Post #6 – Network Security: Ransomware, Social Engineering, and Ping-Based Attacks

Course Learning Outcome: CLO 6

In today’s digital world, safeguarding information and systems is essential for both individuals and organizations. As our reliance on technology grows, so do the risks of cyberattacks. Chapters 2 and 4 of CertMaster Learn Tech+ explain that connected devices and systems create numerous access points for malicious actors, making it easier for them to exploit vulnerabilities (CompTIA, 2024). These threats can result in stolen data, financial losses, and reputational damage. Among the most dangerous and common cyber threats today are ransomware and social engineering.

Ping-Based Attacks

Some attacks use basic network tools like the ping command to carry out denial-of-service (DoS) attacks. For example, in a ping flood, attackers send large volumes of ICMP requests to overwhelm a network or device. In a Smurf attack, the attacker spoofs the victim’s IP address and sends ping requests to a broadcast address, flooding the victim with replies. These attacks exploit how systems handle ICMP traffic. To defend against them, organizations can block ICMP traffic at the firewall and disable responses to broadcast pings (CompTIA, 2024).

Ransomware: A Growing Threat

Ransomware is a form of malware that encrypts data and demands payment in exchange for a decryption key. These attacks often begin with phishing emails or malicious links. According to Aung et al. (2024), ransomware incidents are increasing in both frequency and sophistication, targeting schools, hospitals, businesses, and governments.

Once inside a system, ransomware can lock users out of important files, disable operations, and cause major downtime. The CertMaster textbook notes that malware like ransomware is dangerous because it spreads quickly across networks (CompTIA, 2024).

To prevent ransomware, organizations and individuals should:

  • Back up data regularly and store backups offline

  • Keep antivirus software and operating systems up to date

  • Avoid clicking on suspicious links or downloading unknown attachments

Social Engineering: The Human Weak Spot

Social engineering tricks people into giving away private information or access. As Kamruzzaman et al. (2023) explain, this attack type is highly effective because it bypasses technical defenses by targeting human behavior. Common examples include phishing, impersonation, baiting, and pretexting.

A user might unknowingly share login credentials or click a harmful link that installs malware. Gallegos-Segovia et al. (2017) note that social engineering often opens the door for larger attacks, like ransomware.

To reduce these risks:

  • Provide ongoing cybersecurity training for all employees

  • Implement multi-factor authentication (MFA) for sensitive systems

  • Run phishing simulations and create a culture of security awareness

The CertMaster text also stresses the need for strong organizational security policies and end-user education to defend against human-centered attacks (CompTIA, 2024).

Final Thoughts

Ransomware and social engineering are two of the most dangerous and preventable types of cyberattacks. While ransomware targets systems and files, social engineering targets human behavior. Both can cause serious damage—but with the right mix of technology and awareness, we can protect against them. By combining software updates, offline backups, employee training, MFA, and thoughtful network configuration, individuals and organizations can build a stronger defense.

References

Aung, T. Z., Leow, N. C., Ng, D. J., Sim, J. J., Teas, S. M., & Wong, N. H. (2024, Dec). Ransopedia: Your Trusty Guide to Ransomware Trends. TENCON 2024 - 2024 IEEE Region 10 Conference, 1829–1832. https://doi.org/10.1109/TENCON61640.2024.10902700
CompTIA. (2024). CertMaster Learn Tech+. TestOut Corp. http://www.testout.com
Gallegos-Segovia, P. L., Bravo-Torres, J. F., Larios-Rosillo, V. M., Vintimilla-Tapia, P. E., Yuquilima-Albarado, I. F., & Jara-Saltos, J. D. (2017). Social engineering as an attack vector for ransomware. CHILECON, 1–6. https://doi.org/10.1109/CHILECON.2017.8229528
Kamruzzaman, A., Thakur, K., Ismat, S., Ali, M. L., Huang, K., & Thakur, H. N. (2023). Social Engineering Incidents and Preventions. CCWC 2023, 494–498. https://doi.org/10.1109/CCWC57344.2023.10099202

Comments

Post a Comment

Popular posts from this blog

Post #7 – Tech Topic Connection: Software Development Life Cycle (SDLC)

In my new role as a Software Analyst, one of the most essential concepts I encounter is the Software Development Life Cycle (SDLC) . SDLC is a structured process used by development teams to build high-quality software systems in a methodical and efficient manner. It includes stages like planning, requirements gathering, design, development, testing, deployment, and maintenance. Understanding this cycle has helped me see how software evolves from a simple idea into a fully functional, user-ready product—and where I fit into that process. Connection to Information Technology Fundamentals SDLC is rooted in the very foundation of information technology . It reflects the structured problem-solving mindset that defines computing—from the early days of punch cards and machine code to today’s agile development and cloud-based applications. Computers operate through clear, logical sequences, and SDLC mirrors that by breaking down software creation into defined phases. The history of computi...
Read more

Post #2 – Web/Mobile App Critique: REVER App Review

Image
  Course Learning Outcome (CLO 4) As an avid motorcycle rider, I regularly use the REVER app on my iPhone to plan routes, track rides, and connect with other riders. REVER is a GPS navigation and ride-planning app designed specifically for motorcyclists, off-roaders, and adventure riders. Its ability to combine navigation, ride logging, and community interaction makes it a powerful tool for both casual riders and serious explorers. Usability REVER is generally user-friendly once you get the hang of it , but there is a slight learning curve at first due to its many features. The home screen provides quick access to: Plan a Ride Go Riding Ride History Community Feed Navigation tabs at the bottom of the screen include: Map Feed Ride Challenges Profile Planning routes is intuitive—you can pick start and end points, add waypoints, choose on-road or off-road paths, and import GPX files. However, some advanced tools (like offline maps and 3D terrain)...
Read more

Post #1 – Programming Languages: My Scratch Project Experience

Course Learning Outcome (CLO 3) View my Scratch project here! My Experience Building a Scratch Program Creating my Scratch animation was both fun and enlightening. I designed a short scene where Scratch the Cat introduces himself, walks across the screen, spins in a circle, changes colors, makes sounds, and says goodbye. I used more than 30 blocks, combining motion, looks, sound, and control features. The drag-and-drop interface made it easy to experiment and learn without the fear of breaking anything. At first, I struggled to locate certain blocks—such as the sound effects and repeat loops—but once I figured out how the block categories were organized, everything fell into place. One of the most satisfying moments was using loops to repeat actions, which made my animation feel more dynamic and alive. Insights Gained About Programming Scratch helped me understand that programming is less about memorizing syntax and more about thinking logically and structuring instructions cle...
Read more