Network Security Threats: What Are They and
How Can We Protect Ourselves?
With the increasing number of attacks and data breaches over the internet, individuals and companies need to be aware of protecting their networks. At this point, issues such as financial losses, reputation damage, and data leaks can occur.
To establish a strong foundation for network security, a good understanding of network architecture is essential. Network architecture is a concept that defines how the components and structures of a network are organized and interact with each other. It is a fundamental factor that affects the scalability, security, and management of a network.
Network Layers
Network architecture typically follows a layered structure, where each layer performs specific functions. Devices within the network must speak the same language. In this context, we will examine the OSI Model’s 7 layers.
The layers and the protocols and technologies used in each layer are as follows.
Application Layer
This layer is the closest to the user and enables applications to run over the network.
HTTP/HTTPS: Protocol that enables viewing web pages over the network.
FTP: Facilitates file transfer from one computer to another, establishes interactive connections.
SSH/Telnet: Client-server protocol based on secure connection transfer. SSH is an enhanced encrypted version.
SNMP: A protocol that operates with request and response messages.
SMTP: Mail sending protocol.
Firewall: Devices that block unwanted traffic in both directions.
Presentation Layer
At this layer, data is transformed into a format understandable by the receiver. File extensions are determined at this layer, and data encryption and decryption are performed.
GIF: An image format.
JPEG: The best file format for digital conversion.
TIFF: A file format used to store raster, graphics, and image data.
EBCDIC: An 8-bit encoding used in IBM mainframes.
ASCII: Represents characters entered into the computer in its language.
Session Layer
Known as the layer of sessions established between communicating devices. It controls dialogs and opens and closes sessions.
NetBIOS: Provides services to communicate on a local area network between separate computers.
RPC: Program request among computers in a network without knowing network details.
Named pipes: Enables reading of data written on it in order.
Sockets: Allows instant data exchange.
Transport Layer
Ensures that data to be reached should arrive at its destination without damage (divides into segments). It checks if the data has reached the destination.
TCP: Enables communication between computers in small packets without loss.
UDP: Used for voice and video transmission, faster.
Network Layer
The network layer is where information used by routers when data packets need to be sent to a different network is added. Data is transported in packets.
IP: Unique serial numbers that enable devices to communicate with each other.
ICMP: Checks whether sent packets have reached their destination and provides feedback.
IGMP: A protocol that enables data and packet sending from one host to other connected computers.
IPv4/IPv6: 32 and 64-bit IP addresses.
Router: Selects the shortest path among existing paths. It is another gateway to the Internet. It is divided into Dynamic (automatic) and Static (manual), where Static is more secure.
Data Link Layer
Rules for reaching the physical layer. It operates with Ethernet, token-ring access methods. Data is fragmented and transmitted to the physical layer. The fragments are framed. It is within the network layer and its task is to recognize other computers, detect who is using the cable, and control incoming data for errors.
MAC: Unchangeable codes given during the production of each device.
ATM: Network technology that divides various types of data, such as sound, image, and video, into fixed-sized data packets for transmission.
PPP: Point-to-point data transmission protocol.
Frame Relay: Enables every point on the network to connect to the nearest service provider switch.
CSMA/CD: Works for/CD after a collision occurs.
CSMA/CA: Works for/CA to prevent collisions from happening.
Switch: Establishes connections between the main computer and the device to which data is sent.
Bridge: Establishes connections between hubs. Grants passage and prevents unauthorized passages.
Physical Layer
The structure it will take on the cable is defined. Converted into electrical signals for 1s and 0s. How it will be defined on the media used is also determined. During data transmission, both parties must adhere to the same rules.
DSL: Technology that provides high bandwidth to homes and offices over ordinary copper cables.
ISDN: Cloud-based digital network system that enables voice, data, and image transfer.
Bluetooth: Enables short-range data transfer in fixed and portable devices.
WI-FI: Technology that wirelessly connects different devices to each other.
HUB: Devices evaluated for connecting computers.
Repeater: Converts the electrical data received from an Ethernet segment into binary code. It is sent to the other segment. Amplifies the signal power. Improves corrupted signals.
RS232: A communication standard.
FDDI: A high-speed computer network.
Network Monitoring
Each of the layers mentioned above faces risks when a user connects to a network. At this point, network monitoring is a critical element for network security. Knowing what monitoring tools are and how their methods are used is essential. Monitoring tools analyze network traffic, detect anomalies, identify attacks, and facilitate monitoring network performance.
Network protocol analyzers
Security Information and Event Management (SIEM) systems
Network performance monitoring tools
Examples of the tools mentioned above can be given.
Threat Detection and Attack Prevention
In network security, threat detection and attack prevention are crucial. Detecting security events, preventing malicious software, and blocking attacks are some of the technologies used at this point.
IDS/IPS systems in firewalls
Behavior-based threat detection
Malware analysis and update management
Current Threats and Tips
Networks enable the transmission and storage of sensitive and valuable data. Businesses have important information such as customer data, financial data, and trade secrets. Protecting this data from unauthorized access and ensuring their privacy and integrity is of critical importance.
Security vulnerabilities and attacks in a network can adversely affect its operation and endanger service continuity. DDoS attacks, ransomware, or interruptions caused by unauthorized access to the network can lead to significant financial losses and damage to the reputation of businesses.
Customers trust businesses by sharing their personal and financial information. In the event of a breach, customer confidence may be shaken. In many sectors, compliance with security standards and legal regulations is mandatory. Protection of personal data and the security of customer information are legally guaranteed in many countries. Network security measures can help avoid these legal penalties.
Considering these measures:
Using strong and complex passwords
Using a firewall
Using up-to-date software and devices
Network segmentation (separating critical parts into logical zones to prioritize recovery in case of damage)
Malicious software protection
Authorization and Access Control (restricting user privileges, controlling network entries and exits)
Education and Awareness (not overlooking the importance of the human factor in security, raising awareness of users about social engineering attacks) is important.