launching pad for breaking into the network.As a recent example of a famous securitybreach, a hacker broke into the entire network by using vulnerability in an administrator'sdesktop. Possibilities and combinations of such similar attacks are huge and areimportant to mitigate. Unfortunately, multi-stage attacks are complex and it is beyond thecapacity of human minds to find out allpossible attack paths. Situation gets morecomplex when an attacker breaks into severalsuch less critical hosts and chains attack payload through them before reaching thefinal secure critical server.There are many low threat vulnerabilities inhosts that appear harmless because of their lowseverity rating. However, these often lead tosevere vulnerabilities in a system. Attackers areincreasingly exploiting this opportunity.Security managers focus mostly on eliminatinghigh threat vulnerabilities leaving the lowthreat ones open – falsely assuming that theypose little or no threat at all!Attackers are exploiting client side softwarelike browsers, word processors, documentreaders to gain access to victim's system. Sinceusers are trusted within a network, attackerscan now easily bypass perimeter securitydevices. Browsers and email clients are themost popular targets since they are prevalent in
Dangerous low threat vulnerabilitiesand harmless high threatvulnerabilities
Client Side Exploitation“What may appear as a benignor low-priority vulnerability ona host may be used as alaunching point for an attackerto penetrate other devices onthe network”
any desktop/laptop. There have been a lot of vulnerability disclosures in IE, Firefox, Opera,Safari, MS word, Adobe, MS outlook etc.ARP poisoning combined with Man-in-theMiddle attacks have long been a knowntechnique for attackers to intercept and stealconfidential information. Tactical approachuses this technique and goes one step beyondby combining it with automatic fake softwareupdates. Attackers can fool users by forcingtheir traffic to pass through a rouge gatewaysetup by ARP poisoning and push malicioussoftware updates from a fake update server. Asan example, when a fake or trojan infectedupdate of “Microsoft word 2007” pops up onthe user’s screen, an unsuspecting user mayinstall the update believing that it is actuallyfrom Microsoft. Every user’s workstation canpotentially be compromised this way.Social engineering hackers exploit the users’credulity, laziness, good manners, or even theirenthusiasm. Therefore it is challenging todefend against socially engineered attacksbecause the targets may not even realize thatthey have been duped, or may prefer not toadmit it to others.Advanced social engineering techniques havesurfaced in recent times combined with clientside attacks, phishing, and systemexploitation. This form of attack is not onlyeffective but also has devastating impact.
“A hacker can send you a link ora file. Opening them couldeasily trigger a trojan downloadon your system in spite of yourfirewall.”ARP poisoning with softwareupdatesSocial Engineering