Organizations of any size can have millions of transactions occurring every day between customers, employees, and suppliers. Today, many systems are automated. They generate their own transactions in the form of online product queries, searches, inventory checks, authorization checks, and log entries. Tracking of product, pricing, invoicing, service calls, e-mail, instant messages, support tickets, and order processing all require data. One touch of a keyboard generates potentially hundreds of transactions in today’s complex business environment. All of this information needs to be protected. Whether the data is stored at rest on a hard drive or in transit over the network, regardless of form or method of access, threats to the information must be considered.
Operation security is under constant attack by threats both internal and external, ranging from disgruntled employees to worldwide hackers. There’s no perfect defense because hackers are able to bypass, compromise, or evade almost every safeguard, countermeasure, and security control. Hackers are constantly developing new techniques of attack, writing new exploits, and discovering new vulnerabilities.
As the sixth century B.C. Chinese military strategist and philosopher Sun Tzu stated in his famous military text The Art of War: “If you know the enemy and know yourself you need not fear the results of a hundred battles.” Once you understand how hackers think, the tools they use, their exploits, and their attack techniques, you can then create effective defenses to protect against them. Understanding hacking not only improves network security; it also maintains security at a high level of readiness. Network security is a job that’s never done..
Why is understanding hacking, exploitation, vulnerabilities, and attacks critically important?
What motivates hackers to attack computer networks?
Why does anyone get involved in illicit activity outside the mainstream?