Attackers- Types of Threats
Attackers- Types of Threats
Welcome to Week # 1. This week’s assignment will help you to fulfill the requirements for the first course objective (CO-1: Examine the various aspects of cybersecurity including the relationship between cyber defense, cyber operations, cyber exploitations, cyber intelligence, cybercrime, Cyberlaw within Federal and State Laws). For this week’s assignment instructions, please see below:
You are tasked as the Cyber Security Analyst at your new organization to prepare a briefing for executive management (comprised of people with anywhere from a basic understanding of Information Technology [IT] to a Chief Information Officer with a vast knowledge of IT). The purpose of the briefing is to make recommendations on a course of action they should take to deal with a myriad of threats due to a recent compromise of critical IT Infrastructure by an unknown intruder or insider.
For the purpose of this assignment, you are to select one of the topics below and create an in-depth and thoroughly analyzed report that first researches the subject matter and provides a well thought out background based on current trends; and then makes rationalization for the subsequent recommendations.
TOPICS (you may use more than one topic in your report if you like):
Attack Methodology plus Tools and Techniques used
Attackers – Types of Threats (I have chosen this topic)
How Most Organizations Defend Today (Lessons Learned)
Targeted Capabilities – What we should be Defending
4 – 6 Pages in length in APA format (not including a cover page and reference section)
Analysis of current research on the subject matter
Use current and real world data to make your points, not just the textbook
Your report may focus only on the topic of your choosing – imagine yourself working on one aspect of the report while team members complete the other areas following the same structure.
Your assignment is due by Sunday not later than 11:59 p.m. Eastern time.
Background On Types of Threats Used By Attackers
The rapid evolution that has been happening unb technologies would present information system users with no its benefits and risks. While the primary benefit from these advancements is improved efficiency and effectiveness in daily operations. The evolution would also bring a consistent growth in cyber-crime. Over time, malicious attackers have developed attack types, tools and techniques which allow the attackers to penetrate the complex or well-controlled environments. This essay seeks to identify and understand the system threats exploited by attackers. This discussion will lead to the rationalization of several countermeasures that have been recommended in present literature.
According to Saabilion et al., (2016), the risk to information and computer systems arises from a wide spectrum of threats that have a vast range of capabilities. Their impact and subsequent harm in the system will rely on the opportunities the attacker gets or rather the vulnerabilities that the attacker could exploit. The impact also relies on the attackers’ capabilities of exploiting the vulnerabilities and ultimately the motivation for carrying out the attack (Sabilion et al., 2016). The attacker’s motivation is often varying to range from technical prowess for individual prestige, financial benefits, commercial benefits, political protest to diplomatic advantages for one’s country.
Analysis Of Current Research On The Types Of Threats Used By Attackers
According to Obotivere & Nwaezeigwe (2020), there are several types of threats that attackers will exploit. One of them is the ransomware threat which is a type of malware that involves the attacker locking the target’s computer system files normally through an encryption algorithm. Then the attacker demands payment for decryption and unlocking the files. This threat has become very prevalent with Symantec indicating that it has observed a 500% month to month increase in ransom since 2013. According to Chen & Bridges (2017), a series of actions are required for a ransomware to be complete which include the identification of files for the encryption or deletion and the exchange of encryption jets with the command and control server, therefore, discovering the pre-encryption footprint of the mawre is expected to provide accurate, on-time detection to mitigate the effect of a ransomware.
The second type of threat identified as malware or malicious software which covers any file or program that is introduced to the target’s system with the intention of causing damage or gaining unauthorized access. Malware could come in the form of viruses, spyware, worms, ransomware, trojan horse keyloggers among others. Researchers have asserted that the malwares being designed by attackers are polymorphic and metamorphic which means that they could change the code for propagating reasons (Talukder & Talukder, 2020). Furthermore,the malware variants are very diverse and different in volume which could severely affect the effectiveness of conventional defenses that normally utilize the signature-based techniques, it is becoming difficult to detect the unknown malware executables requiring further research and developments that can remain at pace with the developing malware.
The third attack type identified was social engineering which is an important element where threats are mushrooming. Social engineering is executed by attackers gathering personal data about particular persons through social networks and utilizing it in marking targeted emails more convincingly. The various techniques of social engineering email phishing, vishing and smishing, a social engineer walk exploit the uncertainty and confusion that these emails cause among the legitimate system users to subsequently attain their objectives.
Phishing is another type of therapy which is a type of fraud where fraudulent emails that resemble emails from reputable sources are sent to system usems. The main intention of these emails is for the users to believe that the email is coming from a trustworthy source then click on links added on to the email. Subsequently, the attacker could steal confidential or sensitive information such as login credentials and credit card information. Normally, the present studies on phishing attacks have focussed on looking into their taxonomies to highlight the difference between social engineering and the technical elements of phishing attacks. Nevertheless, there is still need for further attention to be given to the specifics to the email-based phishing attacks among other more complex, strategy-based phishing attacks, Rastenis et al. (2020) proposed an email-based phishing attack taxonomy that comprised six phases. Notably, research has proven that taxonomy usage for phishing attack notation increases the level of description of phishing attacks compared to free-form phishing attack descriptions.
Rationalization of Proposed Solutions to the Types of Cyber Threats Used By Attackers.
Extensive research has acknowledged that the countermeasures to the different types of cyber threats will normally overlap and cannot be implemented singularly. In regards to fighting the different types of malware including the ransomware, several measures are applicable to mitigate the threat. These measures include using limited user access and application privileges, using reputable antivirus and anti-malware software programs and endpoint security measures ensuring that cybersecurity updates and patches remain up to date constantly and ensuring that the system’s users are constantly educated in cybersecurity and how to avoid trap sets by the malicious attackers. Undoubtedly, these measures encompass tools, techniques and the people for the system to be protected from malware. In this case, the tools needed are evidently the updated antivirus and antimalware software programs and setting up robust firewalls among others. In regards to techniques, the implementation of user access and application privileges will hinder unnecessary authorized access to sensitive and confidential information. The main aim of ensuring that any attempt to inject malware is prevented through the right strategies.
Regarding the social engineering threat, evidence has proven that it can never be eliminated fully as long as organizations continue to work with human beings. Human beings cannot be patched for better security reasons (Zulkurnain et al., 2015). Nonetheless, it is possible to put in efforts on educating and implementing policies and regulations which minimize the potential for security breaches. The use of technology may reduce the burden on human beings to provide security but a balance needs to be attained where there is no total dependence on either human beings and technology considering the two also have their own issues. Researchers have also acknowledged the need for further research to look into how organizations are being exploited to prompt improvements in security standards and technologies.
In regards to phishing, the most effective solution would be training its users to avoid following links blindly specifically when they have to input sensitive credentials (Kirda & Kruegel, 2006). Nonetheless, expecting that all users will understand the phishing threat and surfing accordingly is not reality. There will always be users that are easily tricked into phishing web sites, to this effect, it is fundamental for researchers and the industry to provide solutions for the phishing threat. Conclusively, computer threats will continue to evolve and hence the need to engage in extensive research.
and Possible Solutions. International Journal of Advanced Research in Computer and Communication Engineering.
Chen, Q., & Bridges, R. A. (2017, December). Automated behavioral analysis of malware: A case study of wannacry ransomware. In 2017 16th IEEE International Conference on machine learning and applications (ICMLA) (pp. 454-460). IEEE.
Kirda, E., & Kruegel, C. (2006). Protecting users against phishing attacks. The Computer Journal, 49(5), 554-561.
Obotivere, B. A., & Nwaezeigwe, A. O. (2020). Cyber Security Threats on the Internet
Rastenis, J., Ramanauskaitė, S., Janulevičius, J., Čenys, A., Slotkienė, A., & Pakrijauskas, K. (2020). E-mail-based phishing attack taxonomy. Applied Sciences, 10(7), 2363.
Sabillon, R., Cavaller, V., & Cano, J. (2016). National cyber security strategies: global trends in cyberspace. International Journal of Computer Science and Software Engineering, 5(5), 67.
Talukder, S., & Talukder, Z. (2020). A survey on malware detection and analysis tools. International Journal of Network Security & Its Applications (IJNSA) Vol, 12.
Zulkurnain, A. U., Hamidy, A. K. B. K., Husain, A. B., & Chizari, H. (2015). Social engineering attack mitigation. International Journal of Mathematics and Computational Science, 1(4), 188-198.