Sunday, May 16, 2010

Classifying Cyber terrorism Attacks


In this post I am going to share information about different kind of attack which may happen and classifying them into different categories. As I talked about different kind of hackers and attackers in previous post in this post it is better to discuss about the ways and strategies which have been used by hackers and cyber terrorists that they apply in order to attack their victims.

At any rate, cyber attacks have now become threats that system administrators and webmasters need to guard against.

There are five forms of attacks commonly used against computers and networks, according to Aaron Turpen, in his article 'Hacker Prevention Techniques.'

1. Distributed Denial of Service (DDoS) attacks:

security that unwittingly become hacker accomplices). This kind of attack focuses on open ports and connections in the network or system. They undermine the network by flooding it with req Usually aimed at networks by third party systems (typically, compromised systems lacking uests, thereby causing one or more systems and their resources to shut down or crash

2. Trojan Horse:

Software disguised as something else (typically useful shareware or freeware) and so are installed in your system consciously. it either contains a "back door," (which allows others to enter your system, and do what they want with it, while you're using the software), or a "trigger," (sets itself off when triggered, either by a date or a time or a series of events, etc., and cause your system to shut down or attack other computers.

3. Virus:


It is one the most common attacks. Primary concern is to replicate and spread itself, and then destroy or attempt an attack on the host system. Examples include: I Love You; Crazy Boot, Cascade; Tequila; Frodo

4. Websites - malicious sites that use known security holes in certain Web technologies to trigger your web browser to perform unwanted functions in your system (ex. an older version of ActiveX had a "hole" that allowed content in any one folder or directory on your hard drive to be automatically uploaded to a web directory or emailed to a receiver)

5. Worm:

It consumes resources (quietly) until the system finally becomes overloaded and ceases to function. It is a combination of a DDoS and a virus attack. Usually reproduces as often as possible to spread as widely as they can. Typically built for a certain type of system and is benign to all other. This attack commonly aimed at larger systems (mainframes, corporate networks, etc.); some are built to "consume" data and filter it back out to unauthorized users (i.e. corporate spies)

After classifying these attacks I would like to mention a real case study which happened in year 2009.

In March, 2009, researchers in Toronto concluded a 10-month investigation that revealed a massive cyber espionage ring they called Ghostnet that had penetrated more than 1,200 systems in 103 countries. The victims were foreign embassies, NGOs, news media institutions, foreign affairs ministries, and international organizations. Almost all Tibet-related organizations had been compromised, including the offices of the Dalai Lama. The attacks used Chinese malware and came from Beijing.

The truth is, practically anyone connecting to the Internet is vulnerable to being hacked, infiltrated by a Trojan horse or attacked by a virus or worm. Thus, there is a need to be proactive when it comes to protecting your system from such attacks.


No comments:

Post a Comment