Chapter 1.2 - Attack Types Flashcards
Given a scenario, analyze potential indicators to determine the type of attack
Malware
Malicious software used to intend harm and gather information
Ransomware
Taking away data and requiring victim to pay to get it back
Trojans
Software that pretends to be something else to conquer your computer
Worms
Malware that self-replicates itself
Does NOT need to be executed by the user
Potentially Unwanted Programs (PUPs)
Usually downloaded by trojans
Software that a user may perceive as unwanted or unnecessary
File less Virus
A stealth attack operated in memory
Avoids anti-virus detection and is never installed in a file or application
Command and Control
Responsible for sending out commands to bots
Bots (Robots)
A type of software application or script that performs automated tasks on command
Cryptomalware
Newer generation of ransomware
Uses cryptography to encrypt victim information and sends the victim the key to decrypt if the victim sends them cryptocurrency
Logic Bombs
Waits for a predefined moment before attack is executed
Example: time, date, event
Keyloggers
A form of malware or hardware that keeps track of and records your keystrokes as you type
Remote Access Trojan (RATs)
Installed as a backdoor
Malware use to gain complete control of operating system
Rootkit
Modifies files in the foundational building blocks of the operating system (the core)
Backdoor
A new way to get into system with out going through front door and as much security
Placed on system through malware
Virus
Malware that can reproduce itself
Executed by user when a program is run
Examples: program, boot sector, script, macro viruses
Adware
Pop-ups that can cause performance issues on your device
Spyware
Malware that spies on you and everything you do
Botnets
A group of bots working together
DDoS
Spraying Attack
Attacking an account with the top three (or more) passwords
Move on if they do not work so there are no lockouts, alarms, or alerts
Dictionary Attack
Using a dictionary to find common words or wordlists
Brute Force Attack
Trying every possible password combination until the hash is met
Brute Force Attack - Online
Keep trying the login process
Very slow
Might lockout after a certain amount of attempts
Brute Force Attack - Offline
Brute forcing the hash
Get a list of users and hashes
Calculate a password hash, compare it to the stored hash
Rainbow Table
Pre-built/ calculated set of hashes
Increases speed
Plaintext/ Unencrypted
Storing passwords in the “clear”
There is no encryption and you can read the stored password
Malicious Universal Serial Bus (USB) Cable
Looks like a normal USB cable but has additional electronics inside
Human Interface Device (HID)
Downloads and installs malicious software
Malicious Flash Drive
Looks like a normal flash drive but can cause damage
Load malware documents, boot device, ethernet adapter
Card Cloning
Get card details from a skimmer
Create a duplicate of a card
Skimming
Stealing credit card information during a normal transaction
Tainted Training Data for Machine Learning (ML)
Attackers sending modified training data that causes AI to behave incorrectly
Security of Machine Learning Algorithms
Check the training data
Retrain with new data
Train the AI with possible poisoning
Evasion Attacks
Used to trick the AI into giving off confidential information
Supply Chain Attacks
Attackers can affect the supply chain by infecting different parts without suspicion
One exploit can infect the entire chain
Birthday Attack
Finding a hash collision through the effect of chance
Collision Attack
Finding two inputs producing the same hash value
Downgrade Attack
Having a system downgrade their encryption making it easy to exploit
Could use an on-path attack