NETWORK ATACKS
Types of Malware
Viruses: Un virus o virus informático es un software que tiene por objetivo alterar el funcionamiento normal de cualquier tipo de dispositivo informático
Worms: es un malware que se replica para propagarse a otras computadoras
Trojan Horses: a un malware que se presenta al usuario como un programa aparentemente legítimo e inofensivo, pero que, al ejecutarlo, le brinda a un atacante acceso remoto al equipo infectado.
Reconnaissance Attacks
click to edit
Reconnaissance attacks - The discovery and mapping of systems, services, or vulnerabilities.
Access attacks - The unauthorized manipulation of data, system access, or user privileges.
Denial of service - The disabling or corruption of networks, systems, or services.
Access Attacks
Password Attacks: Threat actors can implement password attacks using several different methods:
Brute-force attacks
Trojan horse attacks
Packet sniffers
Trust Exploitation
In a trust exploitation attack, a threat actor uses unauthorized privileges to gain access to a system, possibly compromising the target. Click Play in the figure to view an example of trust exploitation.
Port Redirection
A threat actor uses a compromised system as a base for attacks against other targets. The example in the figure shows a threat actor using SSH (port 22) to connect to a compromised host A. Host A is trusted by host B and, therefore, the threat actor can use Telnet (port 23) to access it.
Man-in-the-Middle
In a man-in-the-middle attack, the threat actor is positioned in between two legitimate entities in order to read or modify the data that passes between the two parties. The figure displays an example of a man-in-the-middle attack.
Denial of Service Attacks
DoS Attack: DoS attacks are a major risk because they interrupt communication and cause significant loss of time and money. These attacks are relatively simple to conduct, even by an unskilled threat actor.
DDoS Attack: A DDoS is similar to a DoS attack, but it originates from multiple, coordinated sources. For example, a threat actor builds a network of infected hosts, known as zombies. A network of zombies is called a botnet. The threat actor uses a command and control (CnC) program to instruct the botnet of zombies to carry out a DDoS attack.