Page 23 - index
P. 23
These individuals go into a computer with the intent of compromising information, or stealing
information. A grey hat hacker is a hacker who will go into a system, perform penetration
tests and vulnerability assessments, but he will “surf the Internet for vulnerable systems he
could exploit,” according to secpoint.com. Once the vulnerability is exposed, the attacker will
then perform the attack and offer the victim a fee to fix the infected system. The hackers that
are most dangerous are elite hackers who are known by their peers as the best of their kind.
These individuals can control the severity of the attack.
Then there are hackers of the complete opposite called script kiddies. These hackers are
individuals that have “little to no knowledge of the underlying concept” of the scripts that they
use which, in fact, are pre-written by professional hackers (secpoint.com). The idea of
hacking can be malicious, but it could be helpful as well.
If attacks are unwelcome, one will usually thwart them with intrusion prevention systems.
This quote explains the current views of protection: “Today, most networks are protected by
firewall technology. There are numerous types of firewall, but essentially they all work in the
same way: allow in the authorised traffic, filter the rest. The majority of purebred firewalls do
not apply any further filtering on the traffic beyond IP and service port source or destination
values.
Originally, network security seemed to be as simple as blocking IP addresses and filtering
ports” (Rowan). In this quote, Tom Rowan, a security consultant at Magirus, tells us that
firewall technology only provides a limited amount of protection these days. In order to detect
and block attacks more efficiently and effectively, one would need an intrusion prevention
system (IPS).
The reason that an IPS would block the more complex attacks is because most modern day
attacks must pass directly through the network. The IPS may then decide to stop traffic and
it has “the advantage that blocking actions will be completely effective” (Rowan). The most
common way IPSs detect unwanted activity is by signatures or rules, “a pattern within the
network traffic is matched against the shape of a known attack.” (Rowan). Another way that
an IPS can protect a network is by monitoring traffic rates. An IPS can detect and block the
packets with similar length and TCP checksum while letting the legitimate packets through.
IPSs are great defense mechanisms. However, there are different types of cyber events that
are completely out of our control.
There are two horrific cyber events that can change the face of technology forever:
cyberterrorism and cyberwarfare. Just recently, the CIA has been the victim of attempted
hacking events as well as denial of service attacks on their main computer. The attempted
attacks have also been targeted towards French, Israeli, and British defense agencies. Back
in February of this year, Internet security company Kaspersky Lab said that they “had
uncovered the most sophisticated cyber threat it had ever seen” called Mask (Harress). This
attack is expected to target any company they claim has brought harm to the public and the
planet such as oil and natural gas companies.
This attack is similar to that in 2012 when a virus called Flame attacked Iranian computers
and left them of no use. In response, President Obama has made cybersecurity a top priority
so none of our government systems are compromised or are even brought up in the
conversation of being threatened. President Obama has assigned a group of “cyberwarriors”
23 Cyber Warnings E-Magazine – April 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
