Week 1 Assignment_Methods and Techniques Used by Cyber Attackers
docx
keyboard_arrow_up
School
Maseno University *
*We aren’t endorsed by this school
Course
222
Subject
Information Systems
Date
Nov 24, 2024
Type
docx
Pages
8
Uploaded by JusticePheasant3113
1
Week 1 Assignment: Methods and Techniques Used by Cyber Attackers
Student Name:
Professor’s Name:
Course Name and Code:
Date of Submission:
2
Week 1 Assignment: Methods and Techniques Used by Cyber Attackers
Introduction
According to Biju (2019), a cyberattack aims to steal, modify, or destroy any critical data stored on a computer or computer network. Attackers can be any person or program that gains unlawful access or use. Individuals or organizations can carry out cyberattacks. A cyberattack aims to access a person's or a management's information system. Cyberattacks alter computer data, code, or logic by utilizing malicious code. This has disruptive effects, compromises data, and opens the door to cybercrimes, including identity and information theft. Organizations need to stay vigilant to protect their online presence. The following are among the most popular techniques for cyberattacks.
Weak and Stolen Credentials / Compromised Credentials
Credential compromises are the most common attack vector worldwide, accounting for over 80% of breaches. Because users nowadays have so many passwords and logins to remember, it can be tempting to reuse them to save time. Cybercriminals take advantage of consumers who reuse their passwords, even though security best practices advise using unique passwords for every application and internet login. The typical password is reused 2.7 times, and if a credential is compromised, attackers can gain access to other accounts held by the victim (Wang et al., 2021).
According to Wang et al. (2021), databases of login information and passwords from compromised websites or services are easily obtained by attackers and sold on the dark web or black market. Then, with the possibility that the passwords have been reused, they will attempt to
log in to other websites using these credentials. Password managers and multi-factor
3
authentication are recommended best practices to defend against this frequent attack vector, although no preventive measure is 100% certain.
Malicious Insiders / Attacks by Insiders
Not every network assault is carried out by an unidentified external actor. Insider threats are assaults conducted by a coworker or employee who works for the company and has legitimate access to the system, which they subsequently misuse. Compared to unknown attackers, insiders who carry out these attacks can obtain access to the firm information systems they target (Isa, 2021).
Insider assaults are not always malevolent. Sometimes, inexperienced staff members unintentionally reveal private information or grant access. Most firms need more protection against insider attacks since their attention and resources focus on thwarting external threats. It can be more challenging to identify this kind of attack because the " attacking " person is seen as legitimate. Insider threats can impact every aspect of computer security, from infecting computers with viruses and crashing them to pilfering confidential information (Isa, 2021).
Misconfiguration
Misconfiguration has been the cause of numerous breaches. Microsoft revealed a data breach in December 2019 due to a modification to the database's network security group, including incorrectly configured security rules that made the data visible. A misconfigured database allowed the French athletic goods business Decathlon to expose user data in 2020, exposing approximately 123 million records, including employee and customer information (Li et al., 2019).
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
4
Gaming hardware firm Razer compromised customer data due to a misconfigured database. Virgin Media admitted that a "misconfigured database" had exposed the personal information of 900,000 people. It was also discovered that Pfizer had experienced a significant data breach due to unprotected cloud storage. The exposed data, which included electronic mail addresses, residential addresses, full identities, and other information relating to the HIPAA were
discovered in a poorly built cloud storage bucket (Li et al., 2019).
Numerous breaches of misconfiguration have occurred. Often, the mistakes result from well-meaning developers hurrying to release the product or needing to be made aware of how to configure the services they are utilizing securely. Although it is not easier to avoid misconfigurations, auditing and automating a secure configuration with procedures is a good place to start (Li et al., 2019).
Phishing
Phishing is a type of "social engineering" in which an online criminal creates an email in order to fool the recipient into performing a risky activity. For example, users may be convinced to click on a link that leads to a bogus website where they are asked to give personal information,
or they may be duped into installing malware that appears to be a necessary attachment (Wang et al., 2021).
According to Wang et al. (2021), in order to "catch" one or a few unsuspecting users and obtain their data, including debit and credit card information and login credentials, phishing emails can be automatically sent to thousands of prospective recipients. However, many phishing
emails are relatively basic and contain telltale signs of being phony, such as misspelled email addresses and spelling errors.
5
However, some are made to trick people into providing helpful information; this practice is called spear phishing. After observing an employee, they are singled out. This is a component of the growing threat of business email compromise (BEC). The attacker fools the victim into opening a text message, email, or instant messaging by seeming to be a reliable person or reputable company. The recipient is then confused by the attackers to click on malicious attachments that end up affecting their devices with malware, or they are tricked into clicking on a malicious link that can also result in the installation of malware, freeze the system (as a part of a ransomware attack), reveal confidential information, or ask for confidential data input (Biju, 2019).
Phishing assaults are a popular weapon of choice because they prey on human curiosity and impulse, and controlling human behavior is the most challenging aspect of cyber security. In order to defend against phishing efforts, it is critical to be aware of certain telltale signs. Check out the Phishing infographic for fundamental warning signs (Biju, 2019).
Party/Trust Relationships / Supply Chain
Attackers may take advantage of the numerous interconnected systems inside and between organizations. In cybersecurity, third-party businesses can be important attack vectors. These assaults happen when a third-party vendor or supplier with knowledge of the information and systems infiltrates a system (Biju, 2019). This occurred in the Target breach, where a third-
party vendor was the initial penetration point. Due to this kind of attack, big and small organizations and their business partners need to promote a culture where reciprocal transparency and the sharing of the latest information on cyber security are expected. Using privileged access control, zero-trust, and minimizing privileges are essential strategies for thwarting these assaults.
6
According to Biju (2019), zero-day vulnerabilities are undiscovered security holes or software defects targeted by malicious programs that have not yet been patched. The term "zero-
day" describes how many days a software provider has been aware of the attack. As people engage in the downloading of the upgrades of their device’s security, the attacks on the vulnerable computers number decreases day by day after an issue of patch. However, hackers may have already created malware that bypasses the security flaw and infects a device or network. In order to safeguard its users, the vendor must act swiftly to address the vulnerability as soon as it is made public.
On the dark web, exploit kits for these vulnerabilities are frequently purchased and sold. A zero-day exploit appears before a fix or other countermeasure is implemented after the network vulnerability is made public. Attackers use this window of opportunity to target the publicized vulnerability. Threat detection from zero-day vulnerabilities necessitates ongoing monitoring (Biju, 2019).
Dictionary Network Attacks as Well as Brute-Force Attacks
Using repeated trial and error to overwhelm the system is referred to as "brute force." Brute-force and Dictionary Network attacks include an attacker trying to access a user's account by methodically examining and trying every password combination until they discover the right one. Brute-force dictionary assaults are straightforward and dependable; attackers can try 100–
1,000 times a minute by letting a computer handle various login and password combinations until they discover one that works (Isa, 2021).
According to Isa (2021), brute-force password hacking necessitates dictionary software that mixes dictionary words with hundreds of possible combinations. Brute-force assaults can
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
7
eventually break any password within a few hours or days. Password protocols are emphasized by brute-force attacks, particularly regarding essential resources like servers, network switches, and routers.
One minute or less could be needed to decipher a simple password (such as a four-digit PIN). Increasing it to six characters could take up to an hour or more. Extending the text to eight characters can take days by combining letters and symbols. The amount of time needed for a brute-force attempt to figure out the password increases by increasing the quantity and varying the characters. Thus, creating a long, strong password could take several weeks or even months. Nevertheless, an attacker with sufficient time, computing power, and effort will figure out the password (Isa, 2021).
Conclusion
Cyberattacks are considered to be the most unknown and continually changing threats to computers or computer networks. Different hacking tactics have been adopted by cybercriminals,
making both the personal and business sectors more susceptible to security issues. This study provided an overview of the most popular cyberattacks that attackers utilize to compromise our vital data. These attacks adversely affect the system's and the network's integrity, confidentiality, and security. Understanding potential threats and taking necessary precautions to secure the system and network are the two most important things we can do to defend the entities against attacks.
8
References
Biju, J. M., Gopal, N., & Prakash, A. J. (2019). Cyber attacks and their different types. International Research Journal of Engineering and Technology
, 6(3), 4849-4852.
İsa, A. V. C. I. (2021). Investigation of cyber-attack methods and measures in smart grids. Sakarya University Journal of Science
, 25(4), 1049–1060.
Li, F., Yan, X., Xie, Y., Sang, Z., & Yuan, X. (2019, October). A review of cyber-attack methods in cyber-physical power systems. In 2019 IEEE 8th International Conference on Advanced Power System Automation and Protection (APAP) (pp. 1335-1339). IEEE
.
Wang, Q., Cai, X., Tang, Y., & Ni, M. (2021). Methods of cyber-attack identification for power systems based on bilateral cyber-physical information. International Journal of Electrical
Power & Energy Systems
, 125, 106515.