Please enable JavaScript.
Coggle requires JavaScript to display documents.
Attack Basics or Basic Attack (Chapter 2) - Coggle Diagram
Attack Basics
or Basic Attack
(Chapter 2)
Definition
Understand the type of
attack based on a particular scenario
Attacks affect
attack vectors
Vectors can be exploited
via
Vulnerabilities
Physical Vulnerabilities,
via social Engineering
Technical Vulnerabilities
Password Attacks
MITIGATE
Encrypt and Hash stored
passwords, lockouts
Systems(attack vectors)
can be attacked via social engineering
or technical attacks
Technical attacks
are direct attacks on
software, system/networks,
hardware
Internal Attack
requires deployment in
system/attack vector
Malware
(Malicious Software)
Instead of physical attack like
phishing, attacker can attack
via malware
Malware attacks/infects different
parts of system,
registry, memory, macros
and other networks
Different types of malware
infects different system components and
has different behaviour
Virus
is type of malware
Viruses infects system,
by spreading copies of itself
1 more item...
More dangerous type of
malware,
more so than virus,
requires no user
interaction
Worm
1 more item...
other types of malware,
that don't replicate
but instead just hides itself in plain sight
We call these
Trojans
1 more item...
Lets say remote access
trojan is used for backdoor,
attacker may want
more access(permissions)
trojan downloads
malicious code for more permissions
1 more item...
Some viruses and trojans,
don't only replicate and allow backdoors,
instead have other malicious behaviour
trigger
actions after an event
or after certain logic has
happen
1 more item...
allows
control of system (similar to RAT)
1 more item...
malware that aims to stop or prevent
valuable files from being used.
1 more item...
So instead of phishing
attack can use
malware to get into system
Alternative malware
not used for attacks,
but a nuisance
Known as
Personally Unwanted Programs
(PUPs)
usually bundled in software
comes in different forms
aka has different behaviours
Spy on the user,
collect personal info (PII) from machine,
websites they visit, location etc
call this
Spyware
2 more items...
Instead of deploying
malware,
attack happens external,
from outside (rather than
internal disruption)
External Disruption or Attack
Different External
Attack Vectors
Device/Machine
(Physically/in-person)
a direct attack on
physical device,
(like shoulder surfing
in social engineering),
Physical (in-person) Device Attacks
different physical
devices
2 more items...
(Training)
Data
instead of physically
disrupting systems,
can affect/pollute data sources of systems
and applications
can attack systems,
by manipulating AI and Machine
learning algorithms
Data source of ML
is training data
1 more item...
Passwords
Instead of disruption and manipulation,
or after trying those two,
attacker may try to gain access
via attack on login
External, in that
trying to gain access
to system
Password attacks
2 more items...
All attacks can be made easier
using older versions
1 more item...
So external here,
means attacker doesn't
yet have access to system (so can't deploy malware)
Attacking
from outside permiter,
outside the system