Attack, Attackers and Vulnerabilities - CSU1899 - Shoolini U

FL12: Types of attack and attackers in the context of the vulnerabilities associated with computer and information systems

1. Types of Attackers

In the realm of ethical hacking and cybersecurity, attackers can be classified into various categories based on their intent, skill level, and the methods they employ. Each category poses unique challenges due to their motivations and capabilities.

1.1 Black Hat Hackers

Description: Malicious hackers who infiltrate systems with the intent of causing harm, stealing data, or disrupting operations.

Motivation: Financial gain, espionage, data theft, or malicious intent.

Example: An attacker breaking into a bank’s system to steal customer data or withdraw funds illegally.

1.2 White Hat Hackers

Description: Ethical hackers who break into systems legally to identify vulnerabilities and suggest fixes.

Motivation: Security testing, improving defenses, and responsible disclosure.

Example: A cybersecurity professional hired by a company to conduct penetration testing on its network.

1.3 Grey Hat Hackers

Description: Hackers who may not have malicious intent but break into systems without permission. They might later report the vulnerabilities.

Motivation: Recognition, learning, or demonstrating system flaws.

Example: An individual hacks into a company’s system and informs them of vulnerabilities without seeking permission beforehand.

1.4 Script Kiddies

Description: Inexperienced attackers who use pre-written scripts or tools developed by others to launch attacks.

Motivation: Thrill-seeking or reputation building.

Example: A novice hacker launching a DDoS attack using a tool downloaded online.

1.5 Hacktivists

Description: Individuals or groups that hack systems to promote a political or social agenda.

Motivation: Ideological reasons, including protests against governments or organizations.

Example: Anonymous targeting government websites to protest certain laws or actions.

1.6 Insider Threats

Description: Attacks carried out by individuals within an organization who have access to sensitive information.

Motivation: Revenge, financial gain, or dissatisfaction.

Example: A disgruntled employee selling confidential company data to competitors.

2. Types of Attacks

Computer and information systems face a variety of attacks that exploit different vulnerabilities. These attacks can be broadly categorized into technical and non-technical (social engineering) types.

2.1 Phishing

Description: A social engineering attack where attackers trick individuals into revealing sensitive information by pretending to be a trustworthy entity (e.g., through emails).

Example: An email appearing to come from a bank asking users to enter their login credentials on a fake website.

Indian Case Study: In 2020, a phishing scam targeted Indian bank customers, resulting in stolen funds.

2.2 Denial of Service (DoS) & Distributed Denial of Service (DDoS) Attacks

Description: Attacks that overwhelm a system, network, or service, rendering it unavailable to legitimate users.

Example: Flooding a server with traffic, making it crash or slow down.

Indian Case Study: In 2019, DDoS attacks targeted Indian financial institutions, causing service disruptions.

2.3 SQL Injection

Description: A code injection attack where malicious SQL queries are executed on a database, potentially leading to data leakage.

Example: An attacker inserts a malicious query into a form input to access sensitive data.

Implementation:

SELECT * FROM users WHERE username='admin' -- AND password='';

Indian Case Study: In 2021, several Indian e-commerce platforms faced SQL injection attacks that exposed user data.

2.4 Ransomware

Description: Malware that encrypts a victim’s files, making them inaccessible until a ransom is paid.

Example: WannaCry ransomware attack that encrypted data on computers worldwide.

Indian Case Study: In 2021, Oil India Limited faced a ransomware attack that paralyzed operations.

3. Vulnerabilities in Computer and Information Systems

Understanding vulnerabilities is crucial for implementing robust security measures. These vulnerabilities are categorized into software, human, network, and physical weaknesses.

3.1 Software Vulnerabilities

Description: Bugs or flaws in software code that can be exploited by attackers.

Example: Unpatched operating systems that allow unauthorized access.

3.2 Human Vulnerabilities

Description: Errors or negligence by individuals, such as falling for phishing attacks or using weak passwords.

Example: Employees clicking on malicious email links.

4. Case Studies from India

4.1 Cosmos Bank Cyber Heist (2018)

Description: Attackers used malware on the bank's ATM server to steal ₹94 crores through duplicate debit cards and over 12,000 global transactions.

Attack Type: Malware and network exploitation.

Impact: Significant financial loss and a call for better cybersecurity protocols in banking.

4.2 Data Breach at Indian Oil Corporation (2019)

Description: Attackers used phishing attacks and malware to access data of over 5 million customers.

Attack Type: Phishing and malware.

Impact: Compromised customer data and operational disruptions.