Network Security

   

    Information in the form of collecting data is what causes the digital world to thrive.[1]  Data collection is used by many organizations and companies to track their clients in different ways for different purposes. This information, when collected, is made available and when information is made available it makes that information susceptible to those who should not have that information.  These are the people whose goals are to advance themselves by using other people's information against them. Therefore, data must be secured.      

 One of the methods used to infiltrate systems to steal data is in the form of malware and ransomware. “Malware is any software used to gain unauthorized access to IT systems to steal data, disrupt system services or damage IT networks in any way. Ransomware is a type of malware identified by specified data or systems being held captive by attackers until a form of payment or ransom is provided” (Americas Cyber Defense Agency).[2] These methods don’t just come in one form but multiple forms. This form of attack can lead to major disruptions in operations for a company. It can also cause harm to the company’s reputation, leading to significant financial loss that could result in lawsuits from their clients.

This is the reason constant cyberspace monitoring must take place. For companies looking to invest in resources that will help with this protection, the Cybersecurity and Infrastructure Security Agency would be a good place to start. This organization provides resources and tools to help other agencies be able to not only spot these sorts of threats but stop them from damaging the lives of others by stealing their information. They understand that effectively defending against cyber-attacks takes a coordinated effort, so they partner with companies to help win this battle. Some of the collaboration services they offer are:[3]

·         StopRansomware

·         Shields Up

·         Cybersecurity Alerts and Advisors

·         Joint Ransomware Task Force

Each of these tools were created to help prevent cyber attacks and respond with the necessary force needed to this ever-evolving threat.

            Another method used to infiltrate systems is phishing or smishing. These are forms of social engineering designed like that of malware and ransomware, to steal the information of others. The difference between the two is smishing utilizes spam calls and text messages with malicious links. Perpetrators hope the participants will click on these links to leak sensitive information. Phishing attackers use emails masquerading as an official entity embedded within the email. They like the smishing attackers, use malicious links with the same goal to have the participants click on them exposing their personal information.[4] If a system is compromised using this method it can cause identities to be stolen and great financial loss to the company and the individuals they serve.

            Computer systems are vulnerable to these kinds of threats because they use software such as outlook for emails and most computers if not all of them connect to the internet. This exposes computers to attacks because software can get bugged and internet usage opens the computer up to a wide world of infiltrators using links, fake threats, etc. to gain access to a person’s data. To protect a computer system or network against these forms of security breach companies should train their staff to be vigilant and skeptical. This means they should train them to not respond to unknown emails or text messages and to verify the sender’s identity.

Most companies have a security team that monitors these types of actions and have systems in place for the colleagues to send them to address. For example, if a email comes and the user is unsure of the content within the email either the sender or the information being requested they can forward it to the security team using what is called SPAM (other companies email system may have a different setup name). That clears the email from their server system and allows the security group to monitor it for malicious activity.

Another way to protect your systems from these types of security breaches is to implement an extra layer of security to your devices called multi-factor authentication (MFA).  While it may be annoying for you to have to go through more than one layer to access your information it also forces attackers to have to do the same. These additional layers form a barrier that protects the information on the computer or network system.

 References

“Data and Privacy.” (2024). Learning Platform | CompTIA. 2.0.

 “Malware, Phishing, and Ransomware.” (2024) - America’s Cyber Defense Agency.

Malware, Phishing, and Ransomware | Cybersecurity and Infrastructure Security Agency CISA. 

 SentinelOne. “Smishing Vs. Phishing: Key Differences Explained.” (June 14, 2025).

Smishing vs Phishing: Key Differences Explained.

---

[1] “Data and Privacy.” (2024). Learning Platform | CompTIA. 2.0.

[2] “Malware, Phishing, and Ransomware.” (2024) - America’s Cyber Defense Agency. Malware, Phishing, and Ransomware | Cybersecurity and Infrastructure Security Agency CISA.  

[3] “Malware, Phishing, and Ransomware.”

[4] SentinelOne. “Smishing Vs. Phishing: Key Differences Explained.” (June 14, 2025). Smishing vs Phishing: Key Differences Explained.