the users can send classified information and business applications solely to those people that they wish to receive them, preventing others from accessing the data. This is an issue of increasing concern, given the growing importance of networks to companies. This aspect of security tends to resolve around using network management and security software tools, and developing network security policies.

1.2.3 Virus Protection

To prevent computer viruses from infecting I.T systems, companies use anti-virus software and alert systems.

The requirements for information security as well as the type of products and services used to have undergone a major transformation since 1995. The need for security has widened, where traditionally it was confined mainly to governments, protecting classified data, financial institutions and protecting messages with monetary value, today most medium-sized to large organisations require information security.

The growth of computer networks, group working and mobile working, and the subsequent need to communicate with contacts outside the organisation, has made I.T systems more open to external forces and more vulnerable to internal action. Today, security is demanded to handle communications through the internet, intranet, extranet and Virtual Private Networks (VPNs). All of these technologies use common, standardised networking protocols and such networks are exposed to greater security threats than before.

In a modern computer network, employees share information with each other, and companies share information with their suppliers, partners and customers. This calls for a more sophisticated security system, which is more comprehensive and flexible than the products and services used in the past, and which can be deployed to a large number of users in a consistent, manageable and secure fashion.

1.3 Aims and Objectives

• Introduce and provide an overview of the development of the Internet. How it was started and how it works.

• Identify the diverse nature of businesses that trade on the Internet, their roles and their functions.

• Identify and disseminate the literature available on threats inherent in the use of the Internet including viruses and secure transmission of data.

• Identify and discuss the appropriate solutions for any potential threats for internet security.

• Evaluate and conclude the arguments, to discuss potential ways of enforcing a suitable security policy for web-based companies.

1.4 Methodology

Information for this study was gathered from journals, books, Internet sources and certain company documentation pertaining to Internet security. The best form of methodology for this type of research would be to use Quantitative and Qualitative analysis as well as the use of secondary sources, as mentioned.

Quantitative research was used to gain rich information, basically finding out the ‘experts' opinions from the relevant areas of expertise, for the research. The qualitative research consisted of a questionnaire with open ended and some closed questions. The main aim of this questionnaire was to elaborate on the author's literature review, basically agreeing or disagreeing with the literature presented on this study. For the quantitative aspect of the research a short structured questionnaire was designed, this consisted of closed questions, which would give a statistical look to the fact-findings chapter. This questionnaire was distributed in Preston and Jeddah (Kingdom of Saudi Arabia). Closed question questionnaires were used to obtain the awareness of the issues presented, to gain views, beliefs and attitude to these. The questionnaires were designed to ensure easy reading, therefore overcoming any confusion on the respondent's behalf. Questions were explained to ensure complete reliability in their responses

1.5Limitations and scope of Dissertation

As Internet Security is a very large topic, this author has limited his research to the following:

• Types of businesses on the web, categorising them in several areas.

• Discussing threats that past authors identified.

• Discussing possible solutions to these threats that past authors identified.

• Carrying out a first hand fact-finding excersing to either agree with the literature or disagree.

• Setting out the key differences.

• Summarising the thesis and presenting the findings.

2What is the Internet and how it started

The revolution in computer networking has made it possible for personal computers able to communicate with each other. This chapter is about the Internet and basically a history of its beginning. It provides a comprehensive view of literature regarding factors that promote e-commerce and aid the new era of online banking. The scale of the Internet is awesome and therefore more and more people are connecting to the net. Statistics continues to grow on a daily basis at an alarming rate. People from all walks of life, not just the scientist, teachers and computer experts use the Internet.

2.1Origins of the Internet

The Internet has its roots in a network set up by the United States Department of defence in the early 1970's (Ellsworth 1994). This network (ARPANET) was a collection of four computers. By 1996 the Internet was a collection of over 50,000 networks. The methods they slowly developed included a ‘Protocol' (which is a computer language) allowing dissimilar computer systems to communicate, and a method that routed data through multiple communication paths using groups of data with their own destination addresses built in packets. Prior to this technology, even with machines that were compatible, the used had physically carry magnetic tapes and insert them into another machine in order to transfer data from one computer to another. With the new technology, a computer simply has to put its data into envelope called an Internet Protocol (IP) packet, and ‘address' the packet correctly to send a message on the network. The philosophy was that every computer on the network could talk to any other computer.

2.2NSF Developments

In the late 1980's the National Science Foundation (NSF), started expanding its own NSFNET using the technology developed by ARPANET.”(Krol 192). Five supercomputer centres at major universities were created, and connections were used for e-mail, and for transferring data and information between sites. This created a communications problem, they needed a way to connect their centres together and to allow the clients of these access.

“In response, the NSF built its own network based on ARPANET Internet Protocol (IP) technology. “(Eraase 1994) it connected these centres with telephone lines. Since the telephone lines were paid for the mile, it was obvious that each university could not be connected to a supercomputing centre, due to financial constraints. They instead created regional chains of networks, with each university being connected to its neighbours, at the top of this chain there was a connection to the super computer. Eventually any computer was able to communicate with any other computer by forwarding the conversation through its neighbours.

2.3Internet Created

The NSF agreed to commercial exploitation and on-line service sprang up. “CompuServe, the first of these, started in 1970 and fifteen years later claimed 3.2 million users in 20 countries. It was part owned by commercial relationships with the German group Bertelsmann and the French group Hachette” (Winston 1998). Prodigy belonged to IBM and Sears claimed 1.4 million users. His ‘World Wide Web' was open for business in 1992. Meanwhile a commercial Internet Exchange had been established in 1991.

Large multinational corporations have been on the Internet for years, although their access has been limited to research and engineering departments. In 1992, many of the restrictions on commercial use began to change. In fact, there are already more commercial sites on the Internet than educational and research sites combined, according to statistic, commercial addresses now comprise of 51% of the network domains. The Internet is made up of over 25,000 networks that can transfer data via many routes. However, it is near enough impossible to pin down any exact numbers concerning its size due to the fact its growth is unparalleled by any other industry. Ghosh 1998 states that the Internet has been adopted faster than any other technological development.

2.4The use of the Internet

Between 1993 and 1998, more than 100 million users of the Internet were estimated, and the number of sites of the WWW has grown from 130 to 4.3 million sites. As of June 1999, the Internet user's population has been placed at around 170 million people. It has been forecasted that the number users will reach 350 million by 2005 worldwide.

In simple terms, the Internet allows millions of people all over the world to communicate and to share. “The Internet is the first global forum and the first global library” (Hahn and Stout 1994). Commercial businesses are the fastest growing segment of the Internet, you can gather information communicate and actually transact business on the Internet. Here are a few reasons why businesses are using the internet:

• E-mail is a low cost method for maintaining communication at all levels.

• Messages can be exchanged in minutes.

• E-mail is a domain for sharing information and is said to be one of the most important productivity packages around.

• The Internet allows businesses to be in touch with different branches and work teams at other locations.

This creating a virtual community in which people are able to communicate on a daily basis.

Using the Internet many organisations are able to bring a global edge to home grown businesses. For many companies, the use of the Internet creates a level playing field; smaller businesses can create an image on the network to compete with larger businesses.

“Many corporations use the Internet to keep a check on the rate of emerging and new technologies, and the market response to these technologies” (Ellsworth 1994). The public information and discussion groups available on the Internet provide insight and feedback that is hard to get in any other manner. Here people from all levels of industry, exchange information on marketing research and technological developments. Having the most up-to-date information about your markets and your products allows you to keep or increase your competitive edge.

In a business where the concept of getting closer to the customer prime, the internet is becoming increasingly important as well. Internet sales, where customers are sought and served on-line through Gophers and variety of virtual storefronts, are also becoming more popular. Customers can be and are sought before the sale and supported after sale. Companies are able to do actual product sales transactions on the Internet. In addition, in some cases it is possible to deliver the product via the Internet, as with software and information. Many companies have been using the Internet for the transmission of data. The major financial institutions in the world use the Internet extensively for exchanging information and files. Corporate users are now responsible for the transfer of the largest portion of data.

2.5The World Wide Web

“The WWW is the newest information resources to the Internet” (Krol 1992). It is based on technology called Hypertext Mark-up Language (HTML). Hypertext is a method of presenting information where selected words in the text can be expanded at any time to provide other information about the word. These words are actually links to other documents, which may be text, picture or sound format. The presentation of information on the web is much friendlier that traditional methods and the interface provides for a user -friendly environment. “The combined with the ability to use any of the Internet's tools within the web has been a catalyst for the rush to get on the Internet” (Ellsworth 1994).

The WWW can be defined as a global, interactive, dynamic, cross platform, distributed, graphical, hypertext information system that runs over the Internet and is available globally (Lemay 2000 Online).

In the early 1990's the advent of the World Wide Web on the Internet represented the tuning point for electronic ecommerce by providing an easy to use technology solution to the problem of information publishing and dissemination. The web made electronic commerce a cheaper way of conducting business and enable more diverse business activities.

The WWW infrastructure is built around the following:-

• Web sites: A web site is a collection of web pages maintained by a college, university, government, agency, company or individual.

• Web age: A web page is document on the web. Web pages can include text, pictures, sound and videos.

• Web server: A web server is a computer connected to the Internet that makes web pages available to the world.

• The Wold Wide Web is a dynamic structure, and due to the popularity of this new phenomenon it is expanding rapidly. The reason for it being so popular is the fact that information can be made available to anyone anywhere in the world in a matter of minutes (Kalakota, Whinston. 1997 p.145).

• What types of businesses are trading on the web

Business is changing. The way we do business is changing. The electronic commerce revolution is upon us, and perhaps represents the greatest single change to the way in which business operates. Companies of all sizes are now working together to establish their position and create opportunities in this world.

The Internet phenomenon has result in a major shift in the way organisations do business, and how they intend to proceed in the future. Many organisations now realise that without an e-commerce strategy they will not survive. This realisation has affected, and will continue to affect business relationship of all sizes.

• E-Commerce

E-Commerce (Electronic Commerce) is the buying and selling of goods and services on the Internet, especially the World Wide Web. In practice, this term and a newer term, e-business are often used interchangeably. For online retail selling, the term e tailing is sometimes used.

E-Commerce can be divided into:

• E-tailing or “Virtual Storefronts” on web sites with online catalogues, sometimes gathered into a “Virtual mall”.

• The gathering and use of demographic data through web contacts.

• Electronic Data Interchange (EDI), the business - to -business exchange of data.

• E-mail and fax and their use as media for reaching prospects and establish customers (for example, with newsletters).

• Business-to-Business buying and selling.

• The security of business transactions.

Electronic messaging technologies streamline business processes by reducing paperwork and increasing automation. (Kalakota, Whinston. 1997 p.54).

E-Commerce today, is a very wide area of study due to its phenomenon growth and thus, can be described as an umbrella concept, which will continue to grow. Therefore incorporating a variety of disciplines and can be described as following path of a hierarchical structure.

Recent technology has increased the capacity of e-commerce transactions, resulting in noticeable paradigms in a number of daily transactions. There are unforeseen benefits not only to businesses, but also consumers, the government and even on a global trade level.

The technology that is responsible for taking e-commerce to a global stage is the Internet. There are also other factors that have affected the growth of e-commerce, for example, the availability of hardware at affordable costs, as well as the increased power and ease of use of operating systems and software.

With the prices of computer hardware and network equipment falling, e-commerce is seen as one of the strategic investments in line with marketing goals of most business, to stay competitive, improve productivity and to deliver quality services.

Commonly, e-commerce is associated with the buying a selling of information, products and services via computer networks. It is also known as the paperless exchange of electronic information, whether it is by electronic data interchange (EDI), electronic funds transfer or other similar technologies methods.

• Overview of E-Commerce

E-Commerce, evolved as early as the days of Alexandra Bell, followed by the launch of terrestrial television and radio communications. However recent developments in technology have increased the efficiency in commerce and have placed e-commerce under the spotlight. During the mid 20^th century, the channels through e-commerce took place were telephone networks, the television and the radio. In their infancy they impressed businesses and consumers, so did EDI in the early 1970's and now at present the Internet has bought back the same feelings.

Below is an illustration of a generic framework for electronic commerce (Kalakota, Whinston.1997) The figure 1 below is an illustration of the e-commerce overview.

Electronic Commerce

B2A

B2C

C2A

B2B

The Internet

Telephone

Fax

The Internet

Telephone

Fax

Cable Satellite, and Digital TV

Telephone

Fax

The Internet including EDI, marketing, purchasing and e-mail

Collaborative

Work Groups

EDI via Internet

Telecomm uniting

Electronic Funds Transfer

E-Mail

Video Conferencing

Telephone

Fax

Figure 1

• Types of E-commerce

E-commerce covers five main categories that are listed below:

• Business to Business (B2B)

• Business within Business (BWB)

• Business to Administration (B2A)

• Consumer to Administration (C2A)

• Business to Consumer (B2C)

These are discussed in detail in Appendix 3 titled Types of Web Traders.

The introduction of e-commerce has facilitated consumer to business transactions, customers learn about products through electronic purchasing. From a consumer perspective electronic commerce facilitates for the following:

• Social Interaction. Electronic Commerce enables consumers to communicate with each other through electronic mail, video conferencing and news groups.

• Personal Finance Agreement. Use electronic means to manage personal finance and management using the online banking tools

• Purchasing Products and Information. Allows consumer to find online information about exiting and new products and services.

(Kalakota, Whinston. 1997 p.139)

The explosion in Internet traffic has created other problems. Mostly worryingly, there are continuing fears that many companies offering financial services online are not providing a secure environment to clients and customers.

• Purchasing on the Web

The Internet and the World Wide Web have dramatically changed the way consumers seek and use information online.

Whether they are shopping for Information or shopping for goods and services on-line, today's consumers must learn how to manage the resources (Kelley, B & Weibke, J. 2003).

Most attention on e-commerce has focused on business-to-business transactions and analysts say the surging electronic business-to-business market is about to explode.

On-line purchasing systems promise to streamline operations, save time and cut the costs of businesses drowning in order processing. Most buying over the Internet focuses on indirect materials, also known as non-production goods or maintenance, repair and operations.

Typically, such applications let any employee order through managed access rights, non-production supplies and service from an on-line catalogue using on a web server. They simplify the process of buying day-to-day items such as office equipments, PCs and other electrical goods to run the company. According to a recent study carried out by Forrester Research (2000) has suggested that the on-line commerce will raise form £657 billion in 2002 and reach the figure of £6.8 trillion in 2004. The statistics suggested that more customers are shopping day by day and revenue is increasing for on-line shoppers. The view is supported by Swazey (1999) who believes that the on-line shoppers spend more time on-line shopping than normal high streets shoppers and the amount of money spent rises with the amount of time spent on-line. The view point of Swazey (1999) is similar to Ghosh (1998) as he states that the “On-line shoppers tend to get carried away within the comfort of their own home”. However the above viewpoint have contrast in bearing to an article (Computer Fraud & Security, Sept 2000, p.2) that seemed to suggest that although it may seems like everyone is on-line, but it's not true.

• Internet Banking

Internet Banking is no longer a novelty. Banks have long ceased being worried about trading via the web, and instead have embraced the newest delivery channel with enthusiasm. All clearing banks, including the connected building societies, now offer Internet based banking services and all will have an online current account in place. Some, including Barclays, Woolwich, Abbey National and HSBC have developed other channels of delivery including digital TV and mobile phone banking service. All e-banks promise busy current account users speed and convenience. There are no counter queues in cyberspace and e-banks are open 24 hours a day, seven days a week. On-line banking customers can check their balances, view recent transactions, transfers funds, set-up standing orders and direct debits and also option to pay bills on line.

In the past, the banking industry was chiefly concerned with asset quality and capitalisation, if the bank was performing well along these dimensions than the banks would be profitable. Today performing well on asset quality and capitalisation is not enough. (Kalakota, Whinston.1997 p.30)

The Internet is a medium that provides a new dimension and introduces much opportunity especially for banks; the main advantages are outlined as follows:

• Enable innovation

• Cost savings

• Increased customer base

• Enable mass customisation

• Marketing and communication

• Developments of non core business

In a report issued by the BE Agency (2000), it states that the experts believe that the slump in high street banking due to deregulation can be revived by this new medium e-commerce, offering the potential of reviving or at least halting the decline, by raising customer service standards, increasing the choice of retail financial products, reducing the charges and giving customers a more convenient way to manage their money.

It is agreed with Patterson (2000) that the banks will have to go online, his reasons being as to why banks have to adopt this new medium is “in short answer to win over new customers” it is easier to leave it at that, but also the factors he has also said that it will also promote this new medium are lower cost of account servicing, cross selling opportunities, customer relations and because they have to.

Customers can now deal with their accounts personally at any time from anywhere in the word for any reason. Customers can also have the same facility to compare and contrast the products and services of a multitude of banks and choose one that meets their requirements. Knowing how safe is it to use the website and conduct transactions on-line is one of the most important issues. On-line privacy security the most important issues for all Internet users for now and years to come. Consumer's worry about companies may misuse their personal information such as identity theft, credit card details theft and virus attack virtually affect all areas of Internet use. (E-Marketer, 2002 Online)

It is important to remember that the Internet Banking is still at an early stage of developments, therefore the appearance; features and functions are continuously evolving (Foley and Jayawardhena, 2000)

The above statement is important and it is agreed that the Internet Banking is a new medium and inevitably will have many problems occurring in future. The argument is also supported by Gordan (2001) suggests that the biggest fear of using on-line banking is a fear of intruders hacking into you personal and financial information.

• Threats on the Internet

This chapter will discuss the threats on the Internet, from viruses to corporate raiders. This chapter will detail in all potential hazards of the Internet. Starting with viruses it will continue to discuss other threats.

• What is a ‘Virus'?

Computer viruses are called viruses because they share some of the traits of biological viruses. A computer virus passes from computer like a biological virus passes from one human to another. Traditional computer viruses were first prevented in the late 1980's, and were due to several factors.

The first factor was the spread of personal computers (PCs). Prior to the 1980's, home computers were non-existent or they were toys. Real computers were rare and ‘experts' locked them away for use only. During the 1980's, real computers started to spread to businesses and homes because the popularity of the IBM PC (1982) and the Apple Macintosh (1984). By the late 1980's PCs were widespread in businesses and homes.

The second factor was the use of the computer ‘bulletin board'. People could dial up a bulletin board with a modem and download programs of all types. Bulletin boards led to the precursor of the virus known as Trojan Horse.

The third factor that led to the creation of viruses was the floppy disk. In the 1980's programs were small size and you could easily fit the operating system, word processor and some documents onto a floppy disk. Many computers didn't have hard disks, therefore when it was switched on the operating system and all other system information was uploaded from the floppy disk.

The above figure 2 was part of the questionnaire and also facts and figures can also be view at www.securitystats.com

• How computer Viruses and Worms work

Computer viruses shows us how unknowingly vulnerable we are, but also it shows how sophisticated and interconnected human beings have become. For example, the “Melissa” virus, which became a worldwide phenomenon in March 1999, was so powerful that it forced Microsoft and a number of other very large software companies to completely turn off their e-mail system until the virus could be contained. The “ILOVEYOU” virus in 2000 had a similar devastating effect. This is quite impressive when you consider how simple the Melissa and ILOVEYOU viruses are.

Sources on ILOVEYOU viruses can be found in article Thursday, 4 May 2000, 19:04 GMT 20:04 UK at http://news.bbc.co.uk/1/hi/uk/736080.stm

• What is a ‘Worm'?

A Worm is a computer program that has the ability to copy itself from machine to machine. Worms move around and infect other machine through computer networks and can expand from a single copy incredibly fast.

The danger of a worm is that it can allow a variety of attacks to over the Internet (Garfinkell & Spafford, 1996). Slade (1996) also agrees with this statement and states that a well-crafted worm can look for vulnerable computer machine embed it in them and wait to launch a synchronised denial of service (DOS).

Worms use up computer time and network bandwidth when they are replacing, and they often have some sort of evil intent. The Code Red worm is expected to slow down Internet Traffic when it begins to replicate itself. Each copy of the worm will scan the Internet for Windows NT or Windows XP servers that do not have the proper anti virus software to protect their computers. Each time it finds an unsecured server, the worm will copy itself to that server. The new copy will then begin to scan also for other servers to infect. Depending on the numbers of unsecured servers, this worm could conceivably create hundreds of thousands of copies.

• Security: Threats on the Internet

Attacks on the security of a computer system or network are best characterised by viewing the functions of the computer system as providing information. Generally there is a flow of information from a source, such as a base file to a destination then to a user.

Below is diagram, which illustrates and shows how the security threat created.

Information Destination

Information Source

Security Threat: Interruption (source: Stallings, 1995) Figure 3

Interruption: An asset of the system is destroyed or becomes unavailable or unusable. This type of attack is on the Privacy. Destination of a piece hardware, such as a hard disk, the obstruction of a communication line, or to bring to halt the file management system, are all examples of this type of attack.

Information Destination

Unauthorised Agent

Information Source

Security Threat: Modification (Source: Stallings, 1995) Figure 4

Modification: An unauthorised party not only gains access to, but also hinders or tempers with this information or asset. This is an attack on Integrity. Examples of this include, changing values in a data file, alerting program so that it performs differently, and modifying the content of the message that is being transmitted on the network.

Information Source

Unauthorised Agent

Information Destination

Security Threat: Interception (Source: Stallings, 1995) Figure 5

Interception: An unauthorised party gets hold of the information, without the knowledge of the recipient. This type of attack is on Confidentially. The unauthorised party can be a program, a person, or a computer. Examples include wiretapping to capture data in a network, and the illicit copying of files and programs.

Information Destination

Information Source

Unauthorised Agent

Security Threat: Fabrication (Source: Stallings, 1995) Figure 6

Fabrication: An unauthorised party inserts counterfeit objects into the system. This is an attack on Authenticity. Examples may include the insertion of false messages in a network or the addition of records to a file.

According to Daniel Amor, (E-Business ®evolution, 2000) there are four main areas of attack, in which the most threats on the Internet can be classified. They are follows:

• Loss of Data Integrity - Information is created, modified or deleted by intruder.

• Loss of Data Privacy - Information is made available to unauthorised persons.

• Loss of Service - A service breaks down due to the action of a ‘Hacker'.

• Loss of Control - Authorised persons use services in an uncontrolled way (Amor 1999).

According to V Alunja 1996, these are the threats to network security, which can be classified into three general areas:

• Unauthorised access to the information

• Unauthorised modification of the information

• Unauthorised denial of service.

• Active Attacks

These attacks involve modification of the data stream and can be sub divided into four main categories they are as follows: (Stallings, 1999)

• Masquerade

• Reply

• Modification

• Denial of Service

Masquerade: Takes place when one entity pretends to be another entity. Authentication sequences can be captured and replayed after a valid authentication sequence has taken place, therefore enabling an authorised entity with few privileges to obtain extra privileges by impersonating an entity with those privileges.

Replay: Involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorised effect.

Modification: Simply means that some portion of a legitimate message is altered or those messages are delayed or recorded, to produce an unauthorised effect.

Denial of Service: Prevents or slows down the normal use or management of communications facilities. This attack may have a specific target. Another form of service denial is the disruption of a network, either by disabling the network or by overloading it with messages so as to degrade performance (Stallings, 1996). Breaches have occurred on sites such as Yahoo.com and Ebay.com, which involved DOS attacks these denial customers gaining an on-line service to the websites (Jolo, 2003).

Ghosh (1998) also agrees with the view of Jolo (2003) and states that the DOS attacks have been called the ultimate Internet security nemeses. Active attacks present the opposite characteristics of passive attacks. Devargas (1993) agrees with Stalling (1996) and he too talks about passive attacks and intentional hackings in his research. Devargas also talked about denial service attacks and replay, claiming that these were malicious attacks, which needed to be detected quickly in order to limit the damage.

All of these writers point to the main three areas of concern, which can categories most of the above mentioned attacks, they can be expressed as the following:

• Confidentially; Hacking, tapping, masquerading and eavesdropping.

• Integrity; Corruption due to line noise or deliberate intervention, repudiation of transactions, or modification and disruption of data.

• Availability: Requires that the computer system assets be available to authorised parties when needed, stolen passwords, imitating legitimate users etc.

• Natural and Physical Threats

These are threats that imperil every physical plant and piece of equipment. You cannot always prevent such disasters, but you can find out quickly if one occurs (with fire alarms, temperatures gauges and surge protectors). You can minimise the chance that the damage will be severe (i.e. sprinkler systems). You can institute policies that guard against hazards posing special dangers to computers, i.e. smoking or spillage of drink. You can also plan for disaster by backing up critical data off-site and by arranging for the use of a backup system that can be used if emergency does occur. (Cheswick 1995)

• Unintentional Threats

These are the dangers that ignorance brings, for example, a user or a system administrator who is not inadequately trained or who hasn't read documentation or does not understand the importance of following security procedures. A user might drop a disk, or might try to use a database package to perform a simple up date, and inadvertently wipe out a file. A system administrator might become the super user and change the protection on the password file or on critical system software. Much more information is corrupted and lost through lack of knowledge than through malice Cheswick (1995).

• Intentional Threats

These are threats with intent that security products are in place to protest against. The villains come in two varieties: Outside threats and Inside Threats. Some types of attacks are feasible only for certain types of attackers. For example a casual ‘Browser' is not likely to intercept decipher electromagnetic emanations, or perform a determined cryptographer analysis. The attacks can typically be warranted only by so called ‘High grade attackers' who have substantial resources, in terms of computing power, money, time and personnel behind them.

• Outside Threats Could Include

Foreign Intelligence Agents (FIA), Products using TEMPEST technology or sophisticated encryption device are most appropriate at installations. Where attacks on classified information are a realistic threat.

Terrorists,Attacks on the World Trade Centre, University computers centre, Military defence service, recruiting centres and Court buildings are all from the terrorists. The government worries about computer terrorism, as do airlines, oil companies and other major business organisations that protect information, which is vital to national interests.

Criminal, Computer crime is lucrative, and unlike many other types of crimes, can be carried out in tidy, anonymous electronic fashion. The goal may be outright theft or embezzlement or it may be extortion of some kind.

Corporate Raiders, More and more corporations rely on computers, network connections, and electronic mail. Corporate records, memos, and informal messages have become more vulnerable that ever to attack by competitors Cheswick (1995).

• What is a Hacker?

A Hacker is someone, who can solve problems, overcome limits and can adapt electronically (Raymond, 2000).

Hackers built the Internet. Hackers made the UNIX operating system what it is today. Hackers made the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a ‘Hacker'.

There is another group of people who loudly call themselves hackers, but in real they aren't. These people who get a so-called fun in breaking or hacking into computers and phone systems. The real hackers call these people ‘Crackers' and they don't want to associate with them. Hackers differentiate themselves according their beliefs that they build things and break things in terms of breaking into system.

Since the Internet is built on a loosely connected network of millions computers providing easy access to anyone security information can be difficult to ensure. So if your internal computer networks accesses the Internet there is no 100 percent assurance that the secure way to safeguard yourself from a dedicated hacker (Rosen, 2003 p132).

However the study by Middleton (2000) also states that the hackers are getting increasingly difficult to track, due to the fact that they have worked out that by breaking geo-political boundaries, and jumping to the target from terrorist countries, a law enforcement agency will get no help to track down the source of the attacks.

The statement shows that hackers are wising up to higher levels of security being adopted by organisations and law enforcement agencies, and the problem of security with e-commerce facilities will continue for a very long time in future.

However, Cluley (2000) claims that there are very few viruses that are groundbreaking or have huge devastating impact, hackers mainly relay on internal user gullibility. This statement also supports Davis's (2000) who also claims that the threat is internal as well as external. Therefore more attention has to be given to internal process in order to prevent external threats.

• Security: The Possible Answers

In todays rapidly changing environment it is important for businesses to stay in line with all new developments so that it can be beneficial to the company, in terms of competitiveness and functionality. For example with the arrival of the Internet, it was seen as a way of promoting and selling products at a reduced costs, with the ability of selling or communicating on an international level. This development changed the whole way that businesses practice their day-to-day process.

But the problem with the Internet is related to the important issues of security. This is because the Internet acts as a universal platform that can be accessed from almost anywhere in the world, which invites potential computers hackers to view any personal and confidential information.

Security has long been seen as a major issue in the adoption of Internet Technology in the enterprise. As networks have grown and connected to the Internet, so has the haunting of the hacker, on managers responsible for both delivering information within the organisation and to its partners, and protecting it from unauthorised outsiders.

• Firewalls

A Firewall is a form of access-control technology that prevents unauthorised access to information resources by placing a barrier between an organisations networks and an unsecured network (e.g. Internet). A firewall is also used to prevent the unauthorised export of proprietary information from a corporate network. In other words, a firewall functions as a gateway, controlling traffic in both directions.

There are three basic types of Firewalls:

• Packet Filters

• Circuit Level Gateways and

• Application Gateways

There is also a Hybrid Firewall, which can be a combination of all three above. Firewalls have been called ‘The Protector' of corporate networks. They provide digital protection associated with the rapid growth of Internet working and commercialisation of the Internet. Ghosh (2001) states that the firewalls are the first line defence against malicious users, placed between the computer network to be protected and the network that is considered a threat. However, the number of security incidents arising from Internet connects strongly suggests that not enough people are using them properly Zwicky (2001).

Internet

Internet Network

Firewall

Figure 7

Generally, firewalls are configured to protect against unauthenticated interactive logins from the ‘Outside' world. This is more than anything can help prevent vandals from logging into machines on the internal network. More elaborate firewalls block traffic from the outside to the inside, but permit users on the inside to communicate freely with the outside. The firewall can protect you against any type network borne attack.

Firewalls are also important since they can provide a single ‘Choke Point' where security audit can be imposed. Unlike in a situation where someone dialling in with a modem is attacking a computer system, the firewall can act as an effective ‘Phone Tap' and tracing tool.

• What can a Firewall not do?

Firewalls cannot protect against attacks that do not go through firewall. Many companies that connect to the Internet are very concerned about proprietary data leaking out of the company through that route. Unfortunately for those concerned, a magnetic tape can just as effectively be used to export data. Firewall policies must be realistic, and reflect the level of security in the entire network.

Firewalls cannot protect very well against things like viruses. In general, a firewall cannot protect against data-driven attack (attacks in which something is mailed or copied to an internal host where it is then executed). This form of attack has occurred in the past against various versions of send mail. Goncalves (1999)

At their simplest, firewalls consist of software which blocks access to internal networks from the Internet. While legitimate traffic such as email is allowed in to the mail server, programs such as search engine spiders or FTP clients cannot access machines inside the safe boundary of the firewall.

• Encryption

Encryption is the art of storing information on paper or anywhere else in a form, which it allows only authorised personnel to understand and use it. If an unauthorised person were to look at the information he or she would only see sequences of meaningless characters and symbols. An encryption system is what is used to accomplish cryptography. An encryption system is used to translate the stored information (that looks like gibberish) into useful and meaningful information (Decryption), like text or a picture. Stallings, (1996)

An encryption system is designed so that the process of converting the encrypted information is allowed only fewer than two conditions. The first of these conditions is usually that the person attempting to decrypt the information must have the encryption system, which in modern terms is likely to be a specially designed computer system.

The other condition is that the person must also have a piece of information called the encryption key. This is a piece of information that will be presented to the encryption system when the information is being encrypted and decrypted. If a piece of information has been encrypted with one key and a person attempts to decrypt the information with another key, the encryption system will not be able to make sense of the information. Therefore the output of the encryption system will be meaningless.

• Public Key Infrastructure Solutions

The use of public-key based security systems requires considerable care in design and management. The security of the entire system is ultimately guaranteed by the security of the key used for signing certificates at the top (commonly called the roof) of the public key infrastructure. Here specialised hardware can play a useful role.

Normally, all keys that are accessed by the server are held at some point in the main memory of the server, where they are potentially vulnerable to attack (for example, in a server core dump). A higher degree of protection is desirable for the most valuable keys.

A specialised hardware cryptographic module for storing and protecting the signing keys to provide an answer. The keys are stored in a strongly encrypted format. When loaded for signing, the keys are decrypted and loaded into the memory of the secure cryptographic module, which then performs all the signing operations on behalf of the server. The keys are never revealed in their unencrypted form to the server, so even an intruder manages to access the network the keys will remain safe. Physical design features of the module further assist security; tamper-resistant enclosures and advanced manufacturing techniques protect the keys from the physical attack.

The signing of digital certificates is also a computation-intensive process, so it makes sense to consider combing some kind of hardware acceleration of cryptography within the key storage module. This way, keys are rapidly handled within a secure environment and no processing bottleneck is introduced, even when a high transaction throughput is required. Stallings (1996)

• Digital Certificates

Digital Certificates - A digital certificate servers as an electronic substitute for sealed envelope or your signature when you send messages across the Internet. Your Digital ID resides securely in your browser or e-mail software and allows you to digitally sign and encrypt your email. A digital signature is unique personal signature specially created for use over the Internet. It is designed to perform the same function as the traditional handwritten signature in the normal world.

• Digital Signatures

A certificate is a special computer file that securely identifies a person or organisation on the Internet. Digital certificates can be very valuable for shopping, banking and other transactions over the Internet.

Digital certificates encrypt data using secure sockets layer (SSL) technology, an industry-standard developed by Netscape. This provides data encryption, server authentication, message integrity, and optional client authentication for TCP/IP connections. SSL is built into all major browsers (e.g. Internet Explorer and Netscape) and web servers.

SSL comes in two strengths, 40-bit and 128 bit session keys. The longer the key, the tougher it is to crack the encryption code. Most browsers support 40-bit SSL sessions, and the latest ones, including Netscape Communicator 4.0 enables users to encrypt transactions in 128-bit sessions-trillions of times stronger than 40-bit session.

With the new level of technology developed security is still perceived to be major risk, this statement is supported by Middleton (2000) who also states that new devices bring inherent risk to the future, i.e. new technology aiding business process will also provide an easier and more equipped level of technology for hackers to use. Moore (2000). Levels of technologies for hackers to use. Moore (2000) also predicts that the ever-increasing level of technology will increase the level of attacks putting customers and organisations at risk.

Gartner (2000) also predicts that the security will continue to be a major issue as long as the Internet exists; he claims that the “Criminals will employ a method of fraud or theft that involves duplicating small transactions million times”.

The reason Gartner (2000) states this scandals will take place due to the lack of adequate preparation and the increased base of skilled Internet experts (Hackers). He continues to state that cyber crime will explode in coming years increasing by 1,000 to 10,000 percent by the end of 2008.

The view to ill prepared websites and the ever growing number of hackers. Middleton (2000) states that the organisations are still losing to unseen enemies, i.e. Hackers, Bugs and viruses as managers fail to realise the possible threat, he continues to say, “security in the year 2000 was the year that wasn't as far as security is concerned”.

The love bug proved that no organisation is secure enough as many companies were caught off guard, Middleton (2000) continues to state “no matter as to the level of technology deployed by organisations, cyber criminals are still finding their way through”.

Security is a major concern but the evolution of this medium is still hard to believe, something that is perceived to be so insecure but still expanding at a rapid pace.

• Finding

A total 40 Lancashire based organisations took part in a questionnaire, which consisted of both open and closed questions. The questionnaire can be found in the appendices of this dissertation labelled appendix 2. Certain questions on the questionnaire were asked to compare and contrast what the present literature is saying. The results show a good insight into Internet Security. But it should also be noted that the results could be seen as been partial and unreliable as the respondents are only Lancashire based, this may deem to be unreliable as the quota was not totally random, as well as not representing all of the I.T world's options. Apart from this the results are shown below.

The first graph shows the variation of companies who took part in this questionnaire.

Figure 8

This graph shows the majority of the respondents were of the business to consumer and for the business-to-business categories. This also shows that the majority of the respondents were from the trading background, in either e-commerce or business-to-business solutions.

The next graph shows if the information held within the organisation is worth protecting or not. It probes the companies to identify if they hold valuable information or not. The graph shows that 28 of the 40 organisations felt that they had information worth investing in.

Figure 9

The next graphs sets out whether the forty organisations have a security management policy or not. It shows that out of the forty organisations probed 30 of them do not have the security policy in operation. Showing that they have not really looking into some form of plan and policy to protect their sites and information.

Figure 10

The following graph shows the reason for having a security management policy, the main response being ‘ a good business practice'. 50% of the respondents claimed it being a good business practice. With 17.5% claiming the policy to help ‘reassure' customers in using their sites.

Figure 11

The following graph gives the reader an insight into the issue of reviewing security policies. 68% of the respondents were unsure when the security policy is reviewed. With only 12.5% of the respondents reviewing after their site was breached.

Figure 12

The following graph shows that 47.5% of the respondents questioned admitted to their site being breached, all stating that their sites had been breached in a mixture of malicious and non-malicious nature. As expected some of the respondents refused to answer the question of whether their site had been breached or not.

Figure 13

The following graph was taken from the computing magazine dated November 2002. This graph shows that the number of hackings reported have increased by early 50% a year since 2000. This shows that there is a major issue with Internet Security, and that this issue needs to be addressed.

Figure 14

The following graph shows that the most feared attacks by the companies and organisations questioned. The main feared attacks being internal attack, viruses and interception of data, all in respective order.

Figure 15

The following graph shows the most used application for Internet Security. The main applications being used are; having an Intranet, Virus control and use of Firewalls, respectively.

Figure 16

• Cause of Network Security Problems

After interviewing an Internet Security Officer of a large multinational organisation, it was given the following insight into Internet Security. There are three main reasons for network security threats:

• Technology Weakness

• Configuration Weakness

• Policy Weakness

• Technology Weakness

Each networking and computing technology has inherent security problems, they are explained in the following:

• Operating System Weakness

• TCP/IP Weakness

• Network Equipment Weakness

• Configuration Weakness

Even the most secure technology can be misused, exposing security problems. They are detailed below:

• Insecure default settings within products

• Misused network equipment

• Insecure user accounts

• Misused Internet Services

• Policy Weakness

A poorly defined or improperly implemented and managed security policy can make the best security and network technology ripe for security abuse. Problems are detailed next page:

• Lack of awareness of being attacked

• Lack of written security policy

• Security incident and disaster recovery procedures are not in place

• Internal policies

• Logical access control to network equipment is not applied

• Lack of business continuity

• Software and Hardware installation and changes do not follow the policy

There are people who are eager, willing, qualified a sometimes compensated to take advantages of each security weakness and to continually discover and exploit new weakness.

• Conclusions

The phrase Internet Security conjure up many visions in ones head, this topic far greater details to carry out a through appraisal than can be covered by this thesis. Therefore, I have attempted to concentrate on certain key issues relating to Internet Security in order to remain within the confines of the original brief.

The Internet and the evolution of technology in general have increasingly changed the way we think, work and play. The changes bought on by the Internet and Technology increases at an ever-increasing pace, as do the side effects of all technology growth, which leads to adverse security threats to the net. The prime reason for the lack of security on the web is the advancement of technology. As a result the Internet is always in a catch up mode, since security has always devel