Technical and Non-Technical Threats to Organizations

Technical and Non-Technical Threats to Organizations

Several threats to organizations are capable of doing large damage. These are either technical or non-technical (environmental, human, and procedural).

Technical Threats

  • Botnets: A botnet is a collection of hacked computers operated by cybercriminals. Bot herders scan for vulnerabilities, infect systems, and use them for malicious activities, such as DDoS (Distributed Denial-of-Service) attacks. EG the Mirai botnet in 2016 that infected IoT devices, leading to a massive DDoS attack.
  • Denial-of-Service (DoS) & Distributed Denial-of-Service (DDoS) Attacks: These attacks overwhelm a system with requests, making it unavailable for the average person to use, it can be:
    • Application-layer flooding: In this attack type, an attacker simply floods the service with requests from a spoofed IP address in an attempt to slow or crash the service
    • Unintended DoS (accidental overuse)
    • DDoS (many computers attacking one target) EG The 2018 DDoS attack on GitHub flooded the site with 1.35 Tbps traffic.
      • Mitigation: Firewalls, anti-DDoS software, network traffic analysis.
  • Hacking:
    • Cross-Site Scripting (XSS): Injecting malicious scripts on trusted sites. Mitigation: Input validation, secure cookies.
    • Password Cracking: Cracking passwords with software. Mitigation: Secure password policies.
    • SQL Injection: Placing bad SQL code in databases. Example: 7-Eleven hack exposed 130 million credit card numbers. Mitigation: Secure coding standards.
    • Waterhole Attacks: Contaminating widely used areas (e.g., coffee shops' Wi-Fi). Mitigation: Avoid public Wi-Fi, use VPNs.
    • Fake Wireless Access Points (WAPs): Setting up rogue Wi-Fi hotspots to intercept data. Mitigation: Use VPNs, avoid foreign networks.
    • Eavesdropping: Passive interception of data (emails, calls). Mitigation: Use encrypted communications.
    • Clickjacking: Hiding malicious buttons on legitimate sites. Mitigation: Firewall HTTP scanning.
    • Cookie Theft: Stealing session cookies to impersonate users. Mitigation: Secure HTTPS encryption.
    • Bait-and-Switch: Tricking users into installing malware through fake ads. Mitigation: Download from trusted sources only.
  • Malware Attacks:
    • Viruses: Replicating code that spreads over networks.
    • Trojans: Malware pretending to be legitimate software.
    • Worms: Self-propagating malware that spreads automatically.
    • Remote Access Trojans (RATs): Allow attackers remote control of a device. Example: FlawedAmmyy RAT.
    • Keyloggers: Record keystrokes to steal passwords. Example: Wolfeye Keylogger.
    • Ransomware: Encrypts and demands money to decrypt. Example: WannaCry hit UK's NHS in 2017.
    • Spyware: Quietly collects data from infected systems. Example: CoolWebSearch.
    • Adware: Displays intrusive pop-ups and collects user data. Example: Fireball infected 250 million machines.
    • Mitigation: Antivirus, OS patching, good browsing practices.
  • Malicious Spam Attacks:
    • Phishing: Fake emails tricking users into providing credentials. Example: Netflix account suspension phishing.
    • Spear Phishing: Targeted attacks that impersonate known contacts. Example: Fake Microsoft 365 login page phishing.
    • Smishing: SMS message-based attack. Example: Fake banking alert.
    • Vishing: Voice phishing attacks. Example: Fake government calls for personal info.
    • Pharming: Redirecting users to fake sites. Example: Fake banking website.
    • Buffer Overflow: Overflowing memory buffers to execute malicious code. Mitigation: Secure coding practices.

Non-Technical errors

  • Human Error: employee mistakes can lead to security breaches. Examples: Opening a phishing email, security setting misconfiguration. Mitigation: Employee training, good policies, regular audits.
  • Malicious Employees: insiders misuse their access for personal gain. Examples: Selling company data, leaking trade secrets. Mitigation: Employee monitoring, strict access controls, security training.
  • Disguised Criminals & Social Engineering: attackers impersonate employees or contractors to gain access. Examples: Fake electricians entering secure areas. Mitigation: Strict ID verification, background checks.
  • Natural Disasters: Floods, earthquakes, and fires disrupting IT facilities. Mitigation: Data backup, disaster recovery plan, cloud storage.

Comments

Post a Comment

Popular posts from this blog

ESP overview

  task number  focus  No. Of hours  Marks allocated  1  Trouble shooting and test planning  2 hours 30  22  2  Interview and communication  2 hours 10  12  3  Project proposal  4 hours  24  4  Post project review  3 hours 30  12    Task uno:  This focus on trouble shooting a fault based on a specified problems/issues and designing a test plan.   The troubleshooting document should include:  User details   Test dates  Computer specs and software  Proposed tests and expected outcomes   Record of diagnosis  The test plan should include:  Administrative details E.G. dates names.  Test dates   Hardwear specs and software   Actual and relevant tests carried out in a logical order including images/diagrams  Full and complete details of expected outcomes  Remedial action required   Task d...
Read more

Stakeholder roadmap

 A stakeholder roadmaps provides an overview of the main components of the project, it will include objectives, deliverables, milestones, resources, and timelines, and is used to show these to stakeholders as well as keeping stakeholders in the know of operations. unlike a project plan, it does not include day to day tasks or a detailed view of roles, only a quick overview to catch stakeholder interest Project timelines timelines show what phases of the project are complete, current, and to do they are used to keep track of different project tasks they include: start and end date of tasks the task duration who is assigned the task task dependencies (if it relies on another task being complete) they are important as they: a central area to display all tasks and project management phases provide a simple representation of the project to make it easier to understand allow team members to focus on important tasks help promote improved time and resource management  Linking pro...
Read more

hw 12/5

Test yourself 241  A botnet aims to take control of digital systems. It is a type of malware that allows a cyber security attacker to take control of someone's system without their knowledge.   The aim of a DOS attack is to make a network inaccessible to users. It does this by flooding the network with traffic which in turn slows its speeds down to a point where it is basically unusable.  One of the main differences between a DOS attack and a DDOS attack is a DDOS attack tends to use multiple devices to try and infiltrate a network. The types of networks that are usually under threat from these would be ones like websites, banks, and payment websites.   Some of the main websites that are targeted by DDOS attacks would be ones like banks and payment websites.   Test yourself 242 One way of trying to find a password is using a dictionary software. This goes through some of the most common passwords and trying them when trying to get access to the account....
Read more