Unit 9 Assignment 1: List Phases of a Computer Attack
Reconnaissance and Probing
This deals with doing your homework. Researching your target is the most important part of an attack. Once your target has been pick out, probing for possible vulnerabilities within their network is performed. With the use of common tools found on the internet like DNS and ICMP, Standard and customized SNMP tools, Port scanners and port mappers, and Security probes to exploit a potential target.
Gaining Access
Get in the front door or even the back is the one of the main goals if not the goal. But once in, determining what is important to you as an attacker is what you would go for. Things like: financial records, social security numbers, secret recipes, anything
…show more content…
This particular program is a Windows Trojan but what makes it unique is that it does not rely on the presence of a Windows binary file (an executable file on disk) to maintain its infection of a computer (Information on malware known as Poweliks, 2014).
A common method of infection of a Windows computer is for a 'dropper' program to be run on a computer that then downloads a 'payload' file which actually does the malicious work. The initial dropper file is usually programmed to delete itself to avoid detection. The payload file would then remain active on the computer and is programmed to carry out certain tasks (e.g., pop-up adverts, warnings that you are infected and need to buy protection (scareware), encrypt personal files and demand a ransom for unlocking them (ransomware), contacting a command and control server to await 'orders' for exactly what to do, etc.) In this more common scenario, because the payload file has to remain active so Sophos AV can easily acquire a sample of the file and see if prevention from infection is already covered (e.g., in Sopho's existing library of file detection, or through our intelligent heuristic detection methods). If required an update can be published and Sophos users who enable Sophos Live Protection are immediately protected - those who disable Live Protection with receive the update (along with Live Protection users)
“Attack the Block” is a British film consisting of many genres including science fiction, horror, action and comedy, written and directed by Joe Cornish. Released in 2011, the film revolves around a major theme, demonstrating that all actions have consequences, but it also mentions a bit of redemption, as the characters must save themselves from evil creatures, as well as save London. The film also has plenty of commentary about perceptions and attitudes towards class and the police in England. We see how the police leap to conclusions and unerringly arrest the wrong people for the wrong reasons. “Attack the Block” highlights the disenfranchised immigrant youth in England surviving according to the rules and laws of their “Block”. They are already profiled as criminals due to how they look and where they live. They have to follow the rules of their environment in order to live their lives normally or even to survive day to day.
* Perform a vulnerability assessment scan on the targeted IP subnet to discover what the weakest link in the system.
On September 24, 2010, a laptop was stolen from an unlocked Urology office at the Henry Ford Health Systems hospital. The laptop did contain password protection software; however, it may not have been enough to permit access if the thief had advanced knowledge in computers. Additionally, the information stored on the laptop did not include social security or health insurance information, but instead held “patient names, medical record numbers, dates of birth, telephone numbers, e-mail addresses, and treatment and doctor visits” (Moscaritolo, 2010, p. 1). It is unknown how many records were contained on the laptop, but all records were related to prostate services that were provided during an eleven year span.
Let’s say user (A) download an execution file (EXE) on his-her PC and double click on that file, if this file is infected the virus works based on the written code by the hacker/ attacker/ intruder and copy some files into the system. In case, user (A) does not have virus protection, the virus works perfect in destroying that computer or sending information from this computer to the attacker email. Viruses not only designed to destroy PC’s, but also designed to get information from
Rootkit – Rootkit is a software that is downloaded onto a computer to ide the compromised operating system. This can allow other viruses or malware to come and make it look like it’s a necessary file for the computer. Even if you use an anti-virus, it will look at it but will think it’s a necessary file for the computer. The longer the rootkit is installed the harder it is to undo the damages
3. The reconnaissance phase can have many different faces, and depending on the goal of the attacker, various tools and applications can be used. Nslookup can be used to look up all the available host on a
Threat can be divides into 4 various types. The first type is classic threat which is not only threat for OSN user but also threat for the user who plays the internet without the OSN user. The second type is modern threat which is the unique threat for their privacy and security of OSN user. The third threat is combination threat which is the combination of today’s threat, what things that attacker can do? , What thing that attacker often do. The fourth type is threat targeting for children which is the threat specify target for children who use social network.
If the software is not up-to-date it will likely not have the most recent security threats in its database to look for when scanning, basically it will just think that an infected file is safe and not catch it, leaving it to continue to threaten and cause the system harm.
The threat kill chain reveals the stages of a cyber attack from early reconnaissance to the goal of information exfiltration. The kill chain can also be used as an organizational tool to help continuously improve network defense (Kill Chain). Threats must progress through seven stages of the model; the first stage is reconnaissance. Reconnaissance occurs when the attacker does a background check on the target before attacking them. Most reconnaissance is accomplished with the help of the Internet and social media accounts. The second stage is the weaponization phase. In this phase, the attacker creates a remote access
Prompt: As a company officer, what does “transitional attack mean to you, and how will it affect your tactics?
* Suggest three (3) penetration testing methods that you would use for a small day care business. Provide a rationale to support your response. Note: The day care is located in the heart of downtown, currently uses a Website, databases, file servers, printers, both wireless (802.11x) and Ethernet access to the Internet, and card readers for physical entry for its employees.
There are numerous purposes behind the physical demolition by the Digital assault. There is no uncommon race for digital assault, anybody can do this assault. The private part, open area, scholastic everybody is defenseless about digital assault. In 40 years prior, the first message was sent from the machine UCLA to machine in the Stanford they were logged in initial two letters the machines were smashed. Today, over a 2 billion clients utilize 9 billion gadgets to convey 145 billion Messages every day. With the increment in the web use the digital assaults are relatively expanding, another infection or malware is being made at regular intervals.
Computer viruses are minute program which is “embedded inside an application or within a data file which can copy itself into another program“(Adams et al, 2008 ) for the sole determination of meddling with normal computer operations. The consequences may range from corruption and deletion of data; propagation of virus on to network and deployment through attachments through emails in order to further creating havoc to all associated computing devices.
Faults are a precise interaction of hardware and software that can be fixed given enough time.
The bottom-up approach lacks support from upper management. The top-down approach offers more upper management support with more funding plus clear planning.