Facility Network Security
As the chief information technology officer at an outpatient facility, one is tasked with ensuring the current systems are in proper condition. The officer should also conduct frequent audits of the security systems to identify areas where threats exist and hence recommend measures that could be adopted to improve the situation.
The Existing and Potential Vulnerabilities and Threats
The potential network vulnerabilities that might face the health care facility include malware attacks. This is where malicious programs are inserted into the computers to explore vulnerabilities in the network systems. The most common malware includes viruses, Trojans, and worms (Firch, 2020). The second vulnerability to the network of the health facility is social engineering attacks. The attacks are driven by psychological manipulations instituted by the attackers to trick users into acting to expose the network to vulnerabilities. Some common social engineering forms include phishing emails, spam, spear phishing, and whaling (Krombholz et al., 2015). The third vulnerability is outdated or unpatched software that permits attackers to access the network. The misconfiguration of the firewalls and operating systems can enable threat actors to spy the network’s traffic easily, comprise the network’s functioning, or steal data.
Threats to the health facility network include reconnaissance threats, which involve the attacker analyzing the network to discover details such as IP addresses, services and protocols, and open ports. The most common reconnaissance attacks include packet sniffers, port scan and ping sweep, and internet information queries (Ahmad & Habib, 2010). Another threat to the network is the access attack. It is used by hackers who explore vulnerabilities within the network to access the health care facility’s confidential information. Common access threats that might face the health facility network include password attacks, trust exploitation, port redirection, and man-in-the-middle attack. Denial of Service (DoS) threat faces almost all networks. DoS attack involves overwhelming the hosted servers or network with useless traffic resulting in them to respond slowly or become completely inoperable (Sun et al., 2017). Some of the common DoS that attackers might use include Distributed Denial of Service (DDoS) and buffer overflow.
Countermeasure to Overcome Security Threats
Several techniques and tools are suggested to ensure the health facility’s network remains secure and capable of resisting security threats. One of the most significant security countermeasures that should be implemented includes establishing strong security policies for both employees and individuals to access the network to facilitate secure and smooth network functioning (RSI Security, 2019). Another measure that could be assigning authority of resources is another technique that should be applied, which involves a level of authorization being assigned for system or network access. Thirdly, the health facility should also install an Intrusion Detection System (IDS) into the network. According to Firch (2020), the IDS supports the system or network security by studying and analyzing log files and malicious activities.
The security countermeasure tools that can defend the system against threats and vulnerabilities include cryptography, which protects data from interception. The cryptography technique involves sending data in an unrecognizable form to ensure only the intended receiver and user can access or read the message. The data can also be sent using the asymmetric encryption or public-key, which uses two separate keys to secure and authenticate the network (Shaheen et al., 2019). Another tool essential in overcoming security threats is anti-malware software. Installing anti-malware in the network system will protect its ability to identify and prevent malicious programs from spreading in the system or interfering with its functioning.
Encryption Techniques for Wireless Network
Several encryption techniques for wireless networks exist, including Wired Equivalent Privacy (WEP), which uses 802.11 encryption and authentication standard. WEP consist of two versions, including 64-bit that uses a 40-bit key, and the 128-bit version that uses a 140-bit key (Asuncion, & Guadalupe, 2017). The other wireless network encryption technique is the Wi-Fi Protected Access (WPA), which implements the IEEE 802.11i standard and uses the Temporal Key Integrity Protocol (TKIP) to improve LAN security.
The other encryption technique for a wireless network is the Pre-Shared Key Mode (PSK), which contains a common key or password required to access wireless hosts. In PSK, all users who share the network are provided with a key or password that they can use to connect their devices to the wireless network (Shaheen et al., 2019). However, the technique is considered less secure since the higher the number of people connected to the network, the higher the chances of someone losing or exposing the password to unauthorized individuals.
The recommended encryption technique for the health facility wireless network is the Enterprise Mode. This approach involves clients authenticating to the wireless network with a username and password. The authentication is highly prioritized in the enterprise model, as users are divided into access groups allowing them to only access resources assigned (Shaheen et al., 2019). Users also develop their usernames and passwords, ensuring nothing is shared and making it easy to monitor the users’ time logged in the system.
The Prevention of Attacks and Proper Maintenance Needed
The recommended techniques for preventing cyber-attacks that should be adopted by the health facility include training users in cybersecurity landscape, including how to mitigate cyber risks, risks associated with unsecured networks, how to avoid cyber threats, and password management. Other measures include installing, using, and regular updates of antivirus, anti-malware, and antispyware software on every computer and device within the health facility connected to the facility network. The health facility should also ensure the hardware is secured and sophisticated, password-protected, and backed up by a multi-authentication. The data is transferred and shared within the network should also be encrypted to ensure its safety if it falls into the wrong hands. Proper maintenance required to achieve cyber-attacks preventions, including a regular update of security tools installed, such as antivirus and anti-malware software. Users should also regularly change their password and ensure they are strong enough (Goud, 2020). Updating and patching software should be conducted timely to avoid exposing the systems running applications or the network to attack actors.
Conclusion
Based on the threats identified by the chief information technology officers, methods for their detection and mitigation have been proposed. Implementation of the recommended countermeasures will ensure that the health facility is more secure, preventing major losses.
References
Asuncion, A., & Guadalupe, B. (2017). Wired Equivalent Privacy (WEP).
Firch, J. (2020). What Are The Most Common Types of Network Vulnerabilities? Purplesec. Retrieved from https://purplesec.us/common-network-vulnerabilities/
Goud, N. (2020). Ways to prevent cyber attacks on your company. Cyber Insiders. Retrieved from https://www.cybersecurity-insiders.com/ways-to-prevent-cyber-attacks-on-your-company/
Krombholz, K., Hobel, H., Huber, M., & Weippl, E. (2015). Advanced social engineering attacks. Journal of Information Security and applications, 22, 113-122.
RSI Security. (2019). Network Security Threats. Retrieved from https://blog.rsisecurity.com/top-10-network-security-threats/
Shaheen, A. M., Sheltami, T. R., Al-Kharoubi, T. M., & Shakshuki, E. (2019). Digital image encryption techniques for wireless sensor networks using image transformation methods: DCT and DWT. Journal of Ambient Intelligence and Humanized Computing, 10(12), 4733-4750.
Sun, H., Peng, C., Yang, T., Zhang, H., & He, W. (2017). Resilient control of networked control systems with stochastic denial of service attacks. Neurocomputing, 270, 170-177.
Strengthening Legal Frameworks for Prosecuting Piracy and Related Offenses in the Arabian Sea and Red Sea
Strengthening legal frameworks for prosecuting piracy and related offenses in the Arabian Sea and Red Sea. Piracy in the Arabian Sea and Red Sea poses significant threats to international maritime security and trade. This paper examines the effectiveness of current legal frameworks in prosecuting piracy and related offenses in these regions. By analyzing international conventions, […]