Summary
With the development of innovations in the sphere of IT, new opportunities have been discovered, opening a path to even more impressive progress. However, apart from the creation of useful tools and programs, the specified change has also entailed the emergence of new malware for corrupting or stealing users’ data. Learning about common networking attacks will help to increase the level of preparedness in average users, thus securing their personal information and well-being.
A Quick Description
DoS (Reflective, Amplified, Distributed)
A denial-of-service (DoS) attack is a networking attack aimed at opening DNS resolvers so that a criminal could overload a specific server by increasing the amount of loaded information exponentially, thus rendering it irresponsive. A DoS attack is performed by sending a multitude of minor queries to the selected server. The described approach disrupts its infrastructure, causing the server to stop functioning. The Six Banks Attack remains one of the most notorious DoS attacks ever performed due to its scale and effect. Setting the functioning of multiple banks to a halt, the specified attack generated 60 gigabits per second (Sarker, Sarker, Podder, & Alam, 2020).
Social Engineering
Implying that attacks occur during interpersonal interactions online, social engineering attacks have become nearly ubiquitous despite the enhanced level of security established by major social networks. During a social engineering attack, a perpetrator may use a variety of approaches, yet most of them boil down to the analysis of the target victim by using security loopholes and establishing trust-based relationships. Afterward, a perpetrator encourages a victim to share their personal information, causing the latter to disclose details of access to financial and other types of valuable resources. An example of an ostensible bank office worker addressing an individual via social network to elicit personal information has become notorious recently (Conteh & Schmick, 2016).
Insider Threat
As the name suggests, an insider threat represents itself as the security issue coming from within an organization. Traditionally, the insider threat comes from an employee that has access to sensitive information about the organization or its members. By misusing the opportunity o access the said data, an employee in question represents an insider threat as a high probability of security breach. It should be addressed that several types of insider threat are identified, including malicious (a criminal intent is present), careless (security breach caused by negligence), and a mole (an outsider gaining an insider privilege). The case of Facebook, whose employee used sensitive data to stalk women online, is by far the most egregious example of an insider threat attack (Usmani et al., 2017).
Logic Bomb
The use of malware is quite common in networking attacks, of which the logic bomb is an accurate representation. A logic bomb is a subset of malware that is activated once a specific logical condition is met. For instance, once a specific process is completed, a certain software is activated a specific number of times, or a planned event occurs, the malware starts running. The logic bomb activated in South Korea in 2013 was one of the most destructive instances of the specified malware being launched. Blocking the use of ATMs across the state, the malware stirred a minor financial crisis (Dusane & Pavithra, 2020).
Rogue Access Point
The concept of a rogue access point is fairly simple as it means installing a point of access to a network bypassing its administrator. While a rouge access point may not necessarily be installed by a perpetrator, it is typically used to access users’ personal data. It is particularly disturbing that the rogue access point attack offers a distance access. Although there have been few cases of rogue access point attacks, workplace platforms for networking have been proven particularly vulnerable to it (Alotaibi & Elleithy, 2016).
Evil Twin
The phenomenon of the evil twin attack is frequently conflated with the misuse of a rogue access point, yet there is a distinction between them. Typically used in wireless networks, the evil twin attack implies creating an imposter Wi-Fi network that appears to be a trustworthy point of access. However, after connecting to it, a user will have their information stolen. As a rule, evil twin attacks are used for eavesdropping or stealing financial information, such as the number and PIN of a user’s credit card (Seo, Cho, & Won, 2020). For example, a hacker may set up a fake LAN network to create an access to Wi-Fi, which will allow the hacker to access private information that users will submit when using the network in question.
War-Driving
Representing the next step in using compromised Wi-Fi networks to elicit users’ private data, war-driving suggests that hackers modify the specified Wi-Fi sources manually. Specifically, when setting up a crime, perpetrators usually drive around with the tools allowing them to locate loopholes in network security. Currently, scanning for insecure networks is also utilized as one of the main war-driving techniques. As a rule, tools such as a mobile device, a Wi-Fi card and an antenna, or a GPS system are utilized. However, several software tools for war-driving have also been devised lately. IBM’s 2019 war-shipping could be considered a modification of a war-driving attack (Górski, Marzantowicz, & Szulc, 2017).
Phishing
Being, perhaps, one of the oldest types of networking attacks, phishing still produces impressive results despite multiple warnings and infamous cases. Phishing traditionally means retrieving sensitive data by masquerading a letter containing malware as an email from a trusted resource. The phishing attack that Sony suffered in 2015 reached global notoriety and could be seen as one of the most accurate representations of phishing (Adebowale, Lwin, Sanchez, & Hossain, 2019).
Ransomware
The phenomenon of ransomware has gained relevance comparatively recently. However, it has already gained quite large notoriety due to its destructive effects. Ransomware is defined as software that masks as rather innocuous one. However, as soon as a user launches it, it encrypts files on the user’s computer, demanding a specific amount of money for decryption. The specified type of attacks has seen a tremendous rise in recent years, with WannaCry, Better_Call_Saul, Reveton, and CryptoLocker being the most infamous ones (Trautman & Ormerod, 2018).
DNS Poisoning
In its essence, DNS poisoning constitutes the idea of turning the traffic from trustworthy sites to the ones containing malicious software and other threats. In the instance of DNS poisoning, a user is taken from the webpage that they try to access to a substitute one, where potentially harmful content is located. DNS spoofing and DNS cache poisoning are the most common types of DNS poisoning. The former implies redirecting domain traffic by disguising false server destinations as legitimate ones. In turn, the latter suggests that the fraudulent DNS address is placed into the local memory cache. A 2011 DNS poisoning attack in Brazil was one of the most notorious cases of the described networking attack (Assolini, 2011).
Brute Force
The use of the brute force attack implies submitting passwords at a very fast pace in an attempt to locate the correct word, phrase, or combination of symbols. The specified approach is the most basic one, which means that it requires the greatest amount of time and resources. The use of brute force might seem as very blunt, yet it proves to be quite effective. A 2016 brute force attack on Alibaba.com put its users in jeopardy and was regarded as the most notorious instance of online data theft (“Brute-force attacks affects millions of Alibaba accounts,” 2016).
Exploits vs. Vulnerabilities
Due to the existence of vulnerabilities in network systems, they are exposed to many threats, including exploits, or attacks that take advantage of the loopholes in question. By creating a code that targets a specific loophole in the network security, a hacker creates an exploit that will help to obtain users’ personal data. The vulnerabilities discovered in Android applications in 2019 can be considered a typical case of vulnerabilities vs. exploits case (Garg, Singh, & Mohapatra, 2019).
Conclusion
Helping users to recognize typical networking attacks, one will be able to increase the extent of preparedness among them, contributing to a rise in their data security. Therefore, learning about the typology of networking attacks and the key specifics thereof, one will be able to increase awareness. Moreover, the understanding of how networking attacks are administered provide users with a chance to gain better knowledge of the principles of IT security. Finally, studying the existing methods of networking attacks will show the main loopholes in the security system, inciting possible change.
References
Adebowale, M. A., Lwin, K. T., Sanchez, E., & Hossain, M. A. (2019). Intelligent web-phishing detection and protection scheme using integrated features of Images, frames and text. Expert Systems with Applications, 115, 300-313.
Alotaibi, B., & Elleithy, K. (2016). Rogue access point detection: Taxonomy, challenges, and future directions. Wireless Personal Communications, 90(3), 1261-1290. Web.
Assolini, F. (2011). Massive DNS poisoning attacks in Brazil. SecureList.com.
Brute-force attacks affects millions of Alibaba accounts. (2016).
Conteh, N. Y., & Schmick, P. J. (2016). Cybersecurity: risks, vulnerabilities and countermeasures to prevent social engineering attacks. International Journal of Advanced Computer Research, 6(23), 31.
Dusane, P. S., & Pavithra, Y. (2020). Logic bomb: An insider attack. International Journal, 9(3), 3662-3665. Web.
Garg, S., Singh, R. K., & Mohapatra, A. K. (2019). Analysis of software vulnerability classification based on different technical parameters. Information Security Journal: A Global Perspective, 28(1-2), 1-19.
Górski, T., Marzantowicz, K., & Szulc, M. (2017). Cloud-enabled warship’s position monitoring with blockchain. In Smart innovations in engineering and technology (pp. 53-74). Springer.
Sarker, B., Sarker, B., Podder, P., & Alam, M. R. (2020). Progression of internet banking system in Bangladesh and its challenges. International Journal of Computer Applications, 975, 8887.
Seo, J., Cho, C., & Won, Y. (2020). Enhancing the reliability of Wi-Fi network using evil twin AP detection method based on machine learning. Journal of Information Processing Systems, 16(3), 541-556.
Trautman, L. J., & Ormerod, P. C. (2018). Wannacry, ransomware, and the emerging threat to corporations. Tenn. L. Rev., 86, 503-556.
Usmani, W. A., Marques, D., Beschastnikh, I., Beznosov, K., Guerreiro, T., & Carriço, L. (2017, May). Characterizing social insider attacks on Facebook. In Proceedings of the 2017 CHI Conference on Human Factors in Computing Systems (pp. 3810-3820). Association for Computing Machinery.