Identifying threats to the enterprise
Based on the source of the threat, attacks can be broadly classified into the following types:
- Internal
- External
- Hybrid
Internal threats
Threats or attacks that originate from within the network or organization are classified as internal threats. These can be intentional or unintentional.
Typically, such threats involve an insider with a mala fide intention, insider knowledge and/or access. This insider is looking to steal, misuse, modify, corrupt, or destroy enterprise resources. Quite naturally, the insider has no intention of getting caught and hence, makes every attempt to cover their tracks. However, as we will see later in this chapter, every interaction with the crime scene leaves a trace as per Locard's ...
Get Learning Network Forensics now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.