Cyber/digital Attacks - Literature review Example

? Cyber/digital attacks Number Cyber attacks Cyber-attacks are a deliberate or unintentional un ized task, which cannot be avoided or is in avoidable that that is capable of causing a vagary on the cyberspace resources. The scope of cyber-attack is expands from hardware, software, data that is stored, data in transit, people, documents and other hardware needed like printer cartridges. The different types of attack that are detriment to cyber security are Keylogging and spyware Description The first digital attack is keylogging and spyware. This is a malware that is built to illegally obtain, track and block the right of a user to get access to the system. Example An example of this attack is where someone or an individual tries to log on to the system or a website like an email account but the system or the site fails to authenticate the user. Countermeasure To prevent this system administrators should establish a mechanism where if the user complaints of such issue the system should prompt the user by asking some questions relating to the account. The second attack is backdoor or command/control. These are weapons that give remote access that are created to divert the functionality of the system. SQL injection Description The other attack is SQL injection. This is a unique attack that targets the web pages of the system application. It cuts down the communication between the database and the system application interface. This attack is common in organization where system implementation is taking place. Example An example is a situation where an attacker alters the name of the database and hence disconnects it from the user interface. Countermeasure The best measure that can be used to curb this is by limiting the number of the people who has the right to manipulate the database activates and also the punishment that individual that uses a computer to physically hurt another person or tries to commit a felony with an aid of a computer is made severe. There was also a provision of extensive security to media group that gave hand to the police while carrying out the investigation while the vulnerable attacks that were frequent were blacklisted so that more security concern were availed in those areas (Middleton, 2005). Abuse of access rights Description Another attack that is very rampant is abuse of system access rights. This kind of attack is mostly executed by the employees in a company in and intention of vengeance or sabotage. Detecting such issue is cumbersome since the intrusion will be taking place internally and hence task tracking may be a challenge. Example The employees use his or her right to access the system to make alteration and modification of data with the intension of financial gains for example in an employee in the IT department of a water providing company can reduce the consumption figures of some specific accounts then liaise with the holders of those accounts for payment. Counter measure To combat all frauds that are related to inappropriate billing, the people that are authorized to enter the company’s data concerning the customers must exercise the professional ethics to the fullest. Individual that are given this assignment must have the appropriate integrity basing on the previous records. A body that vets such individual should be established. Such a body should be external and should randomly do the auditing to ensure that the way the vetted individuals execute their duties do not deteriorate with time. In addition, a rotational exercise should be in place to stop these individuals from getting acquainted with other employees in other departments and hence conspiracy is avoided. To stop this kind of digital attack, the company should put in place a tracking system which will compare each consumption figure with the average of the previous five or more months and hence gives an approximate value. In addition, the data security manager should utilize the advantages that the windows active directory has. The Microsoft windows group policy is applied in grouping the different categories of users that are supposed to get access to some particular information. It is a key component that gives specific setups for particular group of users. Login data hijacking Description Another type of attack that that mostly affects the system users who gives commonly known username and password as default credential is unauthorized access via default credential. Example A good example of this is where the system administrator in an institution put the name of the college as both username and password. This is very vulnerable to attackers because they capitalized the idea of using the default credentials that are related to the institution such as setting the password of accessing the wireless network of Aberdeen College as aberdeencollege. Anyone who knows come within the coverage and has the intention of cracking this password can succeed. Countermeasure To avoid this, the default credential should be unique as in; it should not be related to the name of the institution or the company ( Wall,2009). Breach of user policies Description The other attack is the violation of acceptable system user policies. In some companies, the system once logged in by the user will remain on till logged out. A user can negligently abandon the system while logged in and go out, this can give an opportunity to unauthorized person to access the system and facilitate any harmful event like altering the data with the intention of causing an embarrassment to the company or the owner. Example An example of this is where somebody forgets to log from his email account and another person comes and send abusive or vulgar mails to some group of people. This can be detriment to the user’s attribute because everybody believes that the message comes from the rightful owner of the account. Countermeasure To eliminate this attack, everybody should be careful while using such system by ensuring that the log out process has been affected anytime you can to quit from using the system. Unauthorized system access Description Another attack is where the culprits get illegal access to the system via weak ACLs or when the configuration of an ACL is done wrongly. This gives a loop hole to attackers to get access to the system and perform destructive task that can hinder the operation of a system or event can result to complete denial of services. Example An example of this is when junior staff get access to systems that are used by administrative staff. Countermeasure The measure that can be used to prevent this is basically ensuring that all access control are strongly and rightly configured and in case of any incident of attack, the punishment that individual that tries to commit a felony with an aid of a via this attack is made severe. There was also a provision of extensive security to media group that gave hand to the police while carrying out the investigation while the vulnerable attacks that were frequent were blacklisted so that more security concern were availed in those areas. Packet sniffing Description Another attack that mostly affects the data and information on transit is packet sniffing where the attacker tracks the data in the network and collect it. He can modify this data and send wrong data to the recipient or can divert the data causing denial of service. Example A situation where by the policy information or business transaction information of a company that is supposed to reach the stakeholders are redirected and send to the competing firm is a very good illustration. This can compromise data and information security in their business system in terms of confidentiality, integrity and availability. Information confidentiality enables the organization’s sensitive information to be a secret so that it does not fall into the hands of unauthorized persons for example the competitors. Information integrity ensures that the data that is stored is accurate and serves the purpose and is always up to date. Data availability enables information to be present any time the organization required. This is by preventing any vulnerability for example denial of service. This can give the competitor firm an avenue of bringing down the company by capitalizing on the weakness of the other company and at the same time enhancing its strength. Countermeasure The key way of ensuring security of data and information on transit is making sure that the laid networks devices are protected from any vulnerable attack like theft since breakdown in the physical network setup weakness give an opportunity to attackers. Ensuring that the intellectual property is secured is a significant factor. This is by using VPN and secure sockets layers to ensure data confidentiality, integrity and non-repudiation (Trevor, 2011) Impersonification Another attack that is very dangerous is where somebody’s credential are stolen and used to gain unauthorized access to the system by pretending to be the owner of those credential details. Example An example is where robbers takes the visa card of and individual and demands for the credential. They will then use this to withdraw cash from the ATM machines. Another example is where an employee in a bank steal his fellow employee’s username and password then use it to access the system then make fund transfer. The owner of that credentials will suffer without knowing the culprit since this attack also originate from inside the organization and hence difficult to detect. Countermeasure One method of combating this cyber-attack is by use of built-in fingerprint scanners that are integrated in the ATM machine. This has the ability to learn the user’s fingerprint so that anytime you need to log in, you identify yourself by placing you finger on the scanner and the laptop boots. In addition, some laptops have veriface. This software has the ability to recognizing the authorized user’s face (Salomon, 2007). Social engineering Description Social engineering is another attack that is more complicated since its origin is from the innocent person. This is a technique where the person is tricked into performing a computer operation that is harmful. Example The culprit can seduce the user for exampling telling him or her benefit that the person will get when he does such an activity. This method is mostly used by competitor firms where they convince the employee of the other competing firm to disclose information that is supposed to the top secret of the company. Countermeasure To stop this attack, employees in a company should be educated on the awareness of suck attackers and also significant of exercise the professional ethics to the fullest. Individual that are given this assignment must have the appropriate integrity basing on the previous records. A body that vets such individual should be established. Such a body should be external and should randomly do the auditing to ensure that the way the vetted individuals execute their duties do not deteriorate with time. In addition, a rotational exercise should be in place to stop these individuals from getting acquainted with other employees in other departments and hence conspiracy is stopped. Brute force attack Description The other attack is brute-force attack where someone with an intention of hacking the system tries a large number of usernames and passwords till he get the correct one. In addition, there software that is able to calculate the password by iterating through a very large database of credential details to come up with the correct password. Some attackers have universal password which crack all other passwords (Rittinghouse,2009). Example An example is where password is tried many times. In this situation, the attacer will try to access a given account which they are not authorised to do so. Some attacker uses authentication bypass methods where he or she can get access to the system without having to enter the credentials in order to authenticate him/her. This can be through a different IP address that routes the attacker via other links until he get access to the same system. Although this method is very hard to completely eliminate, its vulnerability can be stopped by use of firewall to filter the information that is outsourced to the public domain. Use of firewall is also necessary because there are some information that are supposed to be known by the management only hence the information that the other employees get should be filtered. In their network, there should be two firewalls: enterprise firewall and DMZ firewall that are used to facilitate data confidentiality by filtering the information that the some employee’s access. Physical theft of assets such as software, hardware and networking devices is another attack that can lead to denial of service. An example of this is where the network cables of a certain internet providing company are stolen every forth night. This resulted into the clients switching to the competing service provider. It was later realized that the loss of network cables were aided by the other competing company. Countermeasure Proxy authorship is the best way to curb the risk. Once individual identity details are recorded and well documented, he/she will fear to engage in any fraudulent activity because tracking can be done in case of any fraud. Any employee that uses the system must log on using a user name and password that expires every two weeks and should be renewed by making a request so that the administrator is aware. To stop this attack, the system developers should limit the number of attempt that one can enter the password before the system completely block. This can be enabled by using the GPO in the active directory where the system block by either redirecting the user interface of the system or completely hide. It can also make the form inactive or ask for verification using related questions The only way this can be stopped is by ensuring physical security of the laid network devices are protected from any attack like theft since breakdown in the physical network setup leads to denial of service. Ram scraper Description There is another new form of attack called ram scraper, this is a program or virus that targets the data that is contained in the ram with the intention of modifying it before being processed and completely deleting it. Example An example is when there is some information that is to be used by some authority or organisaiton that would like to modify for personal gain. Countermeasure This form of attack can be prevented by use of very powerful antivirus which can disintegrate the program. In addition, this malware are transferred via the internet therefore any document that is downloaded from the internet must be scanned for virus. Phishing Phishing is another form of social engineering which the attacker makes use of electronic communication to convince the person whom he is communicating to give the information that is supposed to be an intellectual property of the company. Example An example is where fraudster lures somebody to invest in business that does not exist with intention of defrauding that person in terms of finance. Countermeasure It can be eliminated by having in place the system that is records the identity details of that person so that tracking can be facilitated. Another one is electronic attack where electromagnetic energy is used to attack the user or assets with the intention of destroying the functioning of the system by either jamming or deception. It can be stopped by putting in place protective gears that barricade electromagnetic radiations. Attack on cars-the computerized devices that the car uses can be disabled by an attacking program. An example is where the driver’s input is ignored for example disabling brakes and stopping the engine. Can be stop by protecting the code not to get into the hands of unauthorized people. Social network attacks Description Social network attacks-this are virus and Trojan horses that takes one identity information. The latest are the ones that navigate the whole social network with the intention of obtaining and sending your social live information and hence expose to risk of social network-based pests. Example This form is when one person targets some profile of another person so that they can change or use it for personal gain. Countermeasure This risk can be eliminated using high level of proxy authorship. Web-cam phishing Description Webcam hacking-this are Trojan program that can run the webcam in the laptop. It will take photos and videos of the user and send via internet. Example Example is where VIP private life activities are exposed without his knowledge via this attack. Countermeasure To eliminate this, the webcam should have a shutter. Medical device attacks- this is where the culprit send an attacking code that hinders the functionality of life saving devices; for example sending a program that will disable the ICU equipment in a hospital. This attack can be prevented by ensuring that the code for embedded software that run these devices are kept as intellectual; property. iPhone attacks description The other attack is the one that targets the iPhones and cell phones that uses android operating system including VOIP. Example The attacker capitalizes on the weaknesses of having to zip the content of the program to enable it to be accommodated by the small memory. This is because the program neglects some coding that though not a must is needed to ensure maximum security of the data (Cardwell, 2007). Countermeasure To eliminate this attack the developers of android application programs and operating system should include the usability component of ensuring security of the information since it can be adverse to the business. This can be facilitated through PGP. This is a mechanism that ensures security by splitting the text that is send to the devices that have limited memory and implementing the appropriate cryptography. Classification All these vulnerability attacks can be classified into the following as per the risk sensitivity, occurrence and severity. Invalidated input: this covers all the attacks that target the information and files that are exchanged via the internet such as keylogging, Phishing, Social network attacks and proxy authorship (Rittinghouse,2009). Broken Access Control are all the attacks that targets the authentication of a user like credential theft, unauthorized access via default credential and brute-force attack Broken Authentication and Session Management though taken as a sensitive attack can be disastrous if the involved field is sensitive like the case of bank where finance can be transfers without the knowledge of the Man-in-the-Middle Attack covers all the attacks that are operating on the networks with the intension of modifying the information or data on transit. Denial-of-Service Attack involves all the attacks that are driving at stopping the user of the system or even the network from getting the intended service. Example is ram scraper, this is a program or virus that targets the data that is contained in the ram with the intention of modifying it before being processed and completely deleting it. This form of attack can be prevented by use of very powerful antivirus which can disintegrate the program. Compromised-Key Attack for example authentication bypass methods where he or she can get access to the system without having to enter the credentials in order to authenticate him/her. This can be through a different IP address that routes the attacker via other links until he get access to the same system. References Middleton, B. (2005). Cybercrime investigator's field guide. Auerbach Publications. Ransome, J., & Rittinghouse, J. (2009). VoIP security. Digital Press. Rosenberg, R. S. (2006). The social impact of computers. Emerald Group Publishing. Salomon, D. (2007). Data privacy and security. Springer. Trevor, J. (2011). Cyber Attack: Improving Prevention and Prosecution" Hearing Before the Subcommittee on Technology, Terrorism. General Books. Wall, D. (2009). Crime and the Internet. Routledge. Wiles, J., & Cardwell, K. (2007). The best damn cybercrime and digital forensics book period. Syngress. Yar, M. (2006). Cybercrime and society. SAGE. Read More