This document discusses various types of cyber attackers and threats. It describes traditional hackers who are motivated by thrill-seeking and reputation. It also discusses script kiddies who use pre-written scripts to launch attacks despite having low technical skills. Additionally, the document outlines the anatomy of a hack, including reconnaissance, exploiting vulnerabilities, and using botnets to launch distributed denial of service attacks. Social engineering tactics like phishing emails are also summarized.
Internet and computers have changed working, communication, meeting and business requirements and conditions all over globe. Due to this high profile technology, everyone can share any activity that was unexpected and unimaginable few decades back. It was the imagination of people that they will live their lives in this manner and do their business quickly and imagination and dream has come true with the introduction of internet only. Modern society is now associated with internet and related technologies, over a quarter of the world's population is wired into the net and this number is growing every day
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
54 Chapter 1 • The Threat Environment
FIGURE 1-18 Cyberwar and Cyberterror (Study Figure)
Nightmare Threats
Potential for far greater attacks than those caused by criminal attackers
Cyberwar
Computer-based attacks by national governments
Espionage
Cyber-only attacks to damage financial and communication infrastructure
To augment conventional physical attacks
Attack IT infrastructure along with physical attacks (or in place of physical attacks)
Paralyze enemy command and control
Engage in propaganda attacks
Cyberterror
Attacks by terrorists or terrorist groups
May attack IT resources directly
Use the Internet for recruitment and coordination
Use the Internet to augment physical attacks
Disrupt communication among first responders
Use cyberattacks to increase terror in physical attacks
Turn to computer crime to fund their attacks
espionage.87 Cyber espionage from China has been a serious problem since 1999.88
The Chinese government has been involved in, or sponsored, attacks aimed at the State
Department, Commerce Department, Senators, Congressmen, and US military labs.89
Cyberwar attacks can be launched without engaging in physical hostilities and still do
tremendous damage. Countries can use cyberwar attacks to do massive damage to one
another’s financial infrastructures, to disrupt one another’s communication infrastructures,
and to damage the country’s IT infrastructure all as precursors to actual physical hostilities.
Cyberterror
Another nightmare scenario is cyberterror, in which the attacker is a terrorist or group of
terrorists.90 Of course, cyberterrorists can attack information technology resources directly.
They can damage a country’s financial, communication, and utilities infrastructure.91
87 Dawn S. Onley and Patience Wait, “Red Storm Rising,” GCN.com, August 21, 2006. Keith Epstein, “China
Stealing U.S. Computer Data, Says Commission,” Business Week, November 21, 2008. http://www.businessweek.
com/bwdaily/dnflash/content/nov2008/db20081121_440892.htm.
88 Daniel Verton and L. Scott Tillett, “DOD Confirms Cyberattack ‘Something New’,” Cnn.com, March 6, 1999.
89 Josh Rogin, “The Top 10 Chinese Cyber Attacks (that we know of),” ForeignPolicy.com, January 22, 2010.
90 Although organized terrorist groups are very serious threats, a related group of attackers is somewhat dan-
gerous. These are hacktivists, who attack based on political beliefs. During tense periods between the United
States and China, for instance, hacktivists on both sides have attacked the IT resources of the other country.
91 In 2008, the CIA revealed that attacks over the Internet had cut off electrical power in several cities. Robert
McMillan, PC World, January 19, 2008. http://www.pcworld.com/article/id,141564/article.htm?tk=nl_dnxnws.
Chapter 1 • The Threat Environment 55
Most commonly, cyberterrorists use the Internet as a recruitment tool through
websites and to coordinate their activities.92 They can also use cyberterror in conjunc-
tion with .
Hacking is a term used to refer to activities aimed at exploiting security flaws to obtain critical information for gaining access to secured networks.
Internet and computers have changed working, communication, meeting and business requirements and conditions all over globe. Due to this high profile technology, everyone can share any activity that was unexpected and unimaginable few decades back. It was the imagination of people that they will live their lives in this manner and do their business quickly and imagination and dream has come true with the introduction of internet only. Modern society is now associated with internet and related technologies, over a quarter of the world's population is wired into the net and this number is growing every day
54 Chapter 1 • The Threat EnvironmentFIGURE 1-18 Cyberwar .docxalinainglis
54 Chapter 1 • The Threat Environment
FIGURE 1-18 Cyberwar and Cyberterror (Study Figure)
Nightmare Threats
Potential for far greater attacks than those caused by criminal attackers
Cyberwar
Computer-based attacks by national governments
Espionage
Cyber-only attacks to damage financial and communication infrastructure
To augment conventional physical attacks
Attack IT infrastructure along with physical attacks (or in place of physical attacks)
Paralyze enemy command and control
Engage in propaganda attacks
Cyberterror
Attacks by terrorists or terrorist groups
May attack IT resources directly
Use the Internet for recruitment and coordination
Use the Internet to augment physical attacks
Disrupt communication among first responders
Use cyberattacks to increase terror in physical attacks
Turn to computer crime to fund their attacks
espionage.87 Cyber espionage from China has been a serious problem since 1999.88
The Chinese government has been involved in, or sponsored, attacks aimed at the State
Department, Commerce Department, Senators, Congressmen, and US military labs.89
Cyberwar attacks can be launched without engaging in physical hostilities and still do
tremendous damage. Countries can use cyberwar attacks to do massive damage to one
another’s financial infrastructures, to disrupt one another’s communication infrastructures,
and to damage the country’s IT infrastructure all as precursors to actual physical hostilities.
Cyberterror
Another nightmare scenario is cyberterror, in which the attacker is a terrorist or group of
terrorists.90 Of course, cyberterrorists can attack information technology resources directly.
They can damage a country’s financial, communication, and utilities infrastructure.91
87 Dawn S. Onley and Patience Wait, “Red Storm Rising,” GCN.com, August 21, 2006. Keith Epstein, “China
Stealing U.S. Computer Data, Says Commission,” Business Week, November 21, 2008. http://www.businessweek.
com/bwdaily/dnflash/content/nov2008/db20081121_440892.htm.
88 Daniel Verton and L. Scott Tillett, “DOD Confirms Cyberattack ‘Something New’,” Cnn.com, March 6, 1999.
89 Josh Rogin, “The Top 10 Chinese Cyber Attacks (that we know of),” ForeignPolicy.com, January 22, 2010.
90 Although organized terrorist groups are very serious threats, a related group of attackers is somewhat dan-
gerous. These are hacktivists, who attack based on political beliefs. During tense periods between the United
States and China, for instance, hacktivists on both sides have attacked the IT resources of the other country.
91 In 2008, the CIA revealed that attacks over the Internet had cut off electrical power in several cities. Robert
McMillan, PC World, January 19, 2008. http://www.pcworld.com/article/id,141564/article.htm?tk=nl_dnxnws.
Chapter 1 • The Threat Environment 55
Most commonly, cyberterrorists use the Internet as a recruitment tool through
websites and to coordinate their activities.92 They can also use cyberterror in conjunc-
tion with .
Hacking is a term used to refer to activities aimed at exploiting security flaws to obtain critical information for gaining access to secured networks.
a simple presentation with introduction on hacking, presented by anant shrivastava on behalf of linux academy at rkdf bhopal http://academylinux.com and contact anant at http://anantshri.info
Presentation by Charl de Walt in 2001.
The presentation aims to educate people that IT security is relevant to SA business. The presentation begins with examples of defaced SA company websites. Various attacks such as DDoS and semantic attacks are discussed. The presentation ends with a discussion on IP manipulation
DOS / DDOS introduction
How Easy it is to get information
Real Life Examples MyDoom , GitHub , Dyn , Windows Server and Windows 10 servers running Internet Information Services (IIS) are vulnerable to denial of service (DOS) attacks
Base of Attacks
Types of DOS / DDOS
Attack Tools , LOIC, XOIC, Stacheldracht
DOS/DDOS Weaknesses
Category of OS/ DDOS
What to defend?
Botnets and Botnets mitigations
Michael Calce, a.k.a. MafiaBoy
Point of entrance / OSI Model ( If time permit)
Similar to Information-Security-Lecture-7.pptx (20)
Mobile App Development Company In Noida | Drona InfotechDrona Infotech
Looking for a reliable mobile app development company in Noida? Look no further than Drona Infotech. We specialize in creating customized apps for your business needs.
Visit Us For : https://www.dronainfotech.com/mobile-application-development/
Software Engineering, Software Consulting, Tech Lead, Spring Boot, Spring Cloud, Spring Core, Spring JDBC, Spring Transaction, Spring MVC, OpenShift Cloud Platform, Kafka, REST, SOAP, LLD & HLD.
Utilocate offers a comprehensive solution for locate ticket management by automating and streamlining the entire process. By integrating with Geospatial Information Systems (GIS), it provides accurate mapping and visualization of utility locations, enhancing decision-making and reducing the risk of errors. The system's advanced data analytics tools help identify trends, predict potential issues, and optimize resource allocation, making the locate ticket management process smarter and more efficient. Additionally, automated ticket management ensures consistency and reduces human error, while real-time notifications keep all relevant personnel informed and ready to respond promptly.
The system's ability to streamline workflows and automate ticket routing significantly reduces the time taken to process each ticket, making the process faster and more efficient. Mobile access allows field technicians to update ticket information on the go, ensuring that the latest information is always available and accelerating the locate process. Overall, Utilocate not only enhances the efficiency and accuracy of locate ticket management but also improves safety by minimizing the risk of utility damage through precise and timely locates.
Do you want Software for your Business? Visit Deuglo
Deuglo has top Software Developers in India. They are experts in software development and help design and create custom Software solutions.
Deuglo follows seven steps methods for delivering their services to their customers. They called it the Software development life cycle process (SDLC).
Requirement — Collecting the Requirements is the first Phase in the SSLC process.
Feasibility Study — after completing the requirement process they move to the design phase.
Design — in this phase, they start designing the software.
Coding — when designing is completed, the developers start coding for the software.
Testing — in this phase when the coding of the software is done the testing team will start testing.
Installation — after completion of testing, the application opens to the live server and launches!
Maintenance — after completing the software development, customers start using the software.
What is Augmented Reality Image Trackingpavan998932
Augmented Reality (AR) Image Tracking is a technology that enables AR applications to recognize and track images in the real world, overlaying digital content onto them. This enhances the user's interaction with their environment by providing additional information and interactive elements directly tied to physical images.
OpenMetadata Community Meeting - 5th June 2024OpenMetadata
The OpenMetadata Community Meeting was held on June 5th, 2024. In this meeting, we discussed about the data quality capabilities that are integrated with the Incident Manager, providing a complete solution to handle your data observability needs. Watch the end-to-end demo of the data quality features.
* How to run your own data quality framework
* What is the performance impact of running data quality frameworks
* How to run the test cases in your own ETL pipelines
* How the Incident Manager is integrated
* Get notified with alerts when test cases fail
Watch the meeting recording here - https://www.youtube.com/watch?v=UbNOje0kf6E
Launch Your Streaming Platforms in MinutesRoshan Dwivedi
The claim of launching a streaming platform in minutes might be a bit of an exaggeration, but there are services that can significantly streamline the process. Here's a breakdown:
Pros of Speedy Streaming Platform Launch Services:
No coding required: These services often use drag-and-drop interfaces or pre-built templates, eliminating the need for programming knowledge.
Faster setup: Compared to building from scratch, these platforms can get you up and running much quicker.
All-in-one solutions: Many services offer features like content management systems (CMS), video players, and monetization tools, reducing the need for multiple integrations.
Things to Consider:
Limited customization: These platforms may offer less flexibility in design and functionality compared to custom-built solutions.
Scalability: As your audience grows, you might need to upgrade to a more robust platform or encounter limitations with the "quick launch" option.
Features: Carefully evaluate which features are included and if they meet your specific needs (e.g., live streaming, subscription options).
Examples of Services for Launching Streaming Platforms:
Muvi [muvi com]
Uscreen [usencreen tv]
Alternatives to Consider:
Existing Streaming platforms: Platforms like YouTube or Twitch might be suitable for basic streaming needs, though monetization options might be limited.
Custom Development: While more time-consuming, custom development offers the most control and flexibility for your platform.
Overall, launching a streaming platform in minutes might not be entirely realistic, but these services can significantly speed up the process compared to building from scratch. Carefully consider your needs and budget when choosing the best option for you.
Transform Your Communication with Cloud-Based IVR SolutionsTheSMSPoint
Discover the power of Cloud-Based IVR Solutions to streamline communication processes. Embrace scalability and cost-efficiency while enhancing customer experiences with features like automated call routing and voice recognition. Accessible from anywhere, these solutions integrate seamlessly with existing systems, providing real-time analytics for continuous improvement. Revolutionize your communication strategy today with Cloud-Based IVR Solutions. Learn more at: https://thesmspoint.com/channel/cloud-telephony
Artificia Intellicence and XPath Extension FunctionsOctavian Nadolu
The purpose of this presentation is to provide an overview of how you can use AI from XSLT, XQuery, Schematron, or XML Refactoring operations, the potential benefits of using AI, and some of the challenges we face.
Graspan: A Big Data System for Big Code AnalysisAftab Hussain
We built a disk-based parallel graph system, Graspan, that uses a novel edge-pair centric computation model to compute dynamic transitive closures on very large program graphs.
We implement context-sensitive pointer/alias and dataflow analyses on Graspan. An evaluation of these analyses on large codebases such as Linux shows that their Graspan implementations scale to millions of lines of code and are much simpler than their original implementations.
These analyses were used to augment the existing checkers; these augmented checkers found 132 new NULL pointer bugs and 1308 unnecessary NULL tests in Linux 4.4.0-rc5, PostgreSQL 8.3.9, and Apache httpd 2.2.18.
- Accepted in ASPLOS ‘17, Xi’an, China.
- Featured in the tutorial, Systemized Program Analyses: A Big Data Perspective on Static Analysis Scalability, ASPLOS ‘17.
- Invited for presentation at SoCal PLS ‘16.
- Invited for poster presentation at PLDI SRC ‘16.
Atelier - Innover avec l’IA Générative et les graphes de connaissancesNeo4j
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Allez au-delà du battage médiatique autour de l’IA et découvrez des techniques pratiques pour utiliser l’IA de manière responsable à travers les données de votre organisation. Explorez comment utiliser les graphes de connaissances pour augmenter la précision, la transparence et la capacité d’explication dans les systèmes d’IA générative. Vous partirez avec une expérience pratique combinant les relations entre les données et les LLM pour apporter du contexte spécifique à votre domaine et améliorer votre raisonnement.
Amenez votre ordinateur portable et nous vous guiderons sur la mise en place de votre propre pile d’IA générative, en vous fournissant des exemples pratiques et codés pour démarrer en quelques minutes.
GraphSummit Paris - The art of the possible with Graph TechnologyNeo4j
Sudhir Hasbe, Chief Product Officer, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
AI Pilot Review: The World’s First Virtual Assistant Marketing SuiteGoogle
AI Pilot Review: The World’s First Virtual Assistant Marketing Suite
👉👉 Click Here To Get More Info 👇👇
https://sumonreview.com/ai-pilot-review/
AI Pilot Review: Key Features
✅Deploy AI expert bots in Any Niche With Just A Click
✅With one keyword, generate complete funnels, websites, landing pages, and more.
✅More than 85 AI features are included in the AI pilot.
✅No setup or configuration; use your voice (like Siri) to do whatever you want.
✅You Can Use AI Pilot To Create your version of AI Pilot And Charge People For It…
✅ZERO Manual Work With AI Pilot. Never write, Design, Or Code Again.
✅ZERO Limits On Features Or Usages
✅Use Our AI-powered Traffic To Get Hundreds Of Customers
✅No Complicated Setup: Get Up And Running In 2 Minutes
✅99.99% Up-Time Guaranteed
✅30 Days Money-Back Guarantee
✅ZERO Upfront Cost
See My Other Reviews Article:
(1) TubeTrivia AI Review: https://sumonreview.com/tubetrivia-ai-review
(2) SocioWave Review: https://sumonreview.com/sociowave-review
(3) AI Partner & Profit Review: https://sumonreview.com/ai-partner-profit-review
(4) AI Ebook Suite Review: https://sumonreview.com/ai-ebook-suite-review
Why Mobile App Regression Testing is Critical for Sustained Success_ A Detail...kalichargn70th171
A dynamic process unfolds in the intricate realm of software development, dedicated to crafting and sustaining products that effortlessly address user needs. Amidst vital stages like market analysis and requirement assessments, the heart of software development lies in the meticulous creation and upkeep of source code. Code alterations are inherent, challenging code quality, particularly under stringent deadlines.
2. Copyright Pearson Prentice-Hall 2010
The threat environment—attackers and their
attacks
Basic security terminology
Employee and ex-employee threats
Traditional external attackers
The criminal era and competitor threats
Cyberwar and cyberterror
2
3. Copyright Pearson Prentice-Hall 2010
Traditional Hackers
3
In the 1970s, malware writers were joined
by external hackers who began to break
into corporate computers that were
connected to modems. Today nearly every
firm is connected to the Internet which
harbors millions of external hackers
4. Copyright Pearson Prentice-Hall 2010
Traditional Hackers
◦ Motivated by thrill, validation of skills, sense of
power
◦ Motivated to increase reputation among other
hackers
◦ Often do damage as a byproduct
◦ Often engage in petty crime
4
ComputerWeekly.com
2008
5. Copyright Pearson Prentice-Hall 2010
Traditional Hackers
5
In 2009, vandals broke into a computerized road
sign in Austin, Texas, and changed its message
to read: “The end is near ! Caution ! Zombies
Ahead !”
Dallasnews.com, January 2009
Raymond Torricelli, broke into NASA computers
and used up processor time, money, and disk
resources to divert chat users to a website for
which he admitted to being paid USD 400 per
week.
Cybercrime.gov, 2001
6. Copyright Pearson Prentice-Hall 2010
6
Just like a thief who wants to rob a home does
reconnaissance of the neighborhood and gathers
information to determine which house to break into,
hackers also tend to do reconnaissance before
breaking into a computer.
As the figure shows, the attacker often sends probe
packets into a network. These probe packets are
designed to elicit replies from internal hosts and
routers.
7. Copyright Pearson Prentice-Hall 2010
Anatomy of a Hack
◦ Reconnaissance probes (see figure)
IP address scans to identify possible victims
Identify active hosts
ICMP Echo and Echo reply messages
Port scans (connection requests) to learn which
services are open on each potential victim host
7
Port 80 is the well known port for HTTP web servers.
There are many well known port numbers between 0
and 1023. each indicates the presence of a
particular type of application.
8. Copyright Pearson Prentice-Hall 2010
8
Corporate Site
128.171.17.13
128.171.17.47
Attacker
1.
IP Address Scanning Packet
Response Conf irms a Host at
128.171.17.13
3.
Exploit
Packet
128.171.17.22
2.
Port Scanning Packet
to Identif y Running
Applications
1. ICMP Echo and Echo reply
2. Connection requests
On a particular port number
3. Exploit or break-in
9. Copyright Pearson Prentice-Hall 2010
Anatomy of a Hack
◦ The exploit
The specific attack method that the attacker uses
to break into the computer is called the attacker’s
exploit
The act of implementing the exploit is called
exploiting the host
9
10. Copyright Pearson Prentice-Hall 2010
10
128.171.17.13
128.171.17.47
Attacker
1.
Spoof ed Packet to 128.171.17.13
Source IP address = 128.171.17.47
Instead of 10.6.4.3 10.6.4.3
2.
Reply goes to
Host 128.171.17.47
IP Address Spoof ing
Hides the Attacker's Identity .
But Replies do Not Go to the Attacker,
So IP address Spoof ing
Cannot be Used f or All Purposes
Some exploit packets cannot be spoofed so the
attacker uses chain of attack
11. Copyright Pearson Prentice-Hall 2010
Chain of attack computers (see figure)
◦ The attacker attacks through a chain of victim
computers
◦ Probe and exploit packets contain the source IP
address of the last computer in the chain
◦ The final attack computer receives replies and
passes them back to the attacker
◦ Often, the victim can trace the attack back to the
final attack computer
◦ But the attack usually can only be traced back a few
computers more
11
12. Copyright Pearson Prentice-Hall 2010
12
Target Host
60.168.47.47
Attacker
1.34.150.37
Compromised
Attack Host
3.35.126.7
Compromised
Attack Host
123.125.33.101
Usually Can Only Trace Attack
to Direct Attacker (123.125.33.101)
or Second Direct Attacker (3.35.126.7)
Log In Log In
Attack
Command
For probes whose replies must
be received, attacker sends
probes through a chain of
attack computers.
Victim only knows the identity
of the last compromised host
(123.125.33.101)
Not that of the attacker
13. Copyright Pearson Prentice-Hall 2010
Social Engineering
◦ Social engineering is often used in hacking
◦ Social engineering (as we saw earlier) is attempting
to trick users into doing something that goes
against the interests of security
◦ Often successful because it focuses on human
weaknesses instead of technological weaknesses
13
14. Copyright Pearson Prentice-Hall 2010
Social Engineering
Call and ask for passwords and other confidential
information
14
In one social engineering ploy, a hacker
calls a secretary claiming to be working
with the secretary’s boss. The hacker then
asks for sensitive information such as a
password or sensitive file.
15. Copyright Pearson Prentice-Hall 2010
Social Engineering
15
In one study, US Treasury Dept. inspectors
posing as computer technicians called 100
Internal Revenue Service (IRS) employees and
managers. The treasury agents asked each
target for his or her username and asked the
user to change the password to a specific
password chosen by the “technician.” This was a
clear violation of policy but 35% fell for the ploy
in 2005.
Washington Post, March 2005
16. Copyright Pearson Prentice-Hall 2010
Social Engineering
E-mail attack messages with attractive subjects
Piggybacking
Shoulder surfing
Pretexting
16
Piggybacking is following someone through a
secure door, without entering a pass code. Looking
over someone’s shoulder when he or she types a
password is shoulder surfing. In pretexting the
attacker calls claiming to be a certain customer in
order to get private information about that
customer.
17. Copyright Pearson Prentice-Hall 2010
Denial-of-Service (DoS) Attacks
◦ Make a server or entire network unavailable to
legitimate users
◦ Typically send a flood of attack messages to the
victim
◦ Distributed DoS (DDoS) Attacks ( see figure)
Bots flood the victim with attack packets
Attacker controls the bot
17
19. Copyright Pearson Prentice-Hall 2010
19
In 2001, the Code Red virus attacked the US
Whitehouse website. Fortunately the attacks were
made against the website’s IP address in stead of its
host name. The White House merely changed the IP
address of whitehouse.gov
To attack a server, the bots might flood the server
with TCP connection-opening requests (TCP SYN
segments). A server reserves a certain amount of
capacity each time it receives a SYN segment. By
flooding a computer with SYN segments, the
attacker can cause the server to run out of
resources and therefore crash.
20. Copyright Pearson Prentice-Hall 2010
Bots
◦ Updatable attack programs ( see figure)
◦ Botmaster can update the software to change the
type of attack the bot can do
May sell or lease the botnet to other criminals
◦ Botmaster can update the bot to fix bugs
20
21. Copyright Pearson Prentice-Hall 2010
21
DOS
Victim
Botmas
ter
Bot
Bot
Bot
1.
DoSAttack
Command
1.
DoSAttack Packets
2.
Spam
E-
Mail
2.
Software update
for Spam
3.
Software update
to f ix bug in the
attack so
ftware
2.
Spam
E-
Mail SpamVictims
22. Copyright Pearson Prentice-Hall 2010
22
Bots
Jeanson Ancheta was indicted for crimes involving
a large botnet. Ancheta was charged with creating
the botnet and installing adware programs, which
constantly pop up advertisements, on these
computers for a fee. He was also charged with
renting parts of his botnet to other criminals for
spam and denial of service attacks.
http://www.cybercrime.gov (Nov 2005)
23. Copyright Pearson Prentice-Hall 2010
Skill Levels
◦ Expert attackers are characterized by strong
technical skills and dogged persistence
◦ Expert attackers create hacker scripts to automate
some of their work
◦ Scripts are also available for writing viruses and
other malicious software
23
Todays hacker scripts often have easy to use graphical user
interfaces and look like commercial products. Many scripts
are available on the Internet…These easy to use scripts have
created a new type of hacker “the script kiddie”
24. Copyright Pearson Prentice-Hall 2010
Skill Levels
◦ Script kiddies use these scripts to make attacks
◦ Script kiddies have low technical skills
◦ Script kiddies are dangerous because of their large
numbers
24
In February 2000 a number of major firms were affected by
devastatingly effective DDOS attacks that blocked each of
their e-commerce systems for hours at a time. Victims
included CNN, ebay, Yahoo, ZDNET, and others. At first the
attacks were thought to be work of an elite hacker. However,
the culprit was found to be a 15 year old script kiddie in
Canada
25. Copyright Pearson Prentice-Hall 2010
Skill Levels
25
Virus and other Malware writers also have written
long programs for creating new malware. Viruses
have become so easy to create with these tools that
Svan Jaschan, an 18 year old German student, who
had never written a virus before, was responsible
for 70% of the virus activity in the first half of 2004.
(http://www.sophos.com)
26. Copyright Pearson Prentice-Hall 2010
Skill Levels
26
Today tools are available for creating all types of
exploits. One of the most important is the
MetaSploit Framework which makes it easy to take
a new exploitation method and rapidly turn it into
a full attack program. Metasploit is used both by
attackers to launch attacks, and by security
professionals to test the vulnerability of their
systems to specific exploits.
(http://www.metasploit.com)