“Typical” cyber attacks and common vulnerabilities

“Typical” cyber attacks and common vulnerabilities

Henry Dalziel | Concise Courses, General Hacking Posts, Hacker Hotshots, Latest InfoSec News | September 4, 2013

A popular sound bite of 2013 is:

“There are now only two types of companies left in the United States: those that have been hacked and those that don’t know they’ve been hacked”

As we said in a previous blog post, arguably, if your website was to be hacked, the best thing that could happen would be for your site to be defaced! Why! Because at least that way the hacker has left a calling card and has publicly announced that your website and applications have been compromised. The worst thing in our opinion that can happen to a hobbyist blogger through to a huge multinational, is for the hackers to place a backdoor and for your IT and data to be opened and viewed (and shared) at will.

There are millions of possible vulnerabilities
The bad news is that there are millions of ways to get hacked, but the good news is that there are also plenty of resources to help defend your profile. Common Vulnerabilities and Exposures (CVE) is a database for publicly known information security vulnerabilities. If you are interested in IT security then we’d certainly recommend that you learn more about this resource. It’s also worth mentioning the Security Focus mailing lists which also represent an excellent resource in discovering zero-days and vulnerabilities. Every information security professional should be monitoring and subscribed to these resources.

“Typical” cyber attacks
There is no real “typical” cyber attack. The reason for that is because every successful cyber attack involves countless variables dependent on the various types of hardware and legacy variations and builds. If we had to define a “typical attack” however, we’d base that upon the hackers being able to successful penetrate a misconfigured server/ or web application, or to breach IT systems that have not had patches applied, or for example, networks that have not been properly closed off using the correct firewalls or Intrusion Detection Systems.

With reference to “web application hacking” we recently launched a course that might be of interest titled: “Learn How To Hack And Defend Your Website In Just 3 Hours”. This course is aimed at all levels of professionalism, but is particularly suited to Security Analysts and System and Network Security Administrators who want to learn how to hack Web Applications – which arguably is the most popular attack vector!

Rather than use the term “typical cyber attacks” it might be better to use “common hacking methodologies” and within that description here are a few constantly recurring attack categories: SQL Injection, (Spear) Phishing, Social Engineering, XSS Cross-Site Scripting, Malware Injection and Java Drive-by’s. If you can think of another category please chime-in and drop a comment below, we’d love to hear from you!

In summary
We have clearly only scratched the surface here but what we do know, here at Concise Courses, is that we feel that the most common and easily launched attack is against popular web applications. That is why we created our Web Application Security Course. What are your thoughts? What do you feel is the most common hack? The other main point that this post does not cover is addressing what it is that is being hacked? Different Operating Systems and applications require different attack strategies. To explain that better, a SCADA system attack would be executed by ‘common attack strategies’ that are specifically targeted to SCADA systems, whereas an attack directed towards a Content Management System would contain completely different ‘common attack strategies’.

We will certainly be fleshing out this topic over the next several months, but as always, your feedback is greatly appreciated!

Leave a comment or reply below...thanks!