The need to secure the system from the attackers seems to be the need of the hour.The attacker can be an outsider and not surprisingly could also be an insider.The most glaring and unintentional mistake that most designers and analysts perform while designing systems is securing the system from external attacks but leaving the system prone to internal malicious attacks.Such attacks can lead to unclaimed losses adding to the woes of the management.The internal attacks can be classified into two types
One initiated by the insider of the system , who has wired the system together.This attack may be motivated due to some emotional injury caused due to ego clashes in the organization ,and an attack on the system would be the single most motive of such an employee.
The other type of attack is performed by a person inside the organization who has complete unrestrained access to the system , but such attacks are initiated by outsiders who use the insiders to crash the system or fetch vital information having significant market value.
A different shade of an internal attack may be initiated by the outsider by gaining illegal access to the system by using the vulnerabilities of the system to their boon.A general fallacy is of treating such attacks as external attacks, as it is initiated by an external agent and the agent uses the entry point or the gate of the system to gain access into the system.Though the vulnerability at the external layer helps the agent enter the system , such vulnerabilities are generally the ones which cannot be rectified; which is also known to the architects but unfortunately also to the attackers.So an internal WBC artillery mechanism should be designed for such systems in which external entry points cannot be sealed.
A secure system is not a system which is only secure from external attacks but also from unmitigated internal attacks.Securing the system against such attacks can save the system and the management a fortune.
No comments:
Post a Comment