{"id":27731,"date":"2024-01-15T17:11:42","date_gmt":"2024-01-15T17:11:42","guid":{"rendered":"https:\/\/www.esecurityplanet.com\/?p=27731"},"modified":"2024-03-05T16:53:46","modified_gmt":"2024-03-05T16:53:46","slug":"network-security-threats","status":"publish","type":"post","link":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/","title":{"rendered":"Top 19 Network Security Threats + Defenses for Each"},"content":{"rendered":"\n<p>Network security threats are technological risks that weaken the defenses of an enterprise network, endangering proprietary data, critical applications, and the entire IT infrastructure. Because businesses face an extensive array of threats, they should carefully monitor and mitigate the most critical threats and vulnerabilities. There are seven major categories of network security issues that all include multiple threats, as well as specific detection and mitigation methods your teams should implement for each threat.<\/p>\n\n\n<!-- ICP Plugin: Start --><div class=\"icp-list icp-list-main icp-list-body-horizontal row\">\n    \n        <!--\n            ICP Plugin - body horizontal\n            ----------\n            Category: \n            Count: 3\n            Country: HK\n        -->\n    <\/div><!-- ICP Plugin: End -->\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_68_1 ez-toc-wrap-left counter-flat ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-66d6c4b7515ca\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"ez-toc-cssicon\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ffffff;color:#ffffff\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ffffff;color:#ffffff\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-66d6c4b7515ca\"  aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Public-Internet-Threats\" title=\"Public Internet Threats\">Public Internet Threats<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Unsecured-Outdated-Network-Protocols\" title=\"Unsecured &amp; Outdated Network Protocols\">Unsecured &amp; Outdated Network Protocols<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Network-Misconfigurations\" title=\"Network Misconfigurations\">Network Misconfigurations<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Human-Security-Threats\" title=\"Human Security Threats\">Human Security Threats<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Operational-Technology\" title=\"Operational Technology\">Operational Technology<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#VPN-Vulnerabilities\" title=\"VPN Vulnerabilities\">VPN Vulnerabilities<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Remote-Access\" title=\"Remote Access\">Remote Access<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Where-Do-Network-Threats-Come-From\" title=\"Where Do Network Threats Come From?\">Where Do Network Threats Come From?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Network-Security-vs-Endpoint-Security-vs-Application-Security\" title=\"Network Security vs. Endpoint Security vs. Application Security\">Network Security vs. Endpoint Security vs. Application Security<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#How-Can-You-Detect-Threats\" title=\"How Can You Detect Threats?\">How Can You Detect Threats?<\/a><\/li><li class='ez-toc-page-1'><a class=\"ez-toc-link ez-toc-heading-11\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#Bottom-Line-Tracking-Preventing-Network-Security-Threats\" title=\"Bottom Line: Tracking &amp; Preventing Network Security Threats\">Bottom Line: Tracking &amp; Preventing Network Security Threats<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Public-Internet-Threats\"><\/span>Public Internet Threats<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>If your enterprise network is connected to the public internet, every threat on the internet can render your business vulnerable too. Widespread, complex business networks are particularly challenging to protect; these can include edge and mobile networks as well as branch office networks and storage area networks (SANs). Typical internet threats include malicious software, malicious websites, email phishing, DNS poisoning, and DoS and DDoS attacks.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Malware<\/h3>\n\n\n\n<p><a href=\"https:\/\/www.esecurityplanet.com\/threats\/malware\/\">Malicious software<\/a> (malware) is code designed to disturb normal or safe computing operations. When clicked, links in emails or extensions on websites immediately download malware onto a host machine. Sometimes the malware can <a href=\"https:\/\/www.esecurityplanet.com\/networks\/what-is-lateral-movement\/\">laterally move<\/a> through the network, depending on its abilities.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Malware<\/h4>\n\n\n\n<p>Use the following methods to prevent malware:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Train your employees:<\/strong> Your workers are your organization&#8217;s first line of defense and its biggest attack surface. They need to know how to reduce the major risks your business faces.<\/li>\n\n\n\n<li><strong>Implement endpoint protection:<\/strong> All devices should have antivirus and endpoint protection installed on them to automatically respond when the software detects a threat.<\/li>\n\n\n\n<li><strong>Segment your network:<\/strong> <a href=\"https:\/\/www.esecurityplanet.com\/networks\/microsegmentation-is-catching-on-as-key-to-zero-trust\/\">Segmentation technologies<\/a> require setting policies for each network, managing which traffic can move between subnets, and decreasing lateral movement.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Spoofed Websites<\/h3>\n\n\n\n<p>Spoofed websites are sites that look legitimate but are designed to steal internet users&#8217; account credentials. Threat actors direct users to the site, and once the users input their credentials, the attackers collect them and use them to log into the real application.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Malicious Sites&nbsp;<\/h4>\n\n\n\n<p>Protect your credentials through the tips below:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Deploy multi-factor authentication for all applications:<\/strong> If a threat actor manages to steal your credentials through successful spoofing, they&#8217;ll have a harder time getting through MFA.<\/li>\n\n\n\n<li><strong>Teach users to recognize spoofed websites:<\/strong> Make sure your employees know the characteristics of a fake site, whether that&#8217;s grammatical issues, a strange URL, or an unapproved email that led them there.<\/li>\n\n\n\n<li><strong>Blacklist sites as soon as you learn about them:<\/strong> If multiple employees are navigating to a single site from the same threat actor, blacklist the URL as soon as you identify it.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Email-Based Phishing Attacks<\/h3>\n\n\n\n<p>Email phishing is a technique used by threat actors to trick users into opening emails and clicking links inside them. It can include both malware and spoofed sites; there&#8217;s plenty of overlap in internet phishing threats. Email attacks typically target employees through their business email accounts.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Email-Based Phishing Attacks<\/h4>\n\n\n\n<p>To prevent email phishing, use these techniques:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Implement stringent email protection software:<\/strong> Often, threat actors direct users to a spoofed website through an email with a link, like instructions to reset a password.<\/li>\n\n\n\n<li><strong>Host intensive security awareness training sessions:<\/strong> Your employees should know exactly what to look for when they receive unfamiliar emails.<\/li>\n\n\n\n<li><strong>Install a next-generation firewall (NGFW):<\/strong> Installing an <a href=\"https:\/\/www.esecurityplanet.com\/products\/top-ngfw\/\">NGFW<\/a> between the public internet and your organization\u2019s private network helps filter some initial malicious traffic.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more about types of phishing, including spear phishing, whaling, and smishing, in our <a href=\"https:\/\/www.esecurityplanet.com\/threats\/phishing-attacks\/\">complete guide to phishing attacks<\/a>.<\/strong><\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">DNS Attacks<\/h3>\n\n\n\n<p><a href=\"https:\/\/www.esecurityplanet.com\/networks\/how-to-prevent-dns-attacks\/\">DNS cache poisoning<\/a>, or hijacking, redirects a legitimate site\u2019s DNS address and takes users to a malicious site when they attempt to navigate to that webpage.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against DNS Attacks<\/h4>\n\n\n\n<p>Consider these strategies to prevent DNS attacks:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Use DNS encryption:<\/strong> Encrypting DNS connections requires teams to use the DNSCrypt protocol, DNS over TLS, or DNS over HTTPS.<\/li>\n\n\n\n<li><strong>Isolate DNS servers:<\/strong> Deploy a demilitarized zone (DMZ) to isolate all DNS traffic from the public internet.<\/li>\n\n\n\n<li><strong>Stay on top of updates:<\/strong> All DNS servers should be regularly patched when an update is announced.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">DoS &amp; DDoS Attacks<\/h3>\n\n\n\n<p>Denial of service (DoS) and <a href=\"https:\/\/www.esecurityplanet.com\/networks\/ddos\/\">distributed denial of service (DDoS) attacks<\/a> are threats that can disable machines or entire computer systems by overloading them with traffic. They&#8217;re notoriously difficult to prevent because they often come from external traffic, rather than from a threat within the network that can be located and halted while it\u2019s in your system. Not every DoS or DDoS attack comes from internet traffic, but many of them do.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against DoS &amp; DDoS Attacks<\/h4>\n\n\n\n<p>Implement the methods below to protect your network from DoS and DDoS attacks:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Implement reverse proxies:<\/strong> The reverse proxy has its own IP address, so when IP addresses flood a single server, they\u2019ll go to the proxy\u2019s IP address instead and the internal server\u2019s IP address won\u2019t be overwhelmed as easily.<\/li>\n\n\n\n<li><strong>Install web application firewalls:<\/strong> You can configure firewalls to monitor and block different kinds of traffic.<\/li>\n\n\n\n<li><strong>Deploy load balancers:<\/strong> By directing network traffic to the sources that can manage it, load balancing reduces the risk of traffic completely overwhelming a server.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Unsecured-Outdated-Network-Protocols\"><\/span>Unsecured &amp; Outdated Network Protocols<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Some older versions of network protocols have bugs that have been fixed in later versions, but many businesses and systems continue to use the older protocols. It\u2019s best to use the most recent protocol versions to at least avoid already-known threats, especially if your industry requires a certain protocol version to stay compliant with regulatory standards. Some of the most popular network protocols include SSL, TLS, SNMP, HTTP, and HTTPS.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">SSL &amp; TLS<\/h3>\n\n\n\n<p>Secure Socket Layer (SSL) and Transport Layer Security (TLS) are both networking security protocols. Any older SSL and TLS versions than TLS 1.3 have multiple weaknesses, including the vulnerabilities that allow <a href=\"https:\/\/www.cisa.gov\/news-events\/alerts\/2014\/10\/17\/ssl-30-protocol-vulnerability-and-poodle-attack\" target=\"_blank\" rel=\"noreferrer noopener\">POODLE attacks<\/a> and <a href=\"https:\/\/www.invicti.com\/blog\/web-security\/how-the-beast-attack-works\/\" target=\"_blank\" rel=\"noreferrer noopener\">BEAST attacks<\/a>. While TLS 1.3 may have its own weaknesses that will be discovered over time, it does fix known vulnerabilities in older TLS and SSL versions.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against SSL &amp; TLS Threats<\/h4>\n\n\n\n<p>Use these tips to prevent threats caused by SSL and TLS:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Update connections:<\/strong> Keep every network connection upgraded to the most recent version of TLS.&nbsp;<\/li>\n\n\n\n<li><strong>Disable old versions:<\/strong> Completely disabling older SSL and TLS versions on your network ensures they aren&#8217;t used accidentally.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">SNMP<\/h3>\n\n\n\n<p>Simple Network Management Protocol (SNMP) is a common internet protocol designed to manage the operations of networks and the devices on them. SNMP versions 1 and 2 have known vulnerabilities, including unencrypted transmissions (v1) and IP address spoofing (v2). Version 3 is the best option of the three because it has multiple encryption options. It was designed to solve v1 and v2&#8217;s problems.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against SNMP Threats<\/h4>\n\n\n\n<p>Upgrade all versions of SNMP to version 3 to avoid the gaping security flaws in the previous versions.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">HTTP<\/h3>\n\n\n\n<p>Hypertext Transfer Protocol is an internet communication protocol that isn&#8217;t inherently secure. Hypertext Transfer Protocol Secure (HTTPS), the encrypted version of HTTP, is. All your internet connections should be encrypted, and every communication with another website should use HTTPS.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against HTTP Threats<\/h4>\n\n\n\n<p>To prevent insecure HTTP connections, use these methods:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Block HTTP access:<\/strong> If any connections use HTTP, block access to them as soon as you can.<\/li>\n\n\n\n<li><strong>Direct traffic to HTTPS:<\/strong> Configure all attempted HTTP communications to redirect to HTTPS.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Network-Misconfigurations\"><\/span>Network Misconfigurations<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>A simple misconfiguration of a network protocol or rule can expose an entire server, database, or cloud resource. Typing one wrong line of code or failing to set up routers or switches securely can contribute to configuration errors. Misconfigured <a href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security\/\">network security<\/a> commands are also challenging to find because the rest of the hardware or software appears to be working properly. Misconfigurations also include improperly deployed switches and routers.<\/p>\n\n\n\n<p>Common misconfigurations include using default or factory configurations on hardware and software and failing to segment networks, set access controls on your applications, or patch immediately.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Using the Equipment&#8217;s Default Configuration<\/h3>\n\n\n\n<p>Default credentials are factory-set usernames and passwords on networking hardware and software. They&#8217;re often very easy for attackers to guess and may even use basic words like &#8220;admin&#8221; or &#8220;password.&#8221;&nbsp;<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Default Configuration Threats<\/h4>\n\n\n\n<p>To prevent security issues caused by default configurations:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Change all credentials:<\/strong> Switch any default usernames or passwords immediately to stronger, hard-to-guess credentials.<\/li>\n\n\n\n<li><strong>Make regular password updates:<\/strong> After the initial password change, switch them every few months.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Insufficient Segmentation<\/h3>\n\n\n\n<p>Network segmentation is a technology that splits a network into different sections. If a network isn&#8217;t divided into subnetworks, malicious traffic has a much easier time traveling all throughout the network, with the opportunity to compromise many different systems or applications.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Network Segmentation Threats<\/h4>\n\n\n\n<p>Segment networks into subnetworks and create security barriers between them. <a href=\"https:\/\/www.esecurityplanet.com\/networks\/microsegmentation-is-catching-on-as-key-to-zero-trust\/\">Segmentation technologies<\/a> involve setting policies for each network, managing which traffic can move between subnets, and decreasing lateral movement.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Access Misconfigurations&nbsp;<\/h3>\n\n\n\n<p>Misconfigured access controls happen when teams fail to securely implement access and authentication protocols, like strong passwords and multi-factor authentication. This is a significant risk to your entire network. Both on-premises and cloud-based systems need access controls, including public cloud buckets that don&#8217;t require authentication methods by default. Network users need to be both authorized and authenticated.<\/p>\n\n\n\n<p>Authentication requires the user to present PINs, passwords, or biometric scans to help prove they are who they say they are. Authorization permits the user to view data or applications once they verify themselves and their identity is trusted. Access controls allow organizations to set privilege levels like read-only and editing permissions. Otherwise, you run the risk of a <a href=\"https:\/\/www.esecurityplanet.com\/networks\/privilege-escalation-attack\/\">privilege escalation attack<\/a>, which occurs when a threat actor enters the network and moves laterally by escalating their user privileges.&nbsp;<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Access Misconfiguration Threats<\/h4>\n\n\n\n<p>Use these tips to reduce access-related misconfiguration risks:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Require credentials for every application:<\/strong> This includes databases, client management systems, and all on-premises and cloud software.<\/li>\n\n\n\n<li><strong>Don&#8217;t forget your cloud resources:<\/strong> Cloud buckets accessible on the internet should have access barriers; otherwise, they&#8217;re visible to anyone who has the bucket&#8217;s URL.<\/li>\n\n\n\n<li><strong>Deploy zero trust:<\/strong> Employees should only have the access level they need to do their job, known as the principle of least privilege or zero trust. This helps decrease insider fraud and accidental errors.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Obsolete &amp; Unpatched Network Resources<\/h3>\n\n\n\n<p>Network hardware and software vulnerabilities are flaws that tend to reveal themselves over time, which requires IT and network technicians to stay apprised of threats as vendors or researchers announce them.<\/p>\n\n\n\n<p>Obsolete routers, switches, or servers aren\u2019t able to use the most recent security updates. These devices then require additional protective controls. Other old devices, like hospital equipment, often can\u2019t be abandoned entirely, so enterprises will likely have to set up extra security to keep them from putting the rest of the network at risk.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Patch Management Threats<\/h4>\n\n\n\n<p>Use these key strategies to prevent misconfigurations caused by patch and update failures:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Don&#8217;t wait to patch known issues:<\/strong> It\u2019s critical for network administrators to patch firmware vulnerabilities immediately. Threat actors move into action quickly once they learn of vulnerabilities, so IT and networking teams should be one step ahead.<\/li>\n\n\n\n<li><strong>Automate some of the work:<\/strong> Automated alerts will help your business\u2019s teams keep network resources up to date even if they aren&#8217;t on the clock constantly.<\/li>\n\n\n\n<li><strong>Reduce hazards caused by old tech:<\/strong> Phase out obsolete devices where possible. They\u2019ll continue to be incompatible with the rest of the network, and it&#8217;s challenging to secure an entire network if some hardware doesn\u2019t support it.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Human-Security-Threats\"><\/span>Human Security Threats<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Your team members make mistakes, whether that\u2019s an accidental line of code or a router password exposed for the whole internet to see. Training providers offer extensive cybersecurity courses just to mitigate the high likelihood that employees will put your infrastructure in danger.<\/p>\n\n\n\n<p>Human error plays a large role in the majority of all data breaches \u2014 85% of them are caused by employee mistakes, <a href=\"https:\/\/www.tessian.com\/resources\/psychology-of-human-error-2022\/\" target=\"_blank\" rel=\"noreferrer noopener\">according to a study<\/a> done by Stanford professor and security provider Tessian. You&#8217;ll need to watch for threats borne out of carelessness as well as deliberately malicious behavior \u2014 both are possible.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Accidental or Careless Errors<\/h3>\n\n\n\n<p>Employees make plenty of accidental security gaffes, including posting passwords on paper or Slack, letting strangers into the office, or plugging unidentified flash drives into a company computer. Sometimes they know the company&#8217;s policies but don&#8217;t want to follow them because they appear to take more time, like coming up with new passwords for every application instead of reusing them.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Threats Caused by Mistakes<\/h4>\n\n\n\n<p>To reduce human error episodes:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Host cybersecurity training sessions every quarter:<\/strong> Make <a href=\"https:\/\/www.esecurityplanet.com\/products\/cybersecurity-training\/\">training<\/a> interactive so that employees stay engaged, and make sure that new hires immediately know expectations.<\/li>\n\n\n\n<li><strong>Install software like password managers:<\/strong> These help employees <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-password-managers\/\">manage their credentials safely<\/a>.<\/li>\n\n\n\n<li><strong>Implement data loss prevention (DLP) technology:<\/strong> Protecting data is critical for both reputation maintenance and <a href=\"https:\/\/www.esecurityplanet.com\/networks\/security-compliance\/\">regulatory compliance<\/a>.<\/li>\n\n\n\n<li><strong>Restrict your physical workspace:<\/strong> Don&#8217;t allow someone from outside the business into the premises where network hardware and software are hosted.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Intentionally Malicious Insiders<\/h3>\n\n\n\n<p>One area of human threat that\u2019s often overlooked is insider threats, which come from employees who intend to harm the business. Although these don\u2019t happen as frequently, they can be even more dangerous. These insiders usually have credentialed access to a network, which makes it much easier for them to steal data.<\/p>\n\n\n\n<p>Malicious insiders exploit proprietary information or customer data, sometimes selling it to a third party. But other insiders may just want revenge if a coworker wronged them, they were terminated, or they believe the business is making unethical decisions. Malicious insider threats are difficult to mitigate because perpetrators may hide their feelings about the company and their intentions over time. And because they often have valid credentials, their effect is harder to track.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Threats from Malicious Insiders<\/h4>\n\n\n\n<p>The following practices will help your business manage malicious employee behavior:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Make security a regular topic:<\/strong> Have conversations about cybersecurity in manager and employee one-on-one meetings. Show employees you&#8217;re serious about security.<\/li>\n\n\n\n<li><strong>Host more training sessions:<\/strong> They&#8217;re especially important because other employees are trained to recognize the behavior of their own team.<\/li>\n\n\n\n<li><strong>Implement behavioral analytics:<\/strong> <a href=\"https:\/\/www.esecurityplanet.com\/products\/best-user-and-entity-behavior-analytics-ueba-tools\/\"><strong>Analytics<\/strong><\/a> can help your team at least identify anomalous behavior over time. If an insider is leaking data or changing credentials, it could be intentional.<\/li>\n\n\n\n<li><strong>Vet people before hiring:<\/strong> Asking for references and performing background checks, while not a catch-all, helps businesses hire trustworthy individuals.<\/li>\n<\/ul>\n\n\n\n<p><strong>Read more about <a href=\"https:\/\/www.esecurityplanet.com\/trends\/cybersecurity-culture-change-needed\/\">developing a cybersecurity culture<\/a> within your organization and how it reduces your vulnerability to employee mistakes.<\/strong><\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Operational-Technology\"><\/span>Operational Technology<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Operational technology (OT) typically refers to hardware and software that observe and control industrial environments. These environments include warehouses, construction sites, and factories. OT allows businesses to manage HVAC, fire safety, and food temperature through network-connected cellular technology.<\/p>\n\n\n\n<p>Enterprise <a href=\"https:\/\/www.esecurityplanet.com\/products\/iot-security-solutions\/\">Internet of Things<\/a> and Industrial Internet of Things (IIoT) devices also fall under operational technology. When connected to a business network, OT can provide an open door for threat actors.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Dangers of Operational Technology<\/h3>\n\n\n\n<p>Older OT devices weren\u2019t designed with significant cybersecurity in mind, so whatever legacy controls they had may no longer be adequate \u2014 or fixable. Initially, equipment and sensors in plants and construction sites had no internet connection, nor were they 4G- or 5G-enabled. Current OT design makes it easy for an attacker to move laterally through networks. It\u2019s also extremely difficult to implement large-scale security for legacy OT that\u2019s been operating longer than it\u2019s been connected to the internet.<\/p>\n\n\n\n<p>Operational technology often has consequences that go far beyond IT security, especially in critical infrastructure such as food management, healthcare, and water treatment. An OT breach could do more than cost money or jeopardize tech resources like a standard network breach \u2014 it could cause injury or death.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against OT Threats<\/h4>\n\n\n\n<p>To secure your enterprise&#8217;s OT devices and networks, use these key tips:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Perform a detailed audit:<\/strong> You&#8217;ll need to know every single device connecting to your company network, and a thorough audit is the best way to do that.<\/li>\n\n\n\n<li><strong>Consistently monitor all OT traffic:<\/strong> Any anomalies should send automated alerts to IT and network engineers. Configure alerts so engineers immediately know what&#8217;s happening.<\/li>\n\n\n\n<li><strong>Use secure connections for all wireless networks:<\/strong> If your OT devices are on Wi-Fi, ensure that the Wi-Fi uses at least WPA2.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"VPN-Vulnerabilities\"><\/span>VPN Vulnerabilities<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Although <a href=\"https:\/\/www.esecurityplanet.com\/networks\/vpn-security\/\">virtual private networks (VPNs)<\/a> are security tools designed to create a private tunnel for organizations\u2019 network communications, they can still be breached. Your business should monitor both your direct team&#8217;s VPN use and all third-party VPN access.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Employee VPN Usage<\/h3>\n\n\n\n<p>VPNs are designed to protect your team&#8217;s computing sessions and associated data, like IP addresses and passwords, from prying eyes. However, they don&#8217;t always achieve that goal \u2014 VPN connections aren&#8217;t a foolproof security method and can sometimes still be hacked, especially if the VPN connection has a sudden and brief outage.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against VPN Threats<\/h4>\n\n\n\n<p>Use the methods below to mitigate VPN vulnerabilities within your organization:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Implement least privilege access management:<\/strong> Least privilege access gives specified users the permissions they need to do their job and nothing else.<\/li>\n\n\n\n<li><strong>Stay on top of patches:<\/strong> Individual VPN solutions can have vulnerabilities of their own, so ensure that your business continually monitors them and patches weaknesses when needed.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Third-Party VPN Access<\/h3>\n\n\n\n<p>When businesses give partners or contractors access to their applications using a VPN, it\u2019s very difficult to restrict these third parties\u2019 access to specific permissions. VPNs also don\u2019t keep a lot of data logs to analyze later, so it\u2019s challenging to locate the specific source of a breach if a third party does abuse their permissions.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Third-Party VPN Threats<\/h4>\n\n\n\n<p>Implement least-privilege access for contractors and other third parties, too. It&#8217;ll limit their access to sensitive business data and applications.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Remote-Access\"><\/span>Remote Access<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Over the last decade, but especially during the COVID-19 pandemic, connecting remotely to office networks and resources became a popular way to complete work from home offices and other locations. Unfortunately, untrusted networks and personal devices put business networks and systems in danger. Two major threats are Remote Desktop Protocol and Wi-Fi networks.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Remote Desktop Protocol<\/h3>\n\n\n\n<p>Remote Desktop Protocol (RDP) allows users to use one computer to interface with another remote computer and control it. In the early stages of the pandemic, RDP was one of the most common <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware\/\">ransomware<\/a> attack vectors. Attackers were able to find a backdoor through RDP\u2019s vulnerabilities or simply brute force attack by guessing passwords. Remote access trojans also allow attackers to remotely control a machine once malware downloads onto the computer through an email attachment or other software.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against RDP Threats<\/h4>\n\n\n\n<p>To be as secure as possible, your business should phase out RDP as soon as you can. It&#8217;s no longer safe to use. If your team does still decide to use RDP, use these protective methods:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Limit password attempts:<\/strong> Users should only be able to input a password a couple of times. This prevents brute force attacks.<\/li>\n\n\n\n<li><strong>Set difficult-to-guess passwords:<\/strong> Require good password hygiene for all RDP credentials.<\/li>\n\n\n\n<li><strong>Limit access to specific IP addresses:<\/strong> Only whitelist specific addresses attached to employee devices.<\/li>\n\n\n\n<li><strong>Configure strict user policies for RDP:<\/strong> This includes least privilege access. Only those who need to connect remotely to perform their job should have access.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Wi-Fi Networks<\/h3>\n\n\n\n<p>Other unsecure network connections, like unprotected Wi-Fi, allow thieves to steal credentials and then log into business applications from coffee shops and other public locations. Remote businesses have multiple methods of remote access to company resources, and it\u2019s hard for IT and security teams to lock all of them down.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\" style=\"text-transform:none\">Defending Against Wi-Fi Threats<\/h4>\n\n\n\n<p>If you&#8217;re working on a network outside your home, take the following security measures:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Make sure the network is private:<\/strong> If you can work in a small coworking space or another home, that&#8217;s ideal, but if you&#8217;re in a public place, ensure the Wi-Fi requires a password.&nbsp;<\/li>\n\n\n\n<li><strong>Use a VPN:<\/strong> Virtual private networks, though not foolproof, help protect your remote connections when Wi-Fi is not secure.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Where-Do-Network-Threats-Come-From\"><\/span>Where Do Network Threats Come From?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Network threats come from an enormous variety of sources, but narrowed down, they can be traced to vectors like devices, humans, network traffic, general security operations, and maintenance failures.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Devices<\/h3>\n\n\n\n<p>Hardware sometimes has misconfigurations and outdated protocols. Devices that have been infected by malware, like routers, are a threat to the rest of the network. Also, unauthorized devices and unsecured BYOD devices on the network may not have the same security controls as authorized devices and are therefore more vulnerable.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">People<\/h3>\n\n\n\n<p>Humans make mistakes, and network security is difficult to manage even for experts because it\u2019s so highly intricate. It\u2019s easy for senior engineers to misconfigure a setting, as experienced as they may be. Additionally, some insiders deliberately manipulate networks for their personal gain.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Traffic<\/h3>\n\n\n\n<p>Malicious packets attempt to enter a network, requiring firewalls and other systems, like IDPS, to prevent them. Malicious traffic comes from multiple locations, so it\u2019s challenging to secure all ports. Traffic IP addresses can be hidden, too, and threat actors can use different IP addresses to avoid network blacklists and thwart threat intelligence.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Operations<\/h3>\n\n\n\n<p>Sometimes hardware and software fail. DoS and DDoS attacks flood servers and render them unusable. Also, natural disasters and power surges destroy or temporarily take down networks. Although this isn\u2019t a cybersecurity issue at its root, it can certainly weaken security controls, particularly if the main NGFW or other detection and prevention tools go down.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Insufficient Maintenance<\/h3>\n\n\n\n<p>Network hardware and software need to be updated with the latest protocols and patches. Unpatched vulnerabilities on network firmware are an open door for attackers. Additionally, if IT and network admins don\u2019t regularly perform vulnerability scans, they won\u2019t be able to identify vulnerabilities as quickly.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Network-Security-vs-Endpoint-Security-vs-Application-Security\"><\/span>Network Security vs. Endpoint Security vs. Application Security<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>The line between network security, <a href=\"https:\/\/www.esecurityplanet.com\/applications\/application-security-definition\/\">application security<\/a>, and <a href=\"https:\/\/www.esecurityplanet.com\/endpoint\/endpoint-security-its-way-more-complicated-than-you-think\/\">endpoint security<\/a> is hard to draw because they all affect each other immensely. In this article, we\u2019ve focused on network threats and excluded threats that originate on applications or endpoints, such as <a href=\"https:\/\/www.esecurityplanet.com\/networks\/cross-site-scripting-xss\/\">cross-site scripting<\/a> or ransomware. We define application, endpoint, and network security as follows:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Network security:<\/strong> Specific to the network&#8217;s infrastructure, including connections between devices like routers and switches.<\/li>\n\n\n\n<li><strong>Endpoint security:<\/strong> Specific to devices and users and their effect on an organization overall.<\/li>\n\n\n\n<li><strong>Application security:<\/strong> Specific to software programs and their effect on the organization, network, and computer systems.<\/li>\n<\/ul>\n\n\n\n<p>However, endpoint devices and business applications still affect network security. A malware-infected computer or compromised CRM system can still lead to a network breach. These categories do overlap, but to avoid confusion, we\u2019ve differentiated between them in this guide.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"How-Can-You-Detect-Threats\"><\/span>How Can You Detect Threats?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Although network threats come from many sources, enterprises need a reliable set of detection tools and techniques to pinpoint malicious behavior. Firewalls, monitoring, analytics, automation, vulnerability assessments, and deception tactics all help businesses identify threats and give their teams time to develop a solution.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Manage Firewalls<\/h3>\n\n\n\n<p>Advanced network perimeter protection like a next-generation firewall can be configured to send alerts when it detects anomalous traffic. If data packets entering the network behave strangely, that\u2019s a warning sign for IT and security teams. Threat intelligence from NGFWs is critical for identifying malicious traffic early. Some firewalls can also block well-known malicious websites. Make sure your team is consistently <a href=\"https:\/\/www.esecurityplanet.com\/networks\/fine-tuning-firewall-rules-best-practices\/\"><strong>fine-tuning your firewalls<\/strong><\/a> and updating rules as needed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Monitor Networks<\/h3>\n\n\n\n<p>Monitoring network devices and traffic helps enterprises observe patterns over a period of time. Advanced monitoring solutions like NDR are even able to scan encrypted traffic, where some threats may have slipped through the cracks.<\/p>\n\n\n\n<p>Don&#8217;t forget to monitor IoT devices on the network \u2014 it\u2019s not only challenging to secure IoT devices but also to identify threats from a distributed network of smart devices. Identify all device vulnerabilities and implement network traffic monitoring specifically designed for the Internet of Things. It\u2019s important to locate the root of IoT threats before they spread further through the network.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Implement Machine Learning &amp; Behavioral Analytics<\/h3>\n\n\n\n<p>Although firewalls and other perimeter security can identify and halt some traffic, other traffic will breach the network. Using analytics to study traffic as it moves through the network is beneficial for long-term security. A behavioral analytics solution that uses ML should be able to study ongoing traffic patterns and detect malicious behavior. NGFWs and other advanced security solutions often offer ML and behavioral analytics capabilities.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Automate Your Alerts<\/h3>\n\n\n\n<p>Security teams can\u2019t study networks 24\/7, but automated alerts flag malicious activity immediately after it\u2019s detected. Machine learning and behavioral analytics platforms study patterns in network traffic data. Then automation sends email or Slack alerts to IT personnel immediately once an anomaly is detected.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Scan for Vulnerabilities<\/h3>\n\n\n\n<p>Vulnerability scanners examine devices and assets and compare them against a database of known vulnerabilities to identify issues like misconfigurations and outdated software. Some scanners categorize vulnerabilities by their level of risk. Some <a href=\"https:\/\/www.esecurityplanet.com\/networks\/vulnerability-scanning-tools\/\">vulnerability scanning solutions<\/a> also help businesses maintain compliance with cybersecurity and data protection regulations by creating policies and rules that enforce particular standards.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Perform Penetration Testing<\/h3>\n\n\n\n<p><a href=\"https:\/\/www.esecurityplanet.com\/networks\/penetration-testing\/\">Pentesting<\/a> gives enterprises clear, actionable information about their network security by hiring expert hackers to find vulnerabilities in the network. These hackers identify specific areas of weakness in web-facing assets like applications, firewalls, and servers. Consider learning more about the <a href=\"https:\/\/www.esecurityplanet.com\/networks\/penetration-testing-vs-vulnerability-testing\/\">differences between pen testing and vulnerability testing<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\" style=\"text-transform:none\">Create Honeypots<\/h3>\n\n\n\n<p>A computer system or application specifically designed to trap attackers is called a honeypot. For example, a honeypot could be a database set up with a tempting name, implying sensitive information is stored there. It&#8217;s designed to help teams study threat actor behavior before the threat actors get to critical assets. Other examples of a honeypot include an additional router or a firewall that protects a fake database. Some vendors offer this as <a href=\"https:\/\/www.esecurityplanet.com\/networks\/deception-technology\/\">deception technology<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" style=\"text-transform:none\"><span class=\"ez-toc-section\" id=\"Bottom-Line-Tracking-Preventing-Network-Security-Threats\"><\/span>Bottom Line: Tracking &amp; Preventing Network Security Threats<span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p>Tight cybersecurity defenses have increased steeply in the last five years. The rise of ransomware and the sophisticated tactics of bad actors necessitate equally strong action from enterprises. No longer can IT teams and engineers sit back and hope that a firewall or good passwords will save them from the vulnerabilities that besiege their network.<\/p>\n\n\n\n<p>Keep a close eye on all the threats mentioned above, and train your teams to detect threats and prevent them. Ensure that you don\u2019t let little things slide \u2014 small misconfigurations or unpatched vulnerabilities can still cost the business millions of dollars if successfully exploited. It\u2019ll take time, but commit to implementing consistent and careful cybersecurity practices within your business, and eventually network security will be an immediate and natural response to threats.<\/p>\n\n\n\n<p><strong>Is your business concerned about protecting your network from ransomware? Read about <a href=\"https:\/\/www.esecurityplanet.com\/threats\/ransomware-protection\/\">preventing ransomware attacks<\/a> next.<\/strong><\/p>\n\n\n<div id=\"ta-campaign-widget-66d6c4b7216d1-popup-wrapper\" class=\"ta-campaign-widget__popup-wrapper\">\n    \n<div\n    style=\"\n        --ta-campaign-plugin-primary: #3545ed;\n        --ta-campaign-plugin-button-text: #fff;\n        --ta-campaign-plugin-button-hover-background: #3231b4;\n        --ta-campaign-plugin-button-hover-text: #fff;\n        --ta-campaign-plugin-button-toggle-background: #3231b4;\n        --ta-campaign-plugin-button-toggle-text: #3231B4;\n    \"\n    data-ajax-url=\"https:\/\/www.esecurityplanet.com\/wp\/wp-admin\/admin-ajax.php\">\n    <div\n        id=\"ta-campaign-widget-66d6c4b7216d1\"\n        class=\"ta-campaign-widget ta-campaign-widget--popup\"\n        data-campaign-fields='{\"properties\":{\"campaign_type\":\"popup\",\"campaign_category\":false,\"sailthru_list\":[\"cybersecurity-insider\"],\"popup_type\":\"exit_intent\",\"appearance\":{\"colors\":{\"primary_color\":\"#3545ed\",\"button\":{\"button_text_color\":\"#fff\",\"hover\":{\"button_hover_background_color\":\"#3231b4\",\"button_hover_text_color\":\"#fff\"},\"toggle\":{\"button_toggle_background_color\":\"#3231b4\",\"button_toggle_text_color\":\"#3231B4\"}}},\"custom_scss\":\"\"},\"behavior\":{\"opt_in_enabled\":true},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}},\"identifier\":\"66d6c4b7216d1\",\"campaign_id\":26045,\"campaign_type\":\"popup\",\"popup_type\":\"exit_intent\",\"newsletters\":[\"cybersecurity-insider\"],\"behavior\":{\"opt_in_enabled\":true},\"appearance\":{\"colors\":{\"primary\":\"#3545ed\",\"button\":{\"text\":\"#fff\",\"hover\":{\"background\":\"#3231b4\",\"text\":\"#fff\"},\"toggle\":{\"background\":\"#3231b4\",\"text\":\"#3231B4\"}}},\"custom_css\":\"\"},\"language\":{\"tagline\":\"Get the Free Cybersecurity Newsletter\",\"subtagline\":\"\",\"content\":\"Strengthen your organization&#39;s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday\",\"email_placeholder\":\"Work Email Address\",\"opt_in\":\"By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.\",\"subscribe_button\":\"Subscribe\"}}'>\n\n                <div class=\"ta-campaign-widget__exit\">\n            <svg class=\"w-8\" fill=\"none\" stroke=\"currentColor\" stroke-width=\"1.5\" viewBox=\"0 0 24 24\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\">\n                <path stroke-linecap=\"round\" stroke-linejoin=\"round\" d=\"M6 18L18 6M6 6l12 12\"><\/path>\n            <\/svg>\n        <\/div>\n        \n        <div class=\"ta-campaign-widget__wrapper\">\n            <div class=\"ta-campaign-widget__header mb-6\">\n                                <h3 class=\"ta-campaign-widget__tagline\">\n                    Get the Free Cybersecurity Newsletter                <\/h3>\n                \n                \n                                <p class=\"ta-campaign-widget__content mt-6\">\n                    Strengthen your organization's IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday                <\/p>\n                            <\/div>\n\n            <form class=\"ta-campaign-widget__form\">\n                <div class=\"ta-campaign-widget__input mb-4\"  data-field=\"email\">\n                    <label\n                        class=\"sr-only\"\n                        for=\"email-66d6c4b7216d1\">\n                        Email Address\n                    <\/label>\n                    <input\n                        class=\"ta-campaign-widget__input__text\"\n                        placeholder=\"Work Email Address\"\n                        id=\"email-66d6c4b7216d1\"\n                        name=\"email\"\n                        type=\"email\">\n                <\/div>\n\n                                <div class=\"ta-campaign-widget__checkbox mb-4\" data-field=\"opt_in\">\n                    <div class=\"flex items-start\">\n                        <input\n                            id=\"opt-in-66d6c4b7216d1\"\n                            class=\"ta-campaign-widget__checkbox__input mr-2\"\n                            name=\"opt-in\"\n                            type=\"checkbox\"\/>\n                        <label\n                            class=\"ta-campaign-widget__checkbox__label\"\n                            for=\"opt-in-66d6c4b7216d1\">\n                            By signing up to receive our newsletter, you agree to our Terms of Use and Privacy Policy. You can unsubscribe at any time.                        <\/label>\n                    <\/div>\n                <\/div>\n                \n                <button class=\"ta-campaign-widget__button\" type=\"submit\" >\n                    Subscribe                <\/button>\n            <\/form>\n        <\/div>\n    <\/div>\n<\/div>\n\n<style>\n<\/style><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Discover the most common network security threats and how to protect your organization against them.<\/p>\n","protected":false},"author":238,"featured_media":33632,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_gazelle_contributing_experts":"","footnotes":""},"categories":[14],"tags":[3414,31998],"b2b_audience":[33],"b2b_industry":[63],"b2b_product":[383,395,377,31779,381,31776,379,31777,393,31775],"class_list":["post-27731","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-networks","tag-network-security","tag-network-security-threats","b2b_audience-awareness-and-consideration","b2b_industry-technology","b2b_product-encryption-data-loss-prevention","b2b_product-firewalls-and-intrusion-prevention-and-detection","b2b_product-gateway-and-network-security","b2b_product-iot-security","b2b_product-network-access-control-nac","b2b_product-siem","b2b_product-threats-and-vulnerabilities","b2b_product-ueba","b2b_product-virtual-private-network-vpn","b2b_product-web-applications-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Top 19 Network Security Threats + Defenses for Each<\/title>\n<meta name=\"description\" content=\"Discover the most common network security threats and how to protect your organization against them.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Top 19 Network Security Threats + Defenses for Each\" \/>\n<meta property=\"og:description\" content=\"Discover the most common network security threats and how to protect your organization against them.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/\" \/>\n<meta property=\"og:site_name\" content=\"eSecurity Planet\" \/>\n<meta property=\"article:published_time\" content=\"2024-01-15T17:11:42+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-05T16:53:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1400\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Jenna Phipps\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:site\" content=\"@eSecurityPlanet\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jenna Phipps\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"20 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/\"},\"author\":{\"name\":\"Jenna Phipps\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/243ac4ed3a5e9bf35bd7b98a40c326fb\"},\"headline\":\"Top 19 Network Security Threats + Defenses for Each\",\"datePublished\":\"2024-01-15T17:11:42+00:00\",\"dateModified\":\"2024-03-05T16:53:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/\"},\"wordCount\":4491,\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png\",\"keywords\":[\"network security\",\"network security threats\"],\"articleSection\":[\"Networks\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/\",\"url\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/\",\"name\":\"Top 19 Network Security Threats + Defenses for Each\",\"isPartOf\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png\",\"datePublished\":\"2024-01-15T17:11:42+00:00\",\"dateModified\":\"2024-03-05T16:53:46+00:00\",\"description\":\"Discover the most common network security threats and how to protect your organization against them.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#primaryimage\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png\",\"width\":1400,\"height\":900,\"caption\":\"Image: knowhowfootage\/Adobe Stock\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.esecurityplanet.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Top 19 Network Security Threats + Defenses for Each\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#website\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"name\":\"eSecurity Planet\",\"description\":\"Industry-leading guidance and analysis for how to keep your business secure.\",\"publisher\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.esecurityplanet.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#organization\",\"name\":\"eSecurityPlanet\",\"url\":\"https:\/\/www.esecurityplanet.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png\",\"width\":1134,\"height\":375,\"caption\":\"eSecurityPlanet\"},\"image\":{\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/eSecurityPlanet\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/243ac4ed3a5e9bf35bd7b98a40c326fb\",\"name\":\"Jenna Phipps\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/02\/EDITED-HH-88484840_Jenna_Phipps_Jenna_headshot_2_editor_faharia-150x150.jpg\",\"contentUrl\":\"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/02\/EDITED-HH-88484840_Jenna_Phipps_Jenna_headshot_2_editor_faharia-150x150.jpg\",\"caption\":\"Jenna Phipps\"},\"description\":\"Jenna Phipps is a staff writer for eSecurity Planet and has years of experience in B2B technical content writing. She covers security practices, vulnerabilities, data protection, and the top products in the cybersecurity industry. She also writes about the importance of cybersecurity technologies and training in business environments, as well as the role that security plays in data storage and management. When Jenna's not writing about security, you can find her reading, shopping, eating smoothie bowls, or spending time with friends.\",\"url\":\"https:\/\/www.esecurityplanet.com\/author\/jphipps\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Top 19 Network Security Threats + Defenses for Each","description":"Discover the most common network security threats and how to protect your organization against them.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/","og_locale":"en_US","og_type":"article","og_title":"Top 19 Network Security Threats + Defenses for Each","og_description":"Discover the most common network security threats and how to protect your organization against them.","og_url":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/","og_site_name":"eSecurity Planet","article_published_time":"2024-01-15T17:11:42+00:00","article_modified_time":"2024-03-05T16:53:46+00:00","og_image":[{"width":1400,"height":900,"url":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png","type":"image\/png"}],"author":"Jenna Phipps","twitter_card":"summary_large_image","twitter_creator":"@eSecurityPlanet","twitter_site":"@eSecurityPlanet","twitter_misc":{"Written by":"Jenna Phipps","Est. reading time":"20 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#article","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/"},"author":{"name":"Jenna Phipps","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/243ac4ed3a5e9bf35bd7b98a40c326fb"},"headline":"Top 19 Network Security Threats + Defenses for Each","datePublished":"2024-01-15T17:11:42+00:00","dateModified":"2024-03-05T16:53:46+00:00","mainEntityOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/"},"wordCount":4491,"publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png","keywords":["network security","network security threats"],"articleSection":["Networks"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/","url":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/","name":"Top 19 Network Security Threats + Defenses for Each","isPartOf":{"@id":"https:\/\/www.esecurityplanet.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#primaryimage"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#primaryimage"},"thumbnailUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png","datePublished":"2024-01-15T17:11:42+00:00","dateModified":"2024-03-05T16:53:46+00:00","description":"Discover the most common network security threats and how to protect your organization against them.","breadcrumb":{"@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#primaryimage","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2024\/01\/esp_20240116-network-security-threats.png","width":1400,"height":900,"caption":"Image: knowhowfootage\/Adobe Stock"},{"@type":"BreadcrumbList","@id":"https:\/\/www.esecurityplanet.com\/networks\/network-security-threats\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.esecurityplanet.com\/"},{"@type":"ListItem","position":2,"name":"Top 19 Network Security Threats + Defenses for Each"}]},{"@type":"WebSite","@id":"https:\/\/www.esecurityplanet.com\/#website","url":"https:\/\/www.esecurityplanet.com\/","name":"eSecurity Planet","description":"Industry-leading guidance and analysis for how to keep your business secure.","publisher":{"@id":"https:\/\/www.esecurityplanet.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.esecurityplanet.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.esecurityplanet.com\/#organization","name":"eSecurityPlanet","url":"https:\/\/www.esecurityplanet.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2020\/10\/eSecurity_logo_MainLogo.png","width":1134,"height":375,"caption":"eSecurityPlanet"},"image":{"@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/eSecurityPlanet"]},{"@type":"Person","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/243ac4ed3a5e9bf35bd7b98a40c326fb","name":"Jenna Phipps","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.esecurityplanet.com\/#\/schema\/person\/image\/","url":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/02\/EDITED-HH-88484840_Jenna_Phipps_Jenna_headshot_2_editor_faharia-150x150.jpg","contentUrl":"https:\/\/assets.esecurityplanet.com\/uploads\/2023\/02\/EDITED-HH-88484840_Jenna_Phipps_Jenna_headshot_2_editor_faharia-150x150.jpg","caption":"Jenna Phipps"},"description":"Jenna Phipps is a staff writer for eSecurity Planet and has years of experience in B2B technical content writing. She covers security practices, vulnerabilities, data protection, and the top products in the cybersecurity industry. She also writes about the importance of cybersecurity technologies and training in business environments, as well as the role that security plays in data storage and management. When Jenna's not writing about security, you can find her reading, shopping, eating smoothie bowls, or spending time with friends.","url":"https:\/\/www.esecurityplanet.com\/author\/jphipps\/"}]}},"_links":{"self":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/27731"}],"collection":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/users\/238"}],"replies":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/comments?post=27731"}],"version-history":[{"count":5,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/27731\/revisions"}],"predecessor-version":[{"id":34307,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/posts\/27731\/revisions\/34307"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media\/33632"}],"wp:attachment":[{"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/media?parent=27731"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/categories?post=27731"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/tags?post=27731"},{"taxonomy":"b2b_audience","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_audience?post=27731"},{"taxonomy":"b2b_industry","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_industry?post=27731"},{"taxonomy":"b2b_product","embeddable":true,"href":"https:\/\/www.esecurityplanet.com\/wp-json\/wp\/v2\/b2b_product?post=27731"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}