Webmasters are facing increased vulnerability of computer infrastructures from malware due to the rise of the cloud. The more links in a computer network, cloud-based servers, and mobile applications, the more potential for vulnerabilities. A webmaster must focus on network security, internet security, and cloud security.
In order for webmasters to improve IT security for the network, they must secure servers, databases, web applications, and APIs (application programming interfaces).
There are many key elements in the protection of a computer and its infrastructure. A webmaster must consider the right anti-malware, firewalls, and network intrusion detection systems (NIDS) for network security. Additional ways to test network security include vulnerability testing and penetration testing.
Anti-malware software prevents, searches for, detects, quarantines, and destroys computer viruses. Anti-malware tools should be installed by an organization’s webmaster in every computer that accesses outside networks, including the internet. The anti-malware software should be kept up-to-date to combat new malicious code that is being created on a regular basis.
Anti-malware software scans files and directories to identify malicious code. It allows the webmaster to schedule scans to run automatically. The anti-malware software removes any malicious code detected and may quarantine viruses so they don’t further infect the computer.
Virus – code that is capable of copying itself while corrupting a computer and destroying data
Worm – a self-replicating computer program that penetrates an operating system to spread malicious code, typically to consume bandwidth, delete files, and/or send documents via email
Trojan Horse – a program designed to breach the security of a computer system, typically to allow hackers to gain access to it
Rootkit – software designed to hide once an operating system has been compromised by replacing vital procedures needed to run a Windows operating system
Spyware – software that gives someone the ability to obtain information about another user’s computer activities, to collect personal information, and to monitor internet browsing activity
Keylogger – a computer program that records every keystroke made by a computer user, typically to gain access to passwords and credit card information
Ransomware – software designed to block access to a computer system until a sum of money is paid
A firewall is the part of a computer system or network that is designed to block unauthorized access while permitting outward communication. A firewall typically establishes a barrier between a trusted, secure internal network and another outside network that is assumed not to be secure.
Network Intrusion Detection Systems (NIDS)
Network intrusion detection software monitors a system for suspicious or malicious activity. It enables webmasters to target threats and halt attacks. Some of the attacks that this software may find include data interception, denial-of-service (DoS) attacks, identity theft, SQL injection, and zero-day attacks.
Symptoms of malicious attacks include unusually slow network performance, unavailability of a particular website, and an inability to access any website.
Data Interception – This is the unauthorized taking or interception of computer-based information. Every time communication is sent across a network, it is split into packets. As these packets travel from one part of the network to another, they are at risk of being intercepted.
Denial-of-Service Attacks – DoS attacks occur when legitimate users are unable to access information due to malicious cyber threats, according to the United States Computer Emergency Readiness Team. This is done by flooding the targeted host with traffic until it cannot respond, preventing access.
- Smurf Attack – This occurs when an attacker sends Internet Control Message Protocol broadcast packets with a spoofed source IP address.
- SYN Flood – A SYN flood happens when an attacker sends a request to connect to a target server but never completes the connection. The incomplete connection leaves the connection port occupied and unavailable.
- DDoS Attack – A distributed denial-of-service is when multiple machines work together to attack one target. Typically, this comes from the internet of things (IoT), or every device that is connected to the internet.
Identity Theft – Identity theft is the fraudulent acquisition and use of a person’s private information for financial gain. Someone’s identity can be stolen by data breaches, dark web marketplaces, malware activity, mail theft, and phishing attacks.
SQL Injection – SQL injection is an attacker’s execution of malicious SQL statements that control a web application’s database server. This type of attack can affect any website or web application that uses a SQL database. The attacker bypasses a web application’s authentication and authorization and retrieves the content of the database. This attack can add, modify, or delete records in a SQL database.
Zero-Day Attacks – This is an unknown exploit that exposes a vulnerability in software or hardware. A zero-day attack happens when the exploit is exposed before a developer can patch the vulnerability. Once a patch is written, the exploit is no longer a zero-day exploit.
A vulnerability assessment defines, identifies, classifies, and prioritizes vulnerabilities. Webmasters identify the worst case scenario and set up a proactive plan. They will use security analysis software to identify vulnerabilities in individual computers, networks, and servers.
Network based scans are used to identify possible network security attacks. Host based scans find vulnerabilities in servers, workstations, and network hosts. Wireless based testing scans an organization’s Wi-Fi network for vulnerabilities. Database scans help identify weak points in databases.
Penetration testing is the deliberate probing of a network for weaknesses. A simulated cyberattack against a computer system can be used to identify exploitable vulnerabilities. External penetration tests target the assets of a company that are visible on the internet, a web application, a company website, or an email or domain name server.
Blind testing simulates the actions of a real hacker. Double-blind testing is the same thing, except that security personnel doesn’t know ahead of time that this test is being done.
Internet and Cloud Security
A webmaster will want to secure a website with an SSL certificate, TLS for web application security, and OAuth 2.0 for information sharing. Other systems and software that can help with internet security include WebSocket and data encryption.
SSL Certification – SSL stands for Secure Sockets Layer and consists of small data files that digitally bind a cryptographic key to an organization’s website. An SSL certificate activates the padlock and the HTTPS protocol, allowing a secure connection from a web server to a browser. The organization installs the SSL certificate onto the web server to initiate a secure session with the browser.
Transport Layer Security (TLS) – TLS is standard for two networked applications or devices that exchange information privately. TLS offers authentication, encryption, and integrity.
OAuth 2.0 – This is an open standard for authorization. OAuth works over HTTPS and authorizes devices, APIs, servers, and applications with access tokens.
WebSocket – WebSocket is a specification that defines an API establishing socket connections between a web browser and a server. The WebSocket protocol creates a persistent connection between the client and the server allowing the transfer of secure data.
Data Encryption – This describes the translation of data into code that is accessed with a secret key or password. Data is encrypted with an encryption algorithm and an encryption key.
Two types of data encryption include symmetric encryption and asymmetric encryption. Symmetric encryption uses the same secret key for encrypting and decrypting. Asymmetric encryption uses an algorithm to exchange the secret key after the symmetric algorithm is used to encrypt the data.
Ready to get a job protecting an organization’s computer infrastructure? Covered in Hunter’s computer coding classes are the basics of IT security, the different types of common threats, and protective measures to avoid security pitfalls.
The Web Application Design and Development program curriculum includes exercises that expose common security issues and teaches how these issues can be preemptively avoided.
Career Services at Hunter Business School
Hunter Business School’s Career Services staff members help students jumpstart, and then advance in, stimulating and gratifying careers in the web app field. The entire department helps the prospective employee make the transition to the workplace as quickly and easily as possible.
Placement services include job interviewing skills, résumé preparation, cover and thank you letter writing, job externships, and career counseling and support. Job placement assistance is available for Hunter Business School graduates for life.
Contact us today to find out more about how to become a webmaster on Long Island.