\u00a0<\/p>\n
Security+: Security Threats, Social Engineering, Cyber-Attacks<\/strong><\/p>\n With the advance of the internet, cyber-hacking, cracking, and digital mischief … threats to computer systems, networks, and the internet is growing an an exponential rate. These threats range from social engineering, to actual attacks on hardware, software, and networks. Unsecured systems and networks can lose data from these attacks and therefore lose revenue. The attacks manifest in phishing, viruses, worms, trojans, spyware, adware, rootkits, botnets, and logic bombs. Vulnerabilities exist with network devices, back doors, weak passwords, and privilege escalations. These threats come in through back doors, ports, protocols, weak firewalls, and appear as TCP\/IP hijacking, spoofing, man-in-the-middle attacks, eavesdropping, replay, DOS, DDOS, DNS and ARP poisoning. Peripheral data storage items have become deadly tools for introducing these methods for damaging systems, stealing data, and wreaking havock. The user and people associated with data systems are amongst the weakest links and succomb often to attacks known as ‘social engineering’ which are actual threats against the human factors in the technology environment. Social engineering relies on deception and trickery to convince unsuspecting users to provide sensitve data or to violate security protocols or rules. These come in via person-to-person, through the internet, over email, or over the phone. Attackers posing as bank representatives asking for a user’s password, sales representatives fooling the user into giving away personal data, emails with executables hosting bombs, worms, or viruses. The most common forms of social engineering attacks are pretexting (someone pretending they are someone they are not), shoulder surfing (someone spying on what you are doing and capturing private data), dumpster diving (someone taking private data from your physical trash), theft (someone blatantly stealing info and resources), trojan horses (malicious code masquerading as a harmless file), spoofing (faking emails, IP addresses, or MAC addresses), and phishing (email trying to gain personal information). Hackers and Attackers utilize these tools to get into systems, networks, and to break security. There are two types of hackers – the white hats (those to discover and expose security flaws) and the black hats (those who break into systems for fun or a malicious purpose). Attackers can be summed up as disgruntled employees within the organization, electronic activists (Hacktivists), data thieves, script kiddies, electronic vandals, and cyberterrorists. Attacks also come in through software via software attacks going after operating systems, applications, protocols, and files with the goal of disrupting, disabling, or exploiting the target system. Malicious code attacks are where an attackere places malware or undesirable software into a system. Viruses are a common type of malware as are worms, trojans, logic bombs, spyware, adware, rootkits, and botnets. Software exploitation attacks is where an attacker gets in by a known flaw or feature in an application, such as an email client or database system. These manifest as buffer overflows, mathematical, or weak keys. Other attacks come from the misuse of privilege – where legitimate users make inappropriate use of their system privileges to steal sensitivie data, delete or modify data, create users or groups, or to provide inappropriate access to others and\/or to disrupt network operations by disabling accounts, services, and user access. These will often show up in the system audit logs which also get attacked by a attacker covering his\/her tracks by appearance of empty audit logs, gaps in audit logs, and audit entries that have been erased. Password attacks are where attackers attempt to obtain and make use of passwords illegitimately by guessing, stealing, or cracking encrypted password files. These are often cracked by guessing, stealing, dictionary attacks, brute force attacks, rainbow tables, hybrid password attacks, and birthday attacks. Other attacks come in through the backdoor where developers or an attacker creates a software mechanism called a backdoor to gain access to a system.<\/p>\n \u00a0 Security+: Security Threats, Social Engineering, Cyber-Attacks With the advance of the internet, cyber-hacking, cracking, and digital mischief … threats to computer systems, networks, and the internet is growing an an exponential rate. These threats range from social engineering, to … Continue reading
\nAttacks take place on networks as well by means of IP spooking attacks where the attacker creates IP packets with a forged IP source; eavesdropping or sniffing where special monitoring software is used to gain access; hijacking software that takes control of TCP-IP network sessions after the session is authenticated, gaining access via the identity of a legitimate user. Replay attacks are done via software to capture network traffic and then going after a specific host or network. Man-in-the-middle attacks are when an attacker inserts himself between two hosts to gain access to their data transmissions. DOS or Denial of Service attacks is where attackers try to disrupt or disable systems by flooding network links with data to consume bandwidth, sending data designed to exploit known application flaws, or sending multiple service requests to consume a system’s resources. DDOS or Distributed Denial of Service attacks use multiple computers on disparate networks to launch the attack from simultaneous sources by means of zombies or drones that direct the computers to launch the attacks. ICMP Floods, UDP flods, SYN floods, and reflected Dos attacks are also commonplace. ARP Poisoning is where individual hardware MAC addresses are matched to an IP addresss on a network and the attacker gains access to the target network by redirecting IP addresses to the MAC address of a computer that is not the intended recipient and captures or alters the network traffic before forwarding it to the correct destination causing a denial of service condition pointing the selected IP address to non-existent MAC addresses. A similar attack is done with the DNS called DNS Poisoning as well as DNS hijacking. Hardware threats come in through computer components such as thumb drives, storage media, and plug-in peripherals introducing viruses, hijacks, spyware, worms, trojans, or by stealing data.<\/p>\n","protected":false},"excerpt":{"rendered":"