Malicious Attacks

Malicious attacks basically seek to exploit vulnerabilities in a network. These threats can be passive or active and have very negative consequences. The difference between active and passive attacks are that active attacks makes changes or modifications to the data or attempt to gain some type of access to the network, while passive attacks do not make changes to the system at all. According to Solomon, 2012, there are many malicious attacks and threats that can be carried out against the network, some of which are identified below:
- Brute force attacks are one of the most tried and true attack methods where the attacker uses a software program to try all possible combinations of a password, security code or user ID, until one of them is successful.
- Hijacking is another type of attack that involves the attacker taking control of a session between two machines and masquerades as one of them. This can involve man-in-the-middle, browser or session hijacking.
- Social engineering is another common attack where the attacker tricks the user in carrying out actions for them; for example, the attacker may obtain the user’s login credentials by posing as an IT Specialist which would then help the intruder gain access to the network.
- Computer viruses act like a biological virus, where it infects the host program and could cause the host program to replicate itself to other computers. Some of these viruses have become smarter with the capability to combat malware-detection programs by disabling their detection functions.
- Trojan horse is a malware program that masquerades as a useful program They use their outward appears to trick users into running them; they look like programs that perform useful tasks but actually hid malicious code.
- Rootkits are newer types of malware that modifies or replaces one or more existing programs to hide traces of attacks.
- Spyware is a type of malware that specifically threatens the confidentiality of information. It