Ch6: Comparing Threats, Vulnerabilities, and Common Attacks Flashcards
Script kiddie
An attacker who uses existing computer scripts to launch attacks, typically with very little expertise, sophistication, and funding
Hacktivist
launches attacks as part of an activist movement or to further a cause
Insider
Anyone who has legitimate access to an organization’s internal resources, such as an employee
Organized crime elements are…
typically motivated by greed and money but often use sophisticated techniques
APTs
Advanced Persistent Threats are sponsored by governments and they launch sophisticated, targeted attacks
DoS attack
A denial-of-service attack is an attack from a single source that attempts to disrupt the services provided by another system
DDoS attack
A distrubuted denial-of-service attack includes multiple computers attacking a single target. DDoS attacks typically include sustained, abnormally high network traffic
Malware
includes a wide variety of malicious code including viruses, worms, Trojans, ransomware, and more
Virus
a malicious program that attaches itself to an application and runs when the application is started
Worm
a self-replicating program that doesn’t need user interaction to run
Logic bomb
executes in response to an event, such as when a specific application is executed or a specific time arrives
Backdoor
A backdoor provides another way to access a system
Trojan
A Trojan appears to be something useful but includes a malicious component, such as installing a backdoor on a user’s system. Many Trojans are delivered via drive-by-downloads. They can also infect systems from fake AV software, pirated software, games, or infected USBs
Ransomware
a type of malware that takes control of a user’s system or data. Criminals then attempt to extort payment from the victim. Ransomware often includes threats of damaging a user’s system or data if the victim does not pay the ransom.
Crypto-malware
Ransomware that encrypts the user’s data
Keyloggers
capture a user’s keystrokes and store them in a file, which can be automatically sent to an attacker or manually retrieved
Spyware
monitors a user’s computer and often includes a keylogger
Rootkit
A group of programs that has system-level or kernel access and can modify system files and system access. Rootkits hide their running processes to avoid detection with hooking techniques. Tools that can inspect RAM can discover these hidden hooked processes
Social engineering
uses social tactics to trick users into giving up information or performing actions they wouldn’t normally take
Shoulder surfing
Looking over someone’s shoulder to gain information. Screen filters help prevent shoulder surfing by obscuring the view for people unless they are directly in front of the monitor
Dumpster diving
Searching through trash for information
Spam
unwanted email
Phishing
malicious spam (clicking on email links to install malware)
Spear phishing
Attack that targets a specific group of users. It could target employees of a company or customers of a company. Digital signatures can help reduce successful spear phishing
