Module 3 - 03-1 Flashcards
Introduction to network intrusion tactics
Whare are examples of common network intrusion attacks (4)?
- Malware
- Spoofing
- Packet sniffing
- Packet flooding
How can attacks harm an organization (4)?
- Leaking valuable or confidential information
- Damaging to an organization’s reputation
- Impacting customer retention
- Costing money and time
Which of the following are common network attacks? Select all that apply.
- Spoofing
- Proxy servers
- Malware
- Packet flooding
- Spoofing
- Malware
- Packet flooding
Spoofing, packet flooding, and malware are all common network attacks.
Explain the notorious cyber attack that occurred in 2014?
There was an attack against the American home-improvement chain, Home Depot.
A group of hackers compromised and infected Home Depot servers with malware. By the time network administrators shut down the attack, the hackers had already taken the credit and debit card information for over 56 million customers.
Define Network interception attacks
Network interception attacks work by intercepting network traffic and stealing valuable information or interfering with the transmission in some way.
Define Packet sniffing
The use of hardware or software tools to capture and inspect data in transit
In addition to seeing information that they are not entitled to, malicious actors can also intercept network traffic and alter it. These attacks can cause damage to an organization’s network by inserting malicious code modifications or altering the message and interrupting network operations.
What are examples of Network interception attacks?
- Packet sniffing
- On-path attacks
- Replay attacks
Define and explain Backdoor attacks
In cybersecurity, backdoors are weaknesses intentionally left by programmers or system and network administrators that bypass normal access control mechanisms.
Backdoors are intended to help programmers conduct troubleshooting or administrative tasks. However, backdoors can also be installed by attackers after they’ve compromised an organization to ensure they have persistent access.
Once the hacker has entered an insecure network through a backdoor, they can cause extensive damage: installing malware, performing a denial of service (DoS) attack, stealing private information or changing other security settings that leaves the system vulnerable to other attacks.
What does DoS stand for?
Denial of Service
Define DoS attack
A DoS attack is an attack that targets a network or server and floods it with network traffic.
What are some significant negative impacts that network attacks can have on an organization (3)?
- Financial
- Reputation
- Public safety
Explain the Financial negative impact of a network attack
Financial:
When a system is taken offline with a DoS attack or some other tactic, they prevent a company from performing tasks that generate revenue. Depending on the size of an organization, interrupted operations can cost millions of dollars. Reparation costs to rebuild software infrastructure and to pay large sums associated with potential ransomware can be financially difficult. In addition, if a malicious actor gets access to the personal information of the company’s clients or customers, the company may face heavy litigation and settlement costs if customers seek legal recourse.
Explain the negative Reputation impact of a network attack
Reputation:
Attacks can also have a negative impact on the reputation of an organization. If it becomes public knowledge that a company has experienced a cyber attack, the public may become concerned about the security practices of the organization. They may stop trusting the company with their personal information and choose a competitor to fulfill their needs.
Explain the negative Public impact of a network attack
Public safety:
If an attack occurs on a government network, this can potentially impact the safety and welfare of the citizens of a country. In recent years, defense agencies across the globe are investing heavily in combating cyber warfare tactics. If a malicious actor gained access to a power grid, a public water system, or even a military defense communication system, the public could face physical harm due to a network intrusion attack.
