We would now be covering up the various types of attacks, and how these attacks fall under the triads or the hexad's categories.
------------------------------------------------------------------------------------------------------------------
11] TYPES OF ATTACKS
Attacking an entity in the cyber world is usually performed with a malicious intent. We can classify attacks on cyber systems (if confused with the word cyber system, please refer the very top section of the blog for the explanation of the basic terms.) in four categories viz- Interception, Interruption, Modification and Fabrication(develop your own mnemonic so that you can remember these attacks for a long period). Before we begin with the actual explanation of the attacks lets understand them roughly with the help of a picture.
(Photo credit : The Basics of Information Security by Jason Andress)
11.1) Interception : Interception is the unauthorized access to a communication between parties. Suppose two higher level officials of FBI are discussing via email about security measures to be adopted during the President's next visit to say Afghanistan and some random malicious cracker(not a hacker) is successful in intruding this communication silently, he will gain a wealth of information which, if disclosed can bring about a colossal damage to the US administration. Why interception is mapped to confidentiality in the above picture? Because, considering the above example, the information communicated between the officials is definitely confidential and interception attack is the one which would compromise it heavily.
11.2) Interruption : Its not uncommon to experience that situation when our browser displays a page which says, "Cannot connect to xyz. abc.com. Connection rejected by the server" or "Cannot connect to happy.go.lucky.com. Server taking too long to respond" (Chrome users would definitely agree on these messages ). The reason for these messages is because the server is either experiencing a lot of load or it is undergoing a temporary maintenance check, or it is under attack and the server's security team shut it down to avoid further propagation of the attack. And suppose we are accessing our data and an attack incidence takes place, thus our access is interrupted. Clearly, thus, interruption can be mapped to an attack on availability. But from the picture Interruption is also mapped to Integrity, why? because, while an attack is ongoing it causes interruption to our services thus attacking availability, but an attack can also modify the data while in process and thus compromise the Integrity aspect of our data transmission.
11.3) Modification : Modification involves tampering with the data in hand(accessible). Thus modification attacks the Integrity principle of our systems. But according to the figure above, it also attacks the Availability aspect, how? because when a cracker(or a hacker) perform tampering of the data, consider for a moment this data is a critical system process, now when the tampering with this process is ongoing, it is most likely that the system may stop functioning(crash), thereby not allowing users to access the content on the system.
11.4) Fabrication : Fabrication is nothing but cooking up false stories, but in a cyber world sense, it means generating/creating false data, false processes, false web pages or any such thing. How does Fabrication attack Integrity? Fabrication, can involve interception of the data in transmission, and replacing this data with the fabricated one. How it attacks Availability? If a malicious hacker goes on creating false processes, false user requests to the server, false web traffic, then it can cause the target system(servers, for example) to stop functioning and thereby deny access to legitimate users.
------------------------------------------------------------------------------------------------------------------
11] TYPES OF ATTACKS
Attacking an entity in the cyber world is usually performed with a malicious intent. We can classify attacks on cyber systems (if confused with the word cyber system, please refer the very top section of the blog for the explanation of the basic terms.) in four categories viz- Interception, Interruption, Modification and Fabrication(develop your own mnemonic so that you can remember these attacks for a long period). Before we begin with the actual explanation of the attacks lets understand them roughly with the help of a picture.
(Photo credit : The Basics of Information Security by Jason Andress)
11.1) Interception : Interception is the unauthorized access to a communication between parties. Suppose two higher level officials of FBI are discussing via email about security measures to be adopted during the President's next visit to say Afghanistan and some random malicious cracker(not a hacker) is successful in intruding this communication silently, he will gain a wealth of information which, if disclosed can bring about a colossal damage to the US administration. Why interception is mapped to confidentiality in the above picture? Because, considering the above example, the information communicated between the officials is definitely confidential and interception attack is the one which would compromise it heavily.
11.2) Interruption : Its not uncommon to experience that situation when our browser displays a page which says, "Cannot connect to xyz. abc.com. Connection rejected by the server" or "Cannot connect to happy.go.lucky.com. Server taking too long to respond" (Chrome users would definitely agree on these messages ). The reason for these messages is because the server is either experiencing a lot of load or it is undergoing a temporary maintenance check, or it is under attack and the server's security team shut it down to avoid further propagation of the attack. And suppose we are accessing our data and an attack incidence takes place, thus our access is interrupted. Clearly, thus, interruption can be mapped to an attack on availability. But from the picture Interruption is also mapped to Integrity, why? because, while an attack is ongoing it causes interruption to our services thus attacking availability, but an attack can also modify the data while in process and thus compromise the Integrity aspect of our data transmission.
11.3) Modification : Modification involves tampering with the data in hand(accessible). Thus modification attacks the Integrity principle of our systems. But according to the figure above, it also attacks the Availability aspect, how? because when a cracker(or a hacker) perform tampering of the data, consider for a moment this data is a critical system process, now when the tampering with this process is ongoing, it is most likely that the system may stop functioning(crash), thereby not allowing users to access the content on the system.
11.4) Fabrication : Fabrication is nothing but cooking up false stories, but in a cyber world sense, it means generating/creating false data, false processes, false web pages or any such thing. How does Fabrication attack Integrity? Fabrication, can involve interception of the data in transmission, and replacing this data with the fabricated one. How it attacks Availability? If a malicious hacker goes on creating false processes, false user requests to the server, false web traffic, then it can cause the target system(servers, for example) to stop functioning and thereby deny access to legitimate users.
No comments:
Post a Comment