.

Friday, March 1, 2019

Malicious Attacks

Malicious armed combats basic either(prenominal)y seek to exploit vulnerabilities in a electronic network. These threats rat be passive or active and get to very negative consequences. The difference between active and passive advances ar that active attacks hastens changes or modifications to the data or attempt to gain close to type of attack to the network, while passive attacks do not make changes to the system at all.According to Solomon, 2012, there atomic number 18 many vindictive attacks and threats that can be carried out against the network, some of which are identified downstairs -Brute force attacks are one of the most tried and true attack methods where the attacker examples a software plan to try all feasible combinations of a password, gage code or user ID, until one of them is successful. -Hijacking is other type of attack that involves the attacker taking control of a session between two machines and masquerades as one of them.This can involve ma n-in-the-middle, web browser or session hijacking. Social engineering is another common attack where the attacker jokes the user in carrying out actions for them for example, the attacker may obtain the users login credentials by posing as an IT specialist which would then help the intruder gain access to the network. -Computer viruses act equivalent a biological virus, where it infects the host political program and could cause the host program to replicate itself to other computers. many of these viruses have become smarter with the capability to combat malware-detection programs by disabling their detection functions. Trojan horse is a malware program that masquerades as a useful program They use their outward appears to trick users into running them they look like programs that perform useful tasks but in truth hid malicious code. -Rootkits are newer types of malware that modifies or replaces one or more real programs to hide traces of attacks. -Spyware is a type of malwa re that specifically threatens the hush-hushity of tuition. It does this by gathering tuition about a user through an Internet connection without the users knowledge.The impacts of all of the above attacks could damage or disrupt the system. It could also cause security privileges to be escalated to allow the intruder to access, modify or even delete head-to-head data. Additionally, as a result of any intrusion on the network, users would experience PC slowness, crashes and just no access at all to necessary resources. Malicious software is a major threat to the network, native attackers, equipment theft and denial threats can pulsate even more of threat. inside ttackers reside within the company and could be a cybercriminal, which is why its important to monitor the threats constantly and care amply. Equipment theft can also pose a serious threat because if equipment ends up in the wrong hands, confidential information could be exposed like account numbers or access codes. Lastly, Denial threats make assets or resources unavailable or unuseable by flooding a specific port on a boniface rendering authorized users no access to import resources, which could be a severe impact.If there is a vulnerability in the network or organization, then there is a possibility of a threat. If the vulnerability can be eliminated or addressed, the risks of attacks or threats are greatly decreased. Some common vulnerabilities are listed below according to Radack, 2013 -In the user domain where the user lacks the awareness of security policies or accidental violation of acceptable use policy in the user domain. -In the workstation domain there could be impuissancees in installed software and where unauthorised users could access the system.In the LAN domain, transmitting undercover data unencrypted, unauthorized network access and where malicious software can be spread -In the LAN-to-WAN domain there could be exposure and unauthorized access of internal resources to th e public and loss of productivity due to lucre access. -In the remote access domain is where brute-force attacks occur on access and private data and data leakage from remote access or helpless storage devices. In the system and application domain there could be unauthorized physical or logical access to resources and weaknesses in server operating system or application software. -With VoIP there could be failure manufacturer passwords still in place, insecure class-of-service settings and trunk access classify restriction settings. The impact of any vulnerability is of course the possibility of a threat succeeding. A vulnerability is considered a weakness and any weakness in a network or organization will right away be exploited by an attacker.The attacker is able to obtain information in all seven domains if one domain is not fully protected. For example, if a brute-force attack is deployed on a network and successful, it could affect users access to resources. Users could be in accordance with security policies and following correct protocol in order to protect the network as much as they can but if the brute-force attack is indeed successful, they efforts are thwarted. This is why its important to address each and every possible vulnerability in the seven domains of a network.If users are equipped with the right security tools workstations are secure with strict access control policies LAN servers are secured with motley standards and guidelines LAN-to-WAN security should maintained while allowing users as much access as possible WAN domain has confidential encryption of data transmitting remote access domain has security controls applied according to policies in conclusion if the systems/application domain has security policies, procedures and guidelines implemented in the various applications or systems, all vulnerabilities would be addressed.

No comments:

Post a Comment