The internet has been very beneficial to business and home users. Home users of the internet have been given a new way to shop for goods. No, longer does grocery shopping or mall shopping have to take place in a brick and mortar building. Home users can now shop online in the comfort of their homes. Home users are also now able to communicate with other home users around the world thanks to the internet and its many online communication and social network applications. Home users have also been given another avenue for entertainment via the internet. Movies, games, and music can now be streamed to home users’ televisions, phones, and other electronic devices. Likewise, business users have also greatly benefited from the internet. The internet has now made the world smaller for business. Instead of selling goods to just local customers, businesses can now sell their goods worldwide. The internet also allows business workers the option of working from anywhere on earth outside of the office as long as they have an internet connection. Although the internet has made doing life and business much easier, it has brought the serious challenge of information technology security. Home and business users need to keep their personal information and business data secure. The internet has brought criminal activities that seek to exploit weaknesses in information technology security. The internet has introduced new threats to information technology security. First, email has become an easy avenue for cyber-attacks. Email is used in phishing schemes. “The individuals behind phishing emails are typically online criminals. They send out millions of these messages in the hope that a few recipients will act on them and provide their personal and financial information. Anyone with an email address is at risk of being phished. “ (Cisco, 2012) Email is also used to a propagate virus or malware infections. This cyber-attack happens when email is sent out with scripts or attachments that can hold malicious code. Once a user opens the attachment or allows the code to run on their computer, it is infected and can be possibly controlled remotely from the internet. Email can also be spoofed. Spoofing is when the attacker sends out email using another person’s identity. “A favorite technique of spammers and other “bad guys” is to “spoof” their return e-mail addresses, making it look as if the mail came from someone else. In effect, this is a form of identity theft, as the sender pretends to be someone else in order to persuade the recipient to do something (from simply opening the message to sending money or revealing personal information).” (Shinder, 2012) Next, the internet has also introduced attacks that can come from malicious web sites. One such attack is called web spoofing. “Web spoofing allows an attacker to create a “shadow copy” of the entire World Wide Web. Accesses to the shadow Web are funneled through the attacker’s machine, allowing the attacker to monitor all of the victim’s activities including any passwords or account numbers the victim enters.” (Felten, 1997) The World Wide Web can also be used as another carrier for malware to be loaded on to computers. This is called malware injection. “Malware injection is the act of inserting - or injecting - malicious code into a web page so that so that when Internet users browse the page their computer2 is infected with malware.” (Armorize Technologies Inc, 2009) Finally, the internet has also introduced intrusion attacks. Attackers will scan the IP addresses of anyone connected to the internet. The scans will look for any port that answers to a request. “A port scan helps the attacker find which ports are available (i.e., what service might be listing to a port). Essentially, a port scan consists of sending a message to each port, one at a time. The kind of response received indicates whether the port is used and can