Chapter 7. Attacks and Threats

IN THIS CHAPTER

  • Malicious code

  • Review of common attacks

  • External attack methodologies overview

  • Internal threat overview

Attacks are going to occur so knowing how to detect and respond to attacks is a critical skill set for working in cyber security. Formal methods and procedures have been developed to provide a structured approach to this difficult problem. By understanding the various attacks and threats an organization can build more robust defensive measures.

This chapter discusses these techniques as well as the different types of attacks.

Malicious Code

Malicious code is intended to harm, disrupt, or circumvent computer and network functions. This code can be mobile, such as Java applets or code in the Active X environment. It can also attach itself to legitimate code and propagate; it can lurk in useful applications or replicate itself across the Internet. The following sections describe these different types of malware.

Viruses

A virus is code that attaches to a host program and propagates when the infected program is executed. Thus, a virus is self-replicating and self-executing.

Viruses are transmitted in a variety of ways, including as part of files downloaded from the Internet or as e-mail attachments.

Viruses and closely related types of code fall into the following categories:

  • Macro viruses— These viruses are one of the most common types found and these infect applications such as Microsoft Word or Excel. Recall that a macro is a set of low-level instructions ...

Get Network Security Bible, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.