Phishing Ц An attempt to mislead people into divulging confidential information, such as Social Security numbers and passwords. Phishing typically uses legitimate-looking email or IMs in combination with imposter websites to make fraudulent requests for information (e.g., to go "fishing" for data).
Logic Bomb Ц Malicious code inserted into a program and designed to lay dormant until a specific event occurs, such as a specific date being reached or a user typing a specific command, at which time the logic bomb triggers, usually to destroy or modify data without the knowledge or authorization of the computer user.
IP spoofing Ц An attack method by which IP packets are sent with a false source address. This may try to circumvent firewalls by adopting the IP address of a trusted source, thereby fooling the firewall into thinking that the packets from the hacker are actually from a trusted source. It also may be used to simply hide the true origin of an attack.
Online fraud is one of the most widespread forms of cybercrime, with the Internet used increasingly to steal the identities and financial information of unsuspecting surfers. Criminals use unsolicited email messages, as well as websites, chat rooms, message boards and social networks in order to get access to peopleТs details.
Cyber security is a set of people, process and technical practices aimed at protecting critical infrastructures, digital business and sensitive information from internal and external threats or negligence.
Exfiltration Ц Captured sensitive information is sent back to the attack teamТs home base for analysis and further exploitation
Ц The desired data is already waiting on the temporary on-premise server
Ц The attacker uses a tool to encrypt the credentials and sensitive data
Ц This data is then exfiltrated to the external drop server
Ц From here, the attacker is free to do what they will with the stolen data
Capture Ц Attackers access unprotected systems and capture sensitive information from those systems that have proven vulnerable to compromise. They may also install malware to secretly acquire data or disrupt operations
Ц The attacker has identified the location of high value assets
Ц They then work to gain access to systems they have breached so they can steal this information
Ц The attacker sets up an external drop server
Ц Then they copy the desired data to a temporary on-premise staging server
Discovery Ц With access to the network, attackers stay Уlow and slowФ to avoid detection. They then map the organizationТs defenses from the inside and create a battle plan for information they intend to target
Ц A Command-and-Control server is now set up
Ц Data is trawled and the malware contacts the attacker via Command-and-Control channels
Ц The attacker collates stolen data using malware to transmit logins and passwords as users access key servers
Ц The attacker leverages stolen data, passwords and logins to map the network, access other systems and identify high value assets
Incursion Ц Attackers break into the network, delivering targeted malware to vulnerable systems and people, often without the user being aware they are a target
Ц The attacker will leverage weaknesses in networks and systems to gain entry
Ц The attacker may try to fool users into clicking on a malicious web link, or installing a fake application
Ц Innocent-looking Spear-Phishing emails also contain attachments infected by back-door Trojans
Reconnaissance Ц Attackers leverage information from a variety of factors to understand their target including identifying vulnerable servers, insecure applications, or unpatched systems that can be compromised
Ц The attacker probes networks and systems to identify weaknesses, making every effort to remain undetected
Ц The attacker also researches employees to target through publicly available sources
Ц The attacker attempts to compromise them with spam or a phishing attack
Ц Research may also identify frequented websites that can be baited with malware
An ethical hacker is a computer and network expert who attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit. To test a security system, ethical hackers use the same methods as their less principled counterparts, but report problems instead of taking advantage of them. Ethical hacking is also known as penetration testing, intrusion testing and red teaming.
In order for hacking to be deemed ethical, the hacker must obey the below rules.1. You have permission to probe the network and attempt to identify potential security risks. It is recommended that if you are the person performing the tests that you get written consent.
2. You respect the individual's or company's privacy and only go looking for security issues.
3. You report all security vulnerabilities you detect to the company, not leaving anything open for you or someone else to come in at a later time.
4. You let the software developer or hardware manufacturer know of any security vulnerabilities you locate in their software or hardware if not already known by the company.