Main Ad

Methods Of Security Attacks

by - InfoWorld on - January 04, 2020

During this article, we will cover the methods of attacking systems, and we will discuss some of the ways that an attacker might use to remotely penetrate an entity



Malicious Code




  • Logic Bombs: most commonly inserted by an inside programmer
  • Trojan Horses: any program that has an unintended purpose, these are not replicating themselves as viruses, but they can be destructive to the assets
  • Trap Doors: inserted for "maintenance" purposes, Sendmail and DNS had these, and they are providing an undocumented way of gaining access to the application.





Denial Of Service

  • Exhausting the system resources with DDoS attacks that will prevent you from accessing or modifying your systems and resources.
  • Unexpected input value the machine does not know how to process, very common with network-based attacks



Physical Attacks
  • Physical access to systems should be controlled
  • The attacker can restart the system, shutting it down or take removable media with sensitive data.


Buffer Overflows
  • Programs/Softwares dedicate a certain amount of buffer space to perform operations
  • In poorly coded applications, no boundary checks are present to ensure buffers are not overfilled
  • The additional code pushed in the buffer can sometimes be used to execute system commands


Brute Force

  • An attempt to gain access to a system by bombarding it with possible guesses until the correct one is found.


Remote Maintenance

  • Remote Maintenance allows administrators and vendors into a system, to troubleshoot a problem remotely, such as Webex, Zoom, or VNC


Browsing

  • This is probably the simplest attack to do. You simply look at large amounts of data to find compromising information
  • Important and sensitive information can be in risk when using searching with open source.



Who are doing Attacks?

Attacks can be done by different people or organizations targetting and specific assets and to satisfy a specific purpose. Attackers can be listed as below

  • Crackers
  • Competitors
  • Organized Crime
  • Hacktivists
  • Governments



Who are the Targets?

The target of the attacks can be from different fields and sectors, either related to business, or personals. The targets can be listed and categorized as below:


  • Industry
  • Financial
  • Government
  • Competitor
  • Personal Information
  • Ideals
Now please share with us your experience with security attacks and if have you faced another type of attacks and how you dealt with it







Tags
Reactions

Post a Comment

0 Comments