Computers and supporting networks have become ingrained into nearly every aspect of American culture, from the public to the private, confidential, and even top secret. This scope of network usage makes Network Security of the utmost importance. The top impacts of corporate security breaches are extortion and data theft (IBM Security X-Force, 2023). As Check Point (n.d.) succinctly puts it, "Network Security protects your network and data from breaches, intrusions, and other threats" (p. 1). Network attacks can come in various forms, often mixing cyberspace attacks and social engineering.
For our purposes in this post, a cyberspace attack will refer to any network attack that is primarily a digital-to-digital attack. A denial of service (DoS) is a type of cyberspace attack against a website or service. In a DoS attack, the attacker uses either an overwhelming volume of requests or specially formatted requests to overwhelm or crash a server making it unable to process requests from legitimate users. The legitimate users being denied access to the service is the source of the term (Vahid & Lysecky, 2019). Generating a Ping of Death (PoD) is one method of DoS. Pings are Internet Control Message Protocol (ICMP) echo requests, a helpful tool used in general monitoring, maintenance, and troubleshooting network connection between two devices. A Ping is corrupted into a PoD cyberspace attack by either oversizing or malformed the IP packets so that the receiving system crashes when trying to reassemble the message. The threat of PoD is mitigated by checking the request parameters and filtering out the high-risk ones (Radware, n.d). PoD are one example of attacks between network systems.
By contrast, social engineering is when network attacks focus on taking advantage of the human element in network systems. By focusing on the human vulnerabilities prevalent in every computer system worldwide, attackers can bypass digital security to achieve their goals (Wang et al., 2021). The aim is to use deception to get an individual to reveal sensitive information or credentials, install malware, or commit fraud (IBM Security X-Force, 2023; National Institute of Standards and Technology, n.d.). While there are several ways to deceive people, IBM's X-Force (2022) found that 41% of all network attacks started with a Phishing scheme. Phishing is a play on the word "fishing," as social engineering will use bait to get the user to perform an action. This bait is usually an email intended to evoke an emotional response, commonly fear - "follow this link and log in to unfreeze your bank account" or hope - "provide me this information or follow these steps and you will earn a large payout." When the target takes the bait, they click on a link that either downloads malware to their computer or takes them to a convincing yet fake login page where they provide login credentials to the attacker (Wang et al, 2021). Corporations can implement software solutions that help reduce the effectiveness of social engineering. Most malware can be blocked with OS security not allowing the installation of any programs. They can also implement multi-factor authentication in which credentials are paired with another element, like fingerprints or one-time text pins, to allow access to a system (Indusface, n.d.). Many companies have also enabled consumers to use multi-factor authentication to protect their accounts. While these defenses undoubtedly help protect networks, social engineering remains effective and is likely here to stay.
Bad actors are likely to use a combination of cyberspace attacks and social engineering to achieve their goals. Bad actors can start with a Phishing scam that results in many casual computer users having some malware installed on their computers. This malware acts as a dormant bot, waiting on the host computer for an activation signal. These computers make up a network of bots referred to as a botnet. Upon receiving that signal, the botnet activates, flooding a service with requests from each member. With the botnet activated, suddenly, traffic increases by a drastic amount that the service is not designed to handle, and it crashes. This kind of DoS attack from a wider network of computers is called a distributed denial of service (DDoS) attack. While a DoS attack with its single source can simply be blocked upon detection, the distributed nature of the source of DDoS makes blocking bad traffic harder because you want to keep good traffic. Blocking everything still denies the service's functionality, which is a win for the bad actor. While protecting against botnet DDoS attacks is more challenging, it is not impossible. One DDoS defense is rate limiting, which blocks specific device requests after reaching a certain number (PingIdentity, n.d.). Bad actors can combine and layer social engineering and cyberspace attacks to harm networks in countless other ways or users.
This post only touchs the tip of the iceberg regarding cyberspace attacks, social engineering, and network security. Network attacks will come in various forms depending on the attackers' goals and means. Network security is a balance of protecting sensitive information and systems from bad actors while still allowing access to those who need it.
IBM Security X-Force. (2023). X-Force Threat Intelligence Index 2023. IBM Security. https://www.ibm.com/downloads/cas/DB4GL8YM
Indusface. (n. d.) 10 Ways Businesses Can Prevent Social Engineering Attacks. https://www.indusface.com/blog/10-ways-businesses-can-prevent-social-engineering-attacks/
National Institute of Standards and Technology. (n.d.) Social Engineering. In Computer Security Resource Center Glossary. Retrieved July 16, 2023, from https://csrc.nist.gov/glossary/term/social_engineering
PingIdentity. (n.d.) What Is a Distributed Denial of Service (DDoS) Attack? https://www.pingidentity.com/en/resources/cybersecurity-fundamentals/threats/distributed-denial-of-service-ddos-attack.html
Radware. (n.d.) What is a Ping of Death (PoD) Attack? https://www.radware.com/security/ddos-knowledge-center/ddospedia/ping-of-death/#:~:text=A%20Ping%20of%20Death%20(PoD)%20attack%20is%20a%20form%20of,memory%20errors%20and%20system%20crashes
Vahid, F., & Lysecky, S. (2019). Computing technology for all. zyBooks
Wang, Z., Zhu, H., & Sun, L. (2021). Social Engineering in Cybersecurity: Effect Mechanisms, Human Vulnerabilities and Attack Methods. IEEE Access, Access, IEEE, 9, 11895–11910. https://doi.org/10.1109/ACCESS.2021.3051633
No comments:
Post a Comment