ITM550 SLP 2
docx
keyboard_arrow_up
School
Trident University International *
*We aren’t endorsed by this school
Course
550
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
5
Uploaded by demontezf
Demontez M. Fisher
Trident University International
ITM550 Network Planning & Administration
Dr. James Koerlin
19 Nov 2023
DShield, or Distributed Intrusion Detection System, is an online collaborative platform
that collects and analyzes data on cyber threats and attacks. It gathers information from various
sources, such as firewalls and intrusion detection systems, contributed by volunteers and
organizations worldwide. This collective data helps in identifying and understanding global
internet security threats, patterns of attacks, and vulnerabilities. DShield aims to provide a
comprehensive view of internet security threats to aid in better defense strategies and protection
against cyberattacks.
Prevalent Attacks
During the time of my visit, the three most prevalent attacks were Distributed Denial of
Service (DDoS), Phishing Attacks, & Ransomware. A Distributed Denial of Service attack is a
malicious attempt to disrupt the normal traffic of a targeted server, service, or network by
overwhelming it with a flood of internet traffic. In a DDoS attack, multiple systems or devices
are used to flood the target with an excessive amount of traffic, rendering it inaccessible to
legitimate users (Okeke, 2023). DDoS attacks can be launched using botnets—networks of
compromised computers/devices controlled by the attacker—or through other means that exploit
vulnerabilities in networks or systems. At the time of my visit, I noticed this was happening more
often than any other type of attack which was rather alarming.
The next attack that was the 2
nd
most prevalent was phishing attacks, which are common.
Phishing attacks are deceptive attempts by malicious actors to obtain sensitive information, such
as usernames, passwords, credit card details, or other personal data, by posing as a trustworthy
entity. These attacks typically occur through emails, instant messages, or other communication
methods (Keary, 2023). There are various types of phishing attacks such as fake emails, fake
websites, social engineering, and spear phishing. The easiest way to prevent these types of
attacks is to have proper education and training on what they are and how to properly detect
them before it’s too late.
A ransomware attack is a type of cyberattack where malicious software encrypts a
victim's files or entire system, rendering them inaccessible. The attackers demand a ransom
payment, usually in cryptocurrency, in exchange for a decryption key or tool that will restore
access to the encrypted data (Admin, 2023). These are extremely dangerous and completely ruin
everything on your computer, whether it be personal or professional. Ransomware often
infiltrates a system through phishing emails, malicious attachments, compromised websites, or
vulnerabilities in software. Once inside a system, it encrypts files, making them unusable.
Sometimes, victims may choose to pay the ransom in the hope of recovering their files.
However, there's no guarantee that paying the ransom will result in the safe return of the data.
Moreover, paying the ransom funds criminal activities and may not ensure that the decryption
key or tool will be provided.
Where are they coming from?
The origins of these attacks were often distributed globally. Most of the attacks came
from Southeast Asia, eastern Europe, & Africa. Historically, these regions have been known for
hosting a higher concentration of cybercriminal activities that specifically target the United
States. Unfortunately, as a cyber professional these are the types of threats you’re going to have
to deal with on a daily basis.
Internet Storm
Regarding the status of the Internet Storm at the time, DShield's Internet Storm Center
(ISC) continuously monitored and reported on cyber threats and vulnerabilities. It provided up-
to-date information on current cyber threats, vulnerabilities, and other security issues.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Apart from the ISC, DShield also provided access to various security tools and resources
useful for monitoring and defending against cyber threats. This included firewall logs, intrusion
detection system data, and other utilities that helped in analyzing and mitigating security
incidents. My personal favorite was the Intrusion detection system data. This is an interesting
tool to me because I’ve heard so much about it but never actually got a chance to see the data and
how it works.
Conclusion
DShield is a very interesting tool to use as a cyber professional. The blogs, podcasts, and
what seems to be unlimited tools are a welcomed feature. DShield assists a lot in identifying and
trying to prevent cyberattacks whether it be your home computer or work computer. It also
allows you to see where a lot of the attacks are coming from, especially the ones from our
adversaries overseas. The landscape of cyber threats is forever changing, and being able to see
them in real time in hopes of preventing them is a game changer.
References
SANS Internet Storm Center. (n.d.).
Internet storm center
. https://www.dshield.org/
Dmytro.tkach@apriorit.com. (2023, November 20).
12 cybersecurity best practices to prevent
cyber attacks in 2023
. Ekran System. https://www.ekransystem.com/en/blog/best-cyber-security-
practices
Keary, M. (2023, July 5) What is threatware? definition, types, how to protect against it. (n.d.).
https://www.techopedia.com/definition/threatware
Okeke, F. (2023a, September 11).
How to recover from a DDOS attack: 4-step plan
. Enterprise
Networking Planet. https://www.enterprisenetworkingplanet.com/security/how-to-recover-from-
a-ddos-attack/