attack is any attempt to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset.
Malicious threats consist of inside attacks by disgruntled or malicious employees and outside attacks by non-employees just looking to harm and disrupt an organization.
The most dangerous attackers are usually insiders (or former insiders), because they know many of the codes and security measures that are already in place. Insiders are likely to have specific goals and objectives, and have legitimate access to the system. Employees are the people most familiar with the organization's computers and applications, and they are most likely to know what actions might cause the most damage. Insiders can plant viruses, Trojan horses, or worms, and they can browse through the file system.
The insider attack can affect all components of computer security. By browsing through a system, confidential information could be revealed. Trojan horses are a threat to both the integrity and confidentiality of information in the system. Insider attacks can affect availability by overloading the system's processing or storage capacity, or by causing the system to crash.
People often refer to these individuals as "crackers" or "hackers." The definition of "hacker" has changed over the years. A hacker was once thought of as any individual who enjoyed getting the most out of the system he or she was using. A hacker would use a system extensively and study it until he or she became proficient in all its nuances. This individual was respected as a source of information for local computer users, someone referred to as a "guru" or "wizard."
Now, however, the term hacker refers to people who either break in to systems for which they have no authorization or intentionally overstep their bounds on systems for which they do not have legitimate access.
The correct term to use for someone who breaks in to systems is a cracker.Common methods for gaining access to a system include password cracking, exploiting known security weaknesses, network spoofing, and social engineering.
Malicious attackers normally will have a specific goal, objective, or motive for an attack on a system. These goals could be to disrupt services and the continuity of business operations by using denial-of-service (DoS) attack tools. They might also want to steal information or even steal hardware such as laptop computers. Hackers can sell information that can be useful to competitors
As you design an approach to resist, detect, and respond to malware enterprisewide, begin by understanding the threat landscape relevant to your computing environment. This process involves reviewing what infection vectors you’re likely to encounter. For instance, common approaches for malware to find its way onto systems include:
- Vulnerabilities in client-side software on workstations.
- Vulnerabilities in network-accessible software on servers.
- Social engineering techniques, which often are part of malware-propagation tactics.
- Removable media, such as USB keys.
- Weak passwords of network-accessible accounts
In the fight against malware, one might say that the best offense is a good defense: That is, when implementing the policies developed in the plan phase of the security cycle, enterprises must take steps to resist malicious software attacks in the first place.
When it comes to protecting a single system from malware infection, the road map is usually clear. Common tasks include:
- Install and maintain a modern anti-virus suite.
- Lock down the configuration of the operating system.
- Control what software is installed and allowed to run.
- Restrict outbound and inbound network access.
- Protect Web browsing activities.
The sooner you can discover the presence of malware in your enterprise, the sooner you can react and, hopefully, limit the spread of malicious code before the infection finds its way onto many more systems. Enterprises without mature anti-malware practices tend to rely solely on antivirus tools to spot malware. This may be a good start, but antivirus software is far from being the only security mechanism we need to discover and resist malware infections. Gone are the days when detecting malware by static signatures was effective, and the approaches to identifying malicious programs using behavioral and heuristic techniques are still in need of improvement. As the result, malware authors often are able to design their creations to avoid being detected by antivirus tools.
Content will be erased after question is completed.