Common Security Threats Flashcards
3 major categories of attacks
- Reconnaissance Attacks
- Access attacks
- DoS attacks
Reconnaissance Attacks
- known as information gathering
- think of thief scouting neighbourhood for vulnerable houses
- hackers use recon attacks to do unauthorized discovery and mapping of systems, services, or vulnerabilities
- recon attacks precede access attacks or DoS attacks and often employ the use of widely available tools
Steps of a Reconnaissance Attack
- Perform an information query of a target
- Initiate a ping sweep of the target network
- initiate a port scan of active IP addresses
- run vulnerability scanners
- run exploitation tools
Access Attacks
Access attacks exploit known vulnerabilities in authentication services, FTP services, and web services to gain entry to web accounts, confidential databases, and other sensitive information.
3 reasons hackers would use access attacks
- to retrieve data
- to gain access
- to escalate access privileges
Types of Access attacks
- password attack
- Trust exploitation
- port redirection
- MITM
- Buffer overflow
- IP, MAC, DHCP spoofing
IP, MAC, and DHCP spoofing attacks
Spoofing attacks are attacks in which one device attempts to pose as another by falsifying data. There are multiple types of spoofing attacks. For example, MAC address spoofing occurs when one computer accepts data packets based on the MAC address of another computer.
Buffer Overflow
This is when a hacker exploits the buffer memory and overwhelms it with unexpected values. This usually renders the system inoperable, creating a DoS attack. It is estimated that one third of malicious attacks are the result of buffer overflows.
MITM Man-In-The-Middle Attack
The hacker is positioned in between two legitimate entities in order to read or modify the data that passes between the two parties.
Port Redirection
This is when a hacker uses a compromised system as a base for attacks against other targets.
Trust Exploitation
A hacker uses unauthorized privileges to gain access to a system, possibly compromising the target.
Password Attack
Hackers attempt to discover critical system passwords using various methods, such as social engineering, dictionary attacks, brute-force attacks, or network sniffing. Brute-force password attacks involve repeated attempts using tools such as Ophcrack, L0phtCrack, THC Hydra, RainbowCrack, and Medusa.
Social Engineering
- Social engineering is an access attack that attempts to manipulate individuals into performing actions or divulging confidential information.
- Let’s say a hacker calls an authorized employee with an urgent problem that requires immediate network access. The hacker could appeal to the employee’s vanity, invoke authority using name-dropping techniques, or appeal to the employee’s greed.
Social Engineering attacks
- Pretexting
- Phishing
- Spear Phishing
- Spam
- Tailgating
- somthing for somthing (quid pro quo)
- Baiting
Phishing
Phishing is when a malicious party sends a fraudulent email disguised as being from a legitimate, trusted source. The message intends to trick the recipient into installing malware on their device, or into sharing personal or financial information.
Pretexting
This is when a hacker calls an individual and lies to them in an attempt to gain access to privileged data. An example involves an attacker who pretends to need personal or financial data in order to confirm the identity of the recipient.
Social Engineering Toolkit
The Social Engineering Toolkit (SET) was designed to help white hat hackers and other network security professionals create social engineering attacks to test their own networks.
Baiting
This is when a hacker leaves a malware-infected physical device, such as a USB flash drive in a public location such as a corporate washroom. The finder finds the device and loads it onto their computer, unintentionally installing the malware.