Assignment 1 Malicious Attacks Threats And Vunerabilities
Assignment 1- Identifying Potential Malicious Attacks, Threats and Vulnerabilities
Larry F. Simmons
Strayer University Online
Professor Arend Clayborn
February 4, 2015
A malicious attack can be any physical or electronic action taken with the intent of acquiring, destroying, modifying, or accessing a user’s data without permission of their files. Hackers attempt to gain access to information about your system which can reveal many common exploits and other vulnerabilities of your system. Hackers pursue their attacks using the information that is gathered from the system. Recently, Anthem which is one of the nation’s largest health insurers suffered a hacking into their computer system. The attack was detected on January 29th and are now working with the Federal Bureau of Investigation (FBI). The hackers concentrated mostly on Social Security numbers, birthdates, addresses, e-mail and some employment information and other data. Fortunately, credit card information and medical records (including doctor and hospital information) were not affected. Three types of potential malicious attacks are as follows:
1) Passive attacks
2) Active attacks, and
3) Insider attacks A passive attack is actually eavesdropping or monitoring of any transmission that is happening in the system. A passive attack can include an analysis of any traffic, the monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Individuals can see any actions that are coming up in the system which would disclose information or data files that would be available to the attacker without the knowledge of the user. An active attack involves attempts to break through protection features such as a firewall. This can be done through stealth, viruses, worms or Trojan horses. Active attacks involve the introduction of malicious code and to steal or modify information. These attacks are
Larry F. Simmons
Strayer University Online
Professor Arend Clayborn
February 4, 2015
A malicious attack can be any physical or electronic action taken with the intent of acquiring, destroying, modifying, or accessing a user’s data without permission of their files. Hackers attempt to gain access to information about your system which can reveal many common exploits and other vulnerabilities of your system. Hackers pursue their attacks using the information that is gathered from the system. Recently, Anthem which is one of the nation’s largest health insurers suffered a hacking into their computer system. The attack was detected on January 29th and are now working with the Federal Bureau of Investigation (FBI). The hackers concentrated mostly on Social Security numbers, birthdates, addresses, e-mail and some employment information and other data. Fortunately, credit card information and medical records (including doctor and hospital information) were not affected. Three types of potential malicious attacks are as follows:
1) Passive attacks
2) Active attacks, and
3) Insider attacks A passive attack is actually eavesdropping or monitoring of any transmission that is happening in the system. A passive attack can include an analysis of any traffic, the monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Individuals can see any actions that are coming up in the system which would disclose information or data files that would be available to the attacker without the knowledge of the user. An active attack involves attempts to break through protection features such as a firewall. This can be done through stealth, viruses, worms or Trojan horses. Active attacks involve the introduction of malicious code and to steal or modify information. These attacks are