Tools of the Bad Guys Drill Flashcards
DoS attack:
Stands for “denial-of-service attack.” The attackers seek to make a computer or network unavailable to its intended user(s), by temporarily or indefinitely disrupting service.
DoS attacks are done by flooding the targeted system with unnecessary service requests, which overload the system. When the attacks come from multiple sources, it’s called DDoS, “distributed denial-of-service.”
Analogy: A group of people crowding around the entryway of store, making it hard for actual customers to enter.
security vulnerability:
A weakness on a network, computer, or software which allows a bad guy to gain access. A security vulnerability has three elements: a flaw, access to the flaw, and capability to exploit that flaw.
Example: A computer with outdated security updates. This vulnerability would allow an attacker to easily bypass the login password.
exploit:
Software or code—usually malicious—that takes advantage of a flaw or vulnerability. The purpose is to cause unintended or unanticipated behavior to occur with the software or hardware. Such behavior would be unauthorized access or control of a computer, or denial-of-service (DoS).
Example: Malware designed to take advantage of an outdated operating system that allows the attacker to control the user’s webcam.
zero-day:
The name of a vulnerability unknown to those who would be interested in securing it, which includes the software vendor or user (good guys). The bad guys use these vulnerabilities to launch an attack.
Example: A new iPhone is released on Jan 1st. The phone has a security flaw that allows someone to get around the passcode. Nobody knows about this flaw except for some bad guys, who have already broken into iPhones with the flaw.
Why is it called zero-day? Because the flaw was discovered and taken advantage of (by the bad guys) before the good guys could fix it. Essentially, the good guys had no warning; they had “zero-days” to do something about it.
zero-day exploit:
Also known as “zero-day attack,” is an exploit that takes advantage of a zero-day vulnerability on its first day of release, before the vendor knows about it.
Example: (Using the zero-day iPhone example above) A bad guy who hacks into a celebrity’s iPhone—using the zero-day vulnerability—and steals personal photos. Hackers are then able to do similar damage until Apple becomes aware and fixes the flaw.
advanced persistent threat:
Also known as APT, is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The bad guy’s goal is to go undetected and steal data, rather than cause damage to the network or organization.
Example: A bad guy hacks into your computer. Instead of slowing it down or demanding payment to unlock your files, the bad guy continues to observe your web browsing, to steal as many passwords as possible.
tailgating:
Also known as piggybacking, tailgating is a method used by bad guys to gain access to a building or other protected areas. A tailgater waits for an authorized user to open and pass through a secure entry and then follows right behind.
Note: Tailgating is a form of social engineering.
keylogger:
Malware or hardware that observes what someone types on their keyboard, which is then sent back to the bad guys.
Bitcoin:
A digital currency in which encryption (the process of converting information or data into a code) techniques are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank.
Some ransomware uses Bitcoin as the form of payment, because it’s very hard to trace.
money mule:
A person recruited by a criminal or criminal organization to quickly receive and turnaround funds involved in scams. The person is often unaware of their role in the criminal act.