Application-Layer Attacks: These attacks target servers by causing a fault in an operation system application, allowing the attacker(s) to bypass normal access, to modify data, inject viruses and malware programs, replicate software that may reproduce throughout your network and beyond, manipulating and corrupting data, terminating or disabling programs, security protocols, culminating in the crashing of system(s) connected to the network.
Although we have explained a number of different methods of attacks, be aware that perpetrators of these attacks most often use a combination of these methods to attack your system at once,” explains CSI Account Manager E. Cruz. “It is essential that today’s law enforcement departments and agencies have the resources available to deal with, prevent, and reduce the number of attacks. These resources include hardware, software, and human-ware resources. By following a number of precautionary steps, many of the attacks could be reduced, if not completely avoided.”
Every agency’s IT administration and policy needs a protection strategy that provides for hardware devices that will minimize the network from being compromised, software to avoid and detect viruses and malware and human-ware to keep the network users empowered to avoid attacks and being compromised. For those tasked with the responsibility for your critical law enforcement networks who are reading this and think this scenario will never happen to you, we want to make you aware of a recent issue that occurred at a client site.
In March 2014, CSI Technology Group was notified by a public safety client that our software running at their organization had become unstable and was not allowing the clients resources to complete its public service mission. Upon learning of this, CSI began to monitor the client’s network and we observed a fluctuation in network activity and resources. The fluctuation became so damaging that the monitoring of the clients network came to a standstill. A CSI Technology Group team immediately deployed to the client’s site.
“Upon arriving at the client’s site and upon further physical inspection, we saw the server lights and auxiliary connections from the network were lighting up like a Christmas tree during a snowstorm,” remarks Cruz. Further investigation by the response team members identified CSI Technology Group software as having being the victim of a major Denial of Service Attack initiated against the client’s network. More detailed analysis and review of the network by members of the Response Team allowed the CSI team members to initiate a stopgap approach and terminate the attack. Upon the termination of the attack, CSI Technology Response Team members confirmed the validity and integrity of the client’s data, resumed the normal operation of the network, and soon had the CSI applications running on the server and within the client’s network.
Within a matter of hours, the Denial of Service Attack was contained, and the client was once again completing their mission critical public safety tasks. In addition to returning the client to normalcy, members of CSI Technology Group consulted with the client to reinforce their network to further reduce the vulnerability to any attacking forces.
Recently, hundreds of thousands (or more) of web sites across the Internet were hit with a specific type of virus/malware known as Heartbleed. It was estimated that 60 – 70% of the web sites on the Internet were vulnerable to, or attacked by, Heartbleed. CSI Technology Group does not use the particular type of security protocol that is vulnerable to this attack, and therefore no InfoShare applications were impacted or had their Identities hijacked. Still, it is always recommended to exercise caution and employ sound tactics regarding the security of your computer systems, including good password policies, proper firewall and network implementation, etc.
CSI Technology Group, a premier e-Government software solution provider located in Keasbey, New Jersey, continues to be in the forefront of partnering and assisting law enforcement with mission critical, Internet-based software solutions. CSI stands by to support our clients during system emergencies and in matters involving the operation of your system and protecting your law enforcement assets. Please do not hesitate to contact our office or your Account Manager to discuss.