Information Systems: Week 5

Types of Attack

Social Engineering:

• Use social pressures deceive computer users into compromising computer network security.
• Hacker exploits user's desire helpful, trust (naivety) + fear getting trouble.
• Common example use telemarketing ploy (Phishing + email scams).

Malware 

• Viruses, Worms, Trojan horses
• Email most common malware vector also from altered programs via e.g. cracks.

Watering Hole

• Computer attack strategy, which victim part particular group.
• Attack = attacker guesses/observes which websites group often uses + infects 1/+ them malware.
• Eventually, some member targeted group gets infected.

Types of Attack: Part 2

Man-in-the-middle

• Type cyberattack malicious actor inserts him/herself conversation between 2 parties.
• Impersonates both parties + gains access info 2 parties trying send each other.

SQL Injection

• Structured Query Language e.g. SELECT column1, columi.
• Injection attack wherein attacker executes malicious SQL statements control web application's database server.

Hacking 

• Definition: 'The activity of illegally using a computer to access information stored on another computer system/spread a computer virus.'
• Evolved from Phone Preaking - Cap'n Crunch + 2,600hz + Blue Boxes.
• Most common hack through social engineering = Finding/guessing password.

Types of Attacks

Password Attacks: How passwords stored? Hashing...

• Passwords encrypted, using encryption standard e.g. MD5/SHA-1, produce fixed length 'hash'.
• Is 1-way + only hash stored (+ user ID).
• Login = password enter encrypted + resulting hash compared against stored hash.
• Hashes stored databases/text files.

Denial of Service (DoS) + Distributed Denial of Service (DDoS)

• Attack aimed deny users access computer system (usually website).
• (DDoS): Attack from network compromised computers specific date/time.
• Example: Attack website where flood data packets sent target computer + overload resources.
• Examples: Bots, zombies, botnets.

DDoS Attacks

• Mirai malware turns networked devices running Linux remotely controlled 'bots' used part botnet large-scale network attacks.
• Primarily targets online consumer devices e.g. IP cameras + routers.

Ransomware

• Attack encrypts data, forcing (digital) payment decryption key.

Revil (Sodinokibi)

• Is/was Ransomeware-as-a-service (RAAS) operating out Russia 2020-2021.
• Recruits affiliates distribute code.
• Splits revenue generated ransom payments.