Professional Documents
Culture Documents
CNSC Module - 1.1
CNSC Module - 1.1
CNSC Module - 1.1
Text Book:
Cryptography, Network Security and Cyber Laws –
Bernard Menezes, Cengage Learning, 2010 Edition
MODULE – 1.1
INTRODUCTON
CYBER ATTACKS
• MOTIVE:
– What are the main goals of an attacker/hacker?
– The thrill of mounting a successful cyber attack
has motivated enough hackers.
– Hacking is a process of gaining unauthorized
access to any system with an intent to read/write
or delete data.
CYBER ATTACKS
• TYPES:
– Theft of sensitive information ( New product
details, military plan and details)
– Disruption of service (organizations server’s
unavailable or inaccessible: e-commerce sites)
– Illegal access to or use of resources (free access to
paid service)
COMMON ATTACKS
• PHISHING AND PHARMING ATTACKS: attacks those
attempt to retrieve personal information from an
individual.
– lures its victims to a fake website (Bank websites and
reveal sensitive information)
• SKIMMING ATTACKS: Personal info leaked out of
credit cards, smart cards and ATM cards.
– Side channel attacks- attempt to deduce sensitive info
from lost or stolen cards through advanced power and
timing measures.
COMMON ATTACKS
• EAVESDROPPING or SNOOPING: Leakage of info
on the link between two communicating
parties.
• DICTIONARY ATTACKS: means intruding into a
computer system by password-guessing attacks.
• All of the above mentioned forms are of
‘Identity theft’ – goal is to impersonate his/her
victim.
COMMON ATTACKS
• DENIAL OF SERVICE (DOS): Interruption or
disruption of computing services
– Exhaust the computing power, memory capacity
or communication bandwidth of their targets such
that they become unavailable.
• ATTACKS CAUSED BY MALWARE: Worms and
viruses are malware that replicate themselves.
– Virus typically infects a file, so virus spreads from
one file to another
COMMON ATTACKS
– A worm is a standalone program that infects a
computer, so worm spreads from one computer to
another
– Media is the propagation vector for worms and
viruses.
• TROJAN: is a kind of malware that masquerades
as a utility but has other insidious goals such as
modification of files, data theft etc.
• SPYWARE: installed on a machine can be used to
monitor user activity and as a key logger to
recover valuable info.
COMMON ATTACKS AND VULNERABILITIES:
VULNERABILITIES
• Vulnerability is a weakness in a procedure,
protocol, hardware or software within an
organization that has the potential to cause
damage.
• There are four vulnerability classes in the domain
of security:
1. HUMAN VULNERABILITIES: induced by human
behavior or action. EX: User clicks on link in an email
received from questionable source. Phishing attack or
cross-site scripting attack.
VULNERABILITIES
• PROTOCOL VULNERABILITIES: A no. of
networking protocols used in LAN’s have
features that have been used in unanticipated
ways to craft attacks.
– Pharming attacks (DNS Cache poisoning) and
various hijacking attacks (Domain hijacking)
– Vulnerabilities in design of security protocols lead
to man-in-the-middle or replay attacks which lead
to identity theft, compromise of secret keys etc.
VULNERABILITIES
• SOFTWARE VULNERABILITIES: sloppily written
system or application software with instances as
follows:
– Buffer overflow scenario not considered
– Insufficient validation of user input which can lead to
cross-site scripting vulnerability.
– An attacker will type a part of SQL Query and if the
Query is not validated the result could be obtaining
credit card details! Thus causing SQL Infection
vulnerability.
VULNERABILITIES
• CONFIGURATION VULNERABILITIES: this relates
to configuration settings on a newly installed
application, files etc.
– Read-write-execute permissions on files can be
susceptible to abuse/attacks
– Privilege escalation attacks – privilege assigned to a
process may be higher than what it should be to
carry out a task
– Misconfiguration of firewalls may have devastating
effect.
DEFENCE STRATEGIES AND TECHNIQUES