Information Security Threats and Attack Vectors

Information

Information Security Threats and Attack Vectors – There are various categories of information security threats, such as network threats, host threats, and application threats, and various attack vectors, such as viruses, worms, botnets, that might affect an organization’s information security.

This section introduces you to the motives, goals, and objectives of information security attacks, top information security attack vectors, information security threat categories, and the types of attacks on a system.

Information Security Threats and Attack Vectors

Attackers generally have motives (goals), and objectives behind information security attacks. A motive originates out of the notion that a target system stores or processes something valuable, which leads to the threat of an attack on the system. The purpose of the attack may be to disrupt the target organization’s business operations, to steal valuable information for the sake of curiosity, or even to exact revenge.

Therefore, these motives or goals depend on the attackers’s state of mind, his/her reason for carrying out such an activity, as well as his/her resources and capabilities. Once the attacker determine his/her goal, he/she can employ various tools, attack techniques, and methods to exploit vulnerabilities in a computer system or security policy and controls.

Attacks = Motive (Goal) + Method + Vulnerability

Motives behind information security attacks

  • Disrupting business continuity
  • Performing information theft
  • Manipulating data
  • Creating fear and chaos by disrupting critical infrastructures.
  • Bringing financial loss to the target
  • Propagating religious or political beliefs
  • Achieving state’s military objectives
  • Damaging reputation of the target
  • Taking revenge
  • Demanding ransom

Information Security Threats and Attack Vectors

Top Information Security Attack Vectors

Below is a list of information security attack vectors through which an attacker can gain access to a computer or network server to deliver a payload or malicious outcome.

Viruses and Worms

Viruses and worms are the most prevalent networking threats, capable of infecting a network within seconds. A virus is a self-replicating program that produces a copy of itself by attaching to another program, computer boot sectors or document. A worm is a malicious program that replicates, executes and spreads across network connections.

Viruses make their way into the computer when the attacker shares a malicious file containing it with the victim through the internet, or through any removable media. Worms enter a network when the victim downloads a malicious file, opens a spam mail or browsers a malicious website.

Ransomware

Ransomware is a type of a malware, which restricts access to the computer system’s files and folders and demands an online ransom payment to the malware creator in order to remove the restrictions. it is generally spread via malicious attachments to email messages, infected software applications, infected disks or compromised websites.

Information Security Threats and Attack Vectors

Cloud Computing Threats

Cloud computing is an on-demand delivery of It capabilities in which IT infrastructure and applications are provided to subscribes as a metered service over a network. Clients can store sensitive information on the cloud. Flaw in one client’s application cloud could potentially allow attackers to access another client’s data.

Advanced Persistent Threats (APT)

Advanced Persistent Threat (APT) is an attack that focuses on stealling information from the victim machine without its user being aware of it. These attacks are slow in nature, so the effect on computer performance and Internet connections is negligible. Apts exploit vulnerability in the applications running on a computer, operating system, and embedded systems.

Mobile Threats

Attackers are increasingly focusing on mobile devices, due to the increased adoption of smart phones for business and personal use and their comparatively fewer security controls.

Users may download malware applications onto their smartphones, which can damage other application and data and convey sensitive information to attackers. Attackers can remotely access a smartphone’s camera and recording app to view user activities and track voice communications, which can aid them in an attack.

Web Application Threats

Web application attack like SQL Injection, cross-site-scripting has made web applications a favorable target for the attackers to steal crendentials, set up phishing site, or acquire private information. Majority of such attacks are the result of flawed coding and improper sanitization of input and output data from the web application. Web application attacks on threaten the performance of the website and hamper its security.

IOT Threats

the Iot devices connected to the internet have little or no security that makes them vulnerable to various types of attacks. These devices include many software applications that are used to access the device remotely. Due to the hardware constraints such as memory, battery, etc. these IoT applications do not include complex security mechanisms to protect the devices from attacks. these drawbacks make the iot device more vulnerable and allow attackers to access the device remotely and perform various attacks.

Phishing

Phishing is a practice of sending an legitimate email falsely claiming to be from a legitimate site in an attempt to acquire a user’s personal or account information. attackers perform phishing attacks by distributing malicious links via some communication channel or mails to obtain private information like account numbers, credit card numbers, mobile numbers, etc. from the victim. Attackers design emails to lure victims such a way that they appear to be from some legitimate source or at times they send malicious links that resemble a legitimate website.

Botnet

A botnet is a huge network of compromised systems useb by attackers to perform denial of service attacks. Bots in a botner, performs tasks such as uploading viruses, sending emails with botnets attached to them, stealling data, and so on. Antivirus programs might fail to find or even scan for spyware or botnets. Hence it is essential to deploy programs specifically designed to find and eliminate such threats.

Insider Attack

An insider attack is an attack by someone from within an organization who has authorized access to its network and is aware of the network architecture.

Information Security Threat Categories

There are three types of information security threats:

Network Threats

A network is the collection of computers and other hardware connected by communication channels to share resources and information travels from one system to the other through the communication channel, a malicious person might break into the communication channel and steal the information traveling over the network.

Listed below are some of the network threats:

  • Information gathering
  • DNS and ARP posining
  • Sniffing and evaesdropping
  • Password-based attacks
  • Spoofing
  • Denial-of-service attack
  • Session Hijacking
  • Compromised-key Attack
  • man-in-the-middle attack
  • Firewall and IDS attack

Host Threats

Host threats target a particular system on which valuable information resides. Attackers try to breach the security of the information system resource.

Listed below are some of the host threats:

  • Malware attacks
  • Profiling
  • Foot printing
  • Password attacks
  • Denial-of-service attacks
  • Privilege escalation
  • Arbitrary code execution
  • Backdoor attacks
  • Unauthorized access
  • Physical security threats

Application Threats

Application can be vulnerable if proper security measures are not taken while developing, deploying, and maintaining them. Attackers exploit the vulnerabilities present in an application to steal or destroy data.

Listed below are some of the application threats:

  • Improper data/input validation
  • Hidden-field manipulation
  • Authentication and authorization attacks
  • Broken session management
  • Security misconfiguration
  • Cryptography attacks
  • Improper error handling and exception management
  • SQL injection
  • Infromation disclosure
  • Phishing

If You Like This Blog Please Follow site And for more hacking content click here

Related posts

Leave a Comment