Sylvester Ngoma
Ph.D. Candidate
Information Technology Educator
March 04, 2012
Vulnerability of IT Infrastructures
1
Introduction
The pervasive and complex nature of security threats to Information Technology (IT) continues to be a major concern for modern organizations and businesses. IT infrastructures, which have become the cornerstone of organizational management, are highly vulnerable to potential attacks and sabotage. IT vulnerabilities may be attributable to internal and external sources (McNamara, 1998; Yeh and Chang, 2007). As Colwill (2010) notes, these sources can be intentional or accidental.
IT threats are multilayered. They involve a number of components including …show more content…
Vulnerability Analysis of IT Infrastructure
Vulnerability as a concept and as a process has been defined as a weakness that can be exploited to gain access to data (Liu and Cheng, 2009). Vulnerability refers to a deficiency or a security hole. There is a general consensus that computer systems and networks are inherently imbued with a number of weaknesses that may compromise their security. Weaknesses take various forms: architectural, procedural, and structural. Programming errors, network errors, operation errors, compatibility errors, and configuration errors are some examples of vulnerabilities. It is supremely useful to identify sources of the vulnerabilities. Ramarkrishnan and Sekar (2002) argue that vulnerabilities stem from interactions among several system components such as operating system, file system, sever processor, and content.
There is ample evidence that IT systems are facing serious security challenges. The nature of the threat has evolved, and with it, the sources, the perpetrators, the intent, and the consequence (Yeh and Chang, 2007). From the fear of forced access to physical entities …show more content…
Without the intervention of the Federal Bureau of Investigation (FBI), this transaction would have gone through. Because of the financial impact and the severity of the damage these acts may cause, the United States Congress approved the Economic Espionage Act of 1996 to deter both espionage and other IT sabotage acts. Although there has been a
Vulnerability of IT Infrastructures
8
significant decrease in the annual cost of information theft fraud from $56 billion in 2002 to $37 billion in 2010, according to the 2011 Javelin Strategy & Research Report, much work still needs to be done to secure IT infrastructures in the United States. McNamara (1998) points out that the annual loss in 1998 was only $136 million, according to a CSI/FBI Computer Crime Survey.
Peer-to-Peer Applications
By default, open peer-to-peer (P2P) networks are vulnerable to security threats (Vlachos,
Androutsellis-Theotokis, and Spinellis, 2004). P2P applications including VOIP, instant messaging, videoconferencing sharing, and open source file sharing (Waklawsky, 2006) are another source of IT security threat in an organization. Architecturally, P2P networks are vulnerable to attacks. Through file-sharing, networks may be exposed to malicious