Lecture 2 - Cyberattack Basics Flashcards
What is a cyber attack?
any offensive maneuver that
targets computer information systems, computer networks, infrastructures, or personal computer devices
What are the two types of attacks?
active attack
passive attack
What is an active attack?
An attack that attempts to alter the system resources or affect their operation
Example of an active attack?
DOS, Spoofing , MITM, ARP Poisoning
What is a passive attack?
attempts to learn or make use of information from the system but doesn’t affect the system resources
(just listening or monitoring)
Examples of a passive attack?
keyboard logger , wiretaping, fiber tapping
What are the 4 forms of cyber threats?
- environmental (break in, physical damage)
- unintentional (human error , poor training , insufficient documentation)
- intentional (typically internal e.g. staff caused)
- external (hackers etc.)
What are the most common security problems?
- Snooping
- Modification
- Masquerading or spoofing (impersonation)
- Repudiation (denial of sending / creating information)
- Denial of receipt (False denial of receiving information)
- Delay (Temporary inhibition of access to services or information)
- Denial of service (Long-term or permanent inhibition of access to
services or information)
What does DOS stand for?
Denial Of Service Attack
What is DOS?
an attempt to compromise availability by hindering or blocking completely the
provision of some service
- typically exhausts system resources (e.g. flooding a web server with endless requests, so the server can’t respond in a timely manner)
What resources are targeted in a cyberattack?
- network bandwidth
- system resources
- application resources
What is the most common resource targeted now?
Network bandwidth as most cyber attacks are external. Bandwidth is also extremely limited, so easy to destabilise.
