In a previous post, “9 Sources of Cyber Threats Highlighted in GAO Report,” Pat Fiorenza discussed Table 1 of GAO’s report Cyber Security: National Strategy, Roles, and Responsibilities Need to Be Better Defined and More Effectively Implemented, describing the various types of attacks that vulnerable users can fall victim to. In this blog, I will continue off of that and briefly explain some of the other methods that attackers use to gain information and corrupt data from Table 2 of the report.
11 Sources of Cyber Threats Reports by GAO
1. Cross-Site Scripting: GAO describes this as “An attack that uses third-party web resources to run a script within the victim’s web browser or scriptable application.” Users can fall victim to this when visiting malicious websites or links. By visiting these sites, victims allow the attacker to potentially “steal cookies… log keystrokes, and capture screenshots,” leaving sensitive information vulnerable for exploitation.
2. Denial-of-Service: This attacks prevents the user from gaining authorized access to networks, systems, or applications by using-up resources.
3. Distributed Denial-of-Service: An attack similar to the denial-of-service, but “uses numerous hosts to perform that attack.”
4. Logic Bombs: According to GAO, a logic bomb is “A piece of programming code intentionally inserted into a software system that will cause a malicious function to occur when one or more specified conditions are met”
5. Phishing: Attackers using this method send out fake but realistic looking emails that request information or send the victim to a fake website that also requests information.
6. Passive Wiretapping: This method is accomplished by monitoring or recording data “such as passwords, transmitted in clear text while they are being transmitted over a communications link” without affecting the data.
7. Structured Query Language Injection: This attack “involves the alteration of a database search in a web-based application, which can be used to obtain unauthorized access to sensitive information in a database,” says GAO
8. Trojan Horse: A Trojan horse appears to look like useful programs, but hide malicious functions that are usually missed by security programs.
9. Virus: One of the most well-known cyber-attacks, a virus is a computer program that replicates itself and infects the computer without the user’s knowledge. It potentially can “corrupt or delete data on a computer, use e-mail programs to spread other computers, or even erase everything on a hard disk.” However, a user must (unknowingly) release the virus, unlike a worm.
10. War Driving: This is accomplished by driving through populated areas with a wireless computer searching for unsecured wireless networks.
11. Worm: A “self-replicating, self-propagating, self-contained program that uses network mechanisms to spread itself” all without needing human involvement.
Source: GAO analysis of data from the National Institute of Standards and Technology, United States Computer Emergency Readiness Team, and industry reports.
Though many of these types of attacks seem familiar, we must recognize that even the most common of cyber attacks pose greater threats than they ever had. The average person stores countless personal details online including addresses, phone numbers, credit card information, banking information as well as many other pieces of information that can give an attacker access to the most important parts of our lives. Individuals are not the only potential victims; government agencies must also be diligent in educating employees and protecting cyber assets to prevent security breaches and loss of sensitive data.
What are you doing to protect yourself from an attack?