Access Points from Outside the Network

Posted on | by Veronica Gonzalez

Access Points from Outside the Network

There are many aspects to the field of Network Operations. One of these is computer network security. While maintaining the integrity of an organization’s computer network between many of the information technology devices, there are access points through wireless technologies which are hacker exploitable. Although there are measures to eliminate data breaches to sensitive information belonging to organizations and members of the public alike, it is important to accept the fact that everyone plays a role in maintaining information security.

According to the article Security Threats of Smart Phones and Bluetooth by ALFRED LOO, published March of 2009, an experiment using a “Bluetooth sniffing program” was conducted in order to acquire information in a public area. It also includes that “The objective was to ascertain the number of Bluetooth-enabled mobile devices that could be infected with viruses wirelessly. In less than 23 hours, more than 1,400 vulnerable devices were detected, most of which were mobile phones.” Although members of the public did not have their information compromised during this experiment, it is important to realize that the results reveal a network security threat for individuals and organizations through the use of wireless technologies with access into computer networks. Additionally, the experiment provides insight into how hackers can conduct a similar sweep to acquire information from people in a public location, unbeknownst to them. Such methods pose a threat to network security for network operations personnel.

Photograph by NESA by Makers on Unsplash

The benefit is that Network Operations professionals exist to address these concerns within companies and organizations. Information security professionals monitor an organization’s computer network for malicious activities, sometimes conducting their own penetration tests to their organization’s computer networks in order to discover accessible areas requiring reinforcement. Like any information security mission, securing a computer network can be complex and intricate.

Photograph by Oleg Magni on Unsplash
Photograph by Oleg Magni on Unsplash

The prospect of having one’s privacy compromised can be daunting, and it is necessary to recognize that personal security and privacy can be undermined, a fact that many personnel do not understand how they are responsible for data breaches from within an organization. According to an article from Techradar.com entitled 90 Percent of Data Breaches are Caused by Human Error by Anthony Spadafora on May 08, 2019, “A new report from Kaspersky Lab has revealed that security incidents in public cloud infrastructure are more likely to occur as a result of a customer’s employees rather than by actions carried out by cloud providers.” This implies that the information security problems are caused by people who either expose their sensitive information as a result of their ignorance or their negligence. Additionally, this data supported assertion places the responsibility concerning information security in the hands of network users in conjunction with information security professionals. This requires a concerted effort on behalf of all employees and users to maintain network security.

Upon realizing this fact can prompt users to place demands upon their governmental bodies or places of employment to address every possible network security concern, in order to make an impenetrable security network. However, such emotional pleas for more regulation can lead to a scenario where personal privacy is replaced with constant surveillance, something that is ironic since the pressure to keep hackers from accessing information requires the willful submission of the same privacy to a governing authority whether it be government or an employer.

In order to address these concerns, initiatives designed to increase security can be invasive. An article located on the MPN News website with the headline Wisconsin Company is Injecting RFID Microchips Into Hands of Employees – “They Love It” by ZeroHedge.com on August 20th, 2018 mentions that “The implant, which is about the size of a grain of rice, is also found in credit cards, debit cards, key fobs, and smartphones.” This wireless technological device “… utilizes Near Field Communication (NFC).” Although it praises the convenience provided by the implant stating that “The chip’s applications are devilishly simple; from locked doors, to cashless commerce, to providing first responders with detailed medical information in the event of an emergency – the possibilities are seemingly endless,” it should be noted that it also mentions that “…the security risk behind any wireless technology leaves the device vulnerable to hackers, who will eventually discover wireless methods to steal personal data stored on the microchip.” This downside of having an RFID chip implant is explained further stating that “…buried towards the end of the MTR article are concerns over security – such as the fact that anyone with an RFID reader can cozy up to a chipped individual and ping their implant to glean personal information. But hey – CEO Patrick McMullan points out that “similar personal information could be stolen from his wallet, too.” The possibility of this type of data breach counters the arguments for increased privacy and personal cybersecurity since those stealing the information have a face to put with the information. The difference is between a possible hacker apprehending someone’s information amongst many or a governmental body already having it, with the possibility that its databases can be hacked.

Also, even with the amount of praise the article has for the RFID wireless technology, the article also recognizes that there may be a downside to having an RFID chip implant stating that “…buried towards the end of the MTR article are concerns over security – such as the fact that anyone with an RFID reader can cozy up to a chipped individual and ping their implant to glean personal information. But hey – CEO Patrick McMullan points out that “similar personal information could be stolen from his wallet, too.” The possibility of this type of data breach counters the arguments for increased privacy and personal cybersecurity since those stealing the information have a face to put with the information. The difference is between a possible hacker apprehending someone’s information amongst many or a governmental body already having it, with the possibility that its databases can be hacked.

It includes that “In the fast-approaching dystopic future, corporations and government could soon be collecting private data on their citizens via implanted microchips.” The fact that a government or a company may possess private information on individuals, it is necessary to understand that, allowing another party to maintain one’s personal information can be vulnerable to whatever party decides, defeating the purpose of maintaining security.

The opportunity for the aspiring IT professionals is that the ongoing need for more network security may require an increase in the demand for network operations professionals. With this knowledge, information security professionals of the future can contribute to the making computer network technology more secure.