Security Standards «Prev  Next»

Lesson 3What is the Security System Threat?
ObjectiveDescribe the Types of System Threats

What are "Type of System threats"?

Describe the Types of System Threats

Although you can never reach a point of complete security, you can achieve a level that prevents all but the most determined and skilled hackers from accessing your system. Security breaches can be instigated or inadvertently created.

Threat Definition and Scenario

A threat can be defined as anything that can identify the vulnerability and potentially exploit it. Threats can be of various types. Threats could be human acts, power outages, and even natural disasters like earthquakes or tornadoes. For instance, if the main door of a house is not equipped with a locking mechanism (or is unlocked). In this case, the threat is the thief, who identifies the vulnerability (which is the lack of a lock for the main door) and exploits it (the burglar will be able to steal all the components from the house). Let us explore the relationship between vulnerabilities and threats, with a possible scenario in everyday life. A woman, in Minneapolis finishes shopping and is walking back to her hotel. She finds herself in an unknown part of the city where there is no law enforcement. There are criminals in the streets, dark alleyways and drug addicts in the alleys. She does not know anyone in this city and is carrying a substantial amount of money and some shopping bags. Let us explore the vulnerability and threat.

What are the Vulnerabilities?

The vulnerabilities are as follows:
  1. The woman is in an unknown city in a seemingly primitive part of town.
  2. She does not know anyone in the city.
  3. She is carrying money and shopping bags in an unsafe area.

The threats are as follows:
  1. The woman will be mugged by a low-life who sees her shopping bags.
  2. Someone in the street might attack or abduct her.

Security Threats

This diagram outlines the various security threats

Security Threats consisting of 1) User created breach 2) Password Cracking 3) Trojan horse 4) Denial of Service 5) Packets Sniffers 6) IP spoofing 7) System snooping
  1. Users may unknowingly create a security risk by using weak passwords or by downloading a file containing a virus. Very few users enable screensaver passwords.
  2. Dictionary programs specifically written to break into a password-protected system are frequently used to gain access to network systems.
  3. Users can inadvertently download destructive viruses and Trojan horses thereby compromising your network's ability to function.
  4. To prevent legitimate users of a service from using that service, attackers may attempt to flood a network, or disrupt connections or services.
  5. Sniffers, devices or programs that are used to monitor traffic on a network, can be installed anywhere in a networked system.
  6. Many hackers can imitate any Internet Protocol (IP) device that has an IP address that allows them entrance into your system.
  7. Using Transmission Control Protocol/Internet Protocol (TCP/IP), a hacker can enter your system through any device that does not have specific security mechanisms in place.

User

Users may unknowingly create a security risk by using weak passwords, or by downloading a file containing a virus.

Password Cracking

Dictionary programs specifically written to break into a password-protected system are frequently used to gain access to network systems.

Trojan horse

Users can inadvertently download destructive viruses and Trojan horses thereby compromising your network's ability to function.

Denial of Service

To prevent legitimate users of a service from using that service, attackers may attempt to flood a network, or disrupt connections or services.

Packet Sniffer

Sniffers, devices or programs that are used to monitor traffic on a network can be installed anywhere in a networked system.

IP Spoofing

Many hackers can imitate any Internet Protocol (IP) device that has an IP address that allows them entrance into your system.

System Snooping

Using Transmission Control Protocol/Internet Protocol (TCP/IP), a hacker can enter your system through device that does not have specific security mechanisms in place.

Brute-force Attacks

In brute-force attacks, a hacker attempts to defeat authentication by obtaining a legitimate user's password. A brute-force attack may include a dictionary file[1], a sniffer[2], repeated logon attempts, or an attempt to break a code using combinations of computers and information.

Character and Numeric Passwords

Strong passwords defeat dictionary attacks, by combining lowercase, uppercase, numeric, and nonstandard characters.

Scanners and Crackers

Scanners are usually network tools employed by an attacker to monitor and read network data and communication ports. When the attacker finds vulnerable ports or sensitive data, he or she would use these weak spots to initiate attacks on the network. Crackers are software programs that an attacker uses to launch dictionary attacks on passwords and other sensitive authentication information present on internal networks.

Coding Problems

Many times, an operating system or program running on the server contains coding problems or bugs that create an unintentional opening. Hackers often know about such problems and exploit them. Also, program designers sometimes intentionally place a back door[3] in an operating system or program so they can support the product quickly.

Buffer Overflow

A popular bug-based attack is a buffer overflow that works by sending more data than the target system is intended to receive at one time. The extra data overflows the program's storage buffer in memory and then overwrites the actual program data, allowing modification of the target system's programs resulting in the creation of a back door into the system.
Social Engineering
Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information.
While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to-face with the victim.

Social Engineering

Be aware that a hacker may attempt to imitate a legitimate user by confusing a switchboard operator or a guard.
This is an example of a social engineering attack.
Potential Threats
Link on the link to the left to read about potential threats to your resources.
Guide to Network Security
[1] Dictionary file:A file comprised of common passwords used by a hacker in an attempt to gain entrance to a network.
[2] Sniffer: A program used to intercept passwords.
[3] Back door: An intentional hole in a firewall or security apparatus that allows access around security measures.