This essay focuses on the implementation of safeguards. infected a number of domain name servers (DNS) with malware called DNSChanger. This malware
This type of scheme is not limited to just individuals but also to large organizations. In another example, a cyber-crime syndicate, which is called Operation GhostClick, infected a number of domain name servers (DNS) with malware called DNSChanger. This malware redirected requests through criminal-controlled servers, collecting money through fraudulent advertisement clicks from unsuspecting and legitimate companies (Lemos, 2011).
Threats are not always external; there are also internal threats. Internal threats usually come from within the organization. An example is when a disgruntled employee gains access to the system to cause harm. A second example is phishing. This occurs when an employee posts sensitive data to what he or she thinks is a legitimate company website or e-mail. Another example would be pre-texting; this is when someone pretends to be someone else for the purpose of gathering sensitive data such as social security numbers, passwords, and account information (Kroenke & Boyle, 2018).
So, what are organizations doing to prevent threats? Because of the changing nature of IS security, it is very difficult to predict threats, but when they occur, they can be mitigate through the implementation of safeguards. An example of a safeguard is the creation and use of strong passwords. Strong passwords contain a mixture of alphanumeric and special characters as well as lowercase and uppercase letters.
Even though strong passwords are difficult to crack, they are vulnerable to brute-force attacks where a hacker tries every possible combination of characters to crack the password and gain entry. This is one way an individual can respond to security threats.