ISSC421 APUS Common Security Exploits and Attacks Discussion Response
I need to respond to the following two students discussions with at least 150 words each. Below in bold are what the students are answering.
Below is a list of common security exploits and attacks. Review the list.
Replay Attacks
Insertion Attacks
Fragmentation Attacks
Buffer Overflow Attacks
XSS Attacks
Man-in-the-Middle Attacks
Hijacking Attacks
Spoofing Attacks
Covert Channels
DoS
DDoS
Botnet Attacks
Social Engineering Attacks
Decide which attack you consider to be the worse kind.
List the attack’s name you selected.
Explain your reasons for determining this to be the worst kind of attack.
Locate an incident in which the attack was used to exploit an organization.
List the URL and describe the attack.
Provide the outcome, was the attack successful or foiled.
What steps were taken (or should be taken) to circumvent this type of attack from happening again?
Student one:
Greetings Class,
Global cybercrime is on the rise impacting nearly every industry across the world. To combat cybercrime, organizations must to take proactive measures to identify the most costly threats. The following are examples of the worst and most costly type of cyber-attacks.
According to the Ponemon institute, the most costly cyber-attacks are from Malware and web-based attacks. In 2018, the cost of cybercrime to the American economy was 27.37 million dollars (Ponemon, 2019). Malware accounted for $2.6 million dollars while web-based attacks accounted for $2.27 million dollars (Ponemon, 2019). This was followed up by Denial-of-Service attacks at 1.7 million dollars and malicious insider attacks at 1.6 million dollars (Ponemon, 2019). Furthermore, malicious insider attacks had the greatest increase in frequency at 15% (Ponemon, 2019). Historically, Malware continues to be the greatest threat to organizations and directly contributes to lost revenue.
One of the worst Malware attacks in 2018 is called Emotet. According to us-cert.gov, “Emotet is an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware affecting state, local, tribal, and territorial (SLTT) governments, and the private and public sectors (US-Cert, 2019).” Furthermore, Emotet spreads like a worm through network resources and has costed the governments up to “$1 million per incident to remediate (US-Cert, 2019).”
Like many cyber-attacks, Emotet uses a combination of methods to infect organizations. Typically, Emotet is spread through spearfishing by using malicious URLs within spam e-mails (Trend Micro, 2019). After a user clicks the download link, the malware downloads and executes its payload automatically (Trend Micro, 2019). One example of the Emotet’s abilities occurred at a North Carolina school district, where the school’s workstations were infected (Schafhauser, 2018). The IT staff attempted to re-image the computers but even after re-imaging the computers immediately became re-infected. Overall, estimated damages are $314,00 dollars (Schaffhauser, 2018).
-Regards,
Stephen
References
Ponemon Institute (2019). The Cost of Cybercrime. Retrieved from. https://www.accenture.com/t20190305T185301Z__w__/us-en/_acnmedia/PDF-96/Accenture-2019-Cost-of-Cybercrime-Study-Final.pdf#zoom=50
US CERT (July 20, 2018) Emotet Malware. Retrieved from https://www.us-cert.gov/ncas/alerts/TA18-201A
Trend Micro (2019) Exploring Emotet’s Activities. Retreived from https://documents.trendmicro.com/assets/white_papers/ExploringEmotetsActivities_Final.pdf
Schaffhauser, Diane (January 2018). NC District hit with Malware costing $314,000 for cleanup. Retrieved from https://thejournal.com/articles/2018/01/12/nc-dist”¦
Student two:
This week we will decide from a provided list which attack we consider the worse kind: (Replay attacks, Insertion attacks, Fragmentation attacks, Buffer Overflow attacks, XSS attacks, Man-in-the-Middle attacks, Hijacking attacks, Spoofing attacks, Covert Channels, DoS, DDoS, Botnet attacks, or Social Engineering attacks.
List the attacks name: My choice is a combination of spoofing and a DDoS attack.
Explain your reasons for determining this to be the worst kind of attack. Currently spoofing does not have a direct way to be prevented by changing a setting. The reason is that hackers take a good none MAC or IP address and use it as a mask to complete their hack. This way traffic appears to be coming from the correct location. DDoS attacks take a huge network of compromised computers around the globe and use them to spam particular targets in the hopes of overloading their network. Think of this like pop ups to the max, the more you close the more open and the cycle continues forever until you give up or turn the power off. Now instead of a few hundred pop ups, imagine you had a few million constantly popping and you see the problem. In addi