Scribd Logo
Upload

Welcome to Scribd!

  • Malicious Attacks Threats and Vulnerabilities

    Uploaded by

    Mors Talionis
    17 views3 pages

    Original Title

    Malicious-Attacks-Threats-and-Vulnerabilities

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    17 views3 pages

    Malicious Attacks Threats and Vulnerabilities

    Uploaded by

    Mors Talionis

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Malicious Attacks, Threats, and Vulnerabilities

    OVERVIEW
     Malicious Activity on the Rise
     What Are You Trying to Protect?
     Whom Are You Trying to Catch?
     Attack Tools
     What Is a Security Breach?

    Malicious Activity on the Rise

    What Are You Trying to Protect?


     Asset
    o Is any item that has value. An organization’s assets can include the following:
     Customer data
     Name, address, phone, Social Security number (SSN), date of birth, cardholder
    data, protected health care information.
     IT assets and network infrastructure
     Hardware, software, and services.
     Intellectual property
     Sensitive data such as patents, source code, formulas, or engineering plans.
     Finances and financial data
     Bank accounts, credit card data, and financial transaction data.
     Service availability and productivity
     The ability of computing services and software to support productivity for humans
    and machinery.
     Reputation
     Corporate compliance and brand image.

    Whom Are You Trying to Catch?

     computer hacker
    o A computer expert who uses their technical knowledge to achieve a goal or overcome an
    obstacle, within a computerized system by non-standard means.

     hacker
    o Accused of using technology for terrorism, vandalism, credit card fraud, identity theft, intellectual
    property theft, or one of many other forms of crime.
    o describes a person who enjoys exploring and learning how to modify something, particularly
    related to computer systems

     Black-hat hackers
    o Tries to break IT security and gain access to systems with no authorization in order to prove
    technical prowess.
    o Generally exploit holes in systems, but they generally do not attempt to disclose vulnerabilities
    they find to the administrators of those systems.

     White-hat hackers (ethical hacker)


    o An information systems security professional who has authorization to identify vulnerabilities
    and perform penetration testing.
    o Will identify weaknesses for the purpose of fixing it.

     Gray-hat hackers
    o A hacker with average abilities who may one day become a black-hat hacker but could also opt
    to become a white-hat hacker.
    o A hacker who will identify but not exploit discovered vulnerabilities, yet may still expect a reward
    for not disclosing the vulnerability openly.

     Cracker
    o Has a hostile intent, possesses sophisticated skills, and may be interested in financial gain.
    o Represent the greatest threat to networks and information resources and these threats usually
    involve fraud, theft of data, destruction of data, blockage of access, and other malicious activity.

    Attack Tools

    Computer criminals and cyber-attackers use a number of hardware and software tools to discover
    exploitable weaknesses and other tools to perform the actual attack. These tools and techniques can include
    the following:

     Protocol analyzers
    o A protocol analyzer or packet sniffer (or just sniffer) is a software program that enables a
    computer to monitor and capture network traffic, whether on a LAN or a wireless network.
    Sniffers decode the frame and IP data packet, allowing you to see data in clear text if it has not
    been encrypted.

     Port Scanners
    o A port scanner is a tool used to scan IP host devices for open ports that have been enabled. For
    example, Port 80 is for HTTP web traffic, Port 21 is File Transfer Protocol (FTP), and Port 23 is
    Telnet, and etc.

     OS Fingerprint Scanners
    o An operating system (OS) fingerprint scanner is a software program that allows an attacker to
    send a variety of packets to an IP host device, hoping to determine the target device’s operating
    system (OS) from the responses.

     Vulnerability Scanners
    o A vulnerability scanner is a software program that is used to identify and, when possible, verify
    vulnerabilities on an IP host device.

     Exploit Software
    o Is an application that incorporates known software vulnerabilities, data, and scripted commands
    to “exploit” a weakness in a computer system or IP host device. It includes things like a denial of
    service attack, unauthorized access, a brute-force password attack, or buffer overflow.
     Wardialers
    o A computer program that dials telephone numbers, looking for a computer on the other end. The
    program works by automatically dialing a defined range of phone numbers.

     Password Crackers
    o Is an application program that is used to identify an unknown or forgotten password to a
    computer or network resources.

     Keystroke Loggers
    o Is a type of surveillance software or hardware that can record to a log file every keystroke a user
    makes with a keyboard.

    What Is a Security Breach?

     Any event that results in a violation of any of the confidentiality, integrity, or availability (CIA) security
    tenets is a security breach.
     Any incident that results in unauthorized access to computer data, applications, networks or devices. It
    results in information being accessed without authorization.

    Activities that can cause a security breach include the following:

     Denial of Service Attacks


    o is a coordinated attempt to deny service by occupying a computer to perform large amounts of
    unnecessary tasks.
    o This excessive activity makes the system unavailable to perform legitimate operations.

    o Two common types of DoS attacks are as follows:


     Logic attacks
     Use software flaws to crash or seriously hinder the performance of remote
    servers.
     Flooding attacks
     Overwhelm the victim computer’s CPU, memory, or network resources by
    sending large numbers of useless requests to the machine.

     Distributed Denial of Service Attacks


    o Overloads computers and prevents legitimate users from gaining access. In a DDoS attack,
    attackers hijack hundreds or even thousands of Internet computers, planting automated attack
    agents on those systems.

     Unacceptable Web Browsing


    o A violation of an organization’s acceptable use policy (AUP), such as an employee’s
    unacceptable web browsing, can itself be a security breach.
    o Unacceptable use can include unauthorized users searching files or storage directories for data
    and information they are not supposed to read, or users simply visiting prohibited websites.

     Wiretapping
    o The practice of connecting a listening device to a telephone line to secretly monitor a
    conversation.

     Backdoors
    o Give developers or support personnel easy access to a system without having to struggle with
    security controls.

     Rootkits
    o A malicious software programs designed to be hidden from normal methods of detection.
    o Installed by attackers once they obtain root or system administrator access privileges.

     Data Modifications
    o Data that are purposely or accidentally modified impact the integrity tenet of information
    systems security thus; it is also considered a security breach.

    You might also like