IT security attacks come in a variety of flavors. Are you and your IT staff familiar with all of them?
A recent report from the Government Accountability Office examined the information available from public and private organizations to help agencies improve their cybersecurity.
The conclusion: There’s a lot of help out there, but more must be done to enforce those guidelines and incorporate them into security plans.
Part of improving IT security is knowing what threats are out there. Here’s the list of what the report identifies as the most common types of attacks government agencies and private organizations face, along with their definitions:
Cross-site scripting: An exploit in which attackers insert malicious code into a third-party website. This method is often used to take advantage of trusted websites by running attacks through an otherwise legitimate site.
Denial-of-service: An IT security attack that makes a computer or network resource unavailable to authorized users — for example, making a web server unavailable temporarily or indefinitely. One common method is overloading a targeted server with requests.
Distributed denial-of-service: A type of denial-of-service attack that’s carried out by multiple hosts.
Logic bomb: A piece of code that’s inserted into a system designed to carry out a malicious function at a later date, either at a specified time or when certain conditions are met. Examples of logic bombs include instances in which disgruntled exiting employees insert the code to disrupt the company’s network later.
Phishing: A form of social engineering that uses legitimate-looking emails to get victims to voluntarily turn over sensitive information. A common example is a phony bank email that gets recipients to give attackers their account numbers and passwords.
Passive wiretapping: Monitoring sensitive information, such as passwords, while it’s being sent over a network.
SQL injection: An IT security attack that inputs information into a website’s database to exploit vulnerabilities that could allow attackers to access or change the information in the database.
Trojan horse: A computer virus that’s disguised as a legitimate application. For example, a user may download a program that has or appears to have a useful function, but performs malicious activity once it’s installed.
Virus: A computer program that can copy itself and infect a computer without a user’s permission or knowledge.
War driving: An attack method that involves physically driving around an area searching for unsecured wireless networks. Once on an unsecured network, attackers can perform a variety of malicious activities.
Worm: A self-replicating, self-contained computer program that uses network mechanisms to spread itself. Unlike a virus, a worm requires no human interaction to spread itself.
Zero-day attack — An IT security attack that exploits a newly found vulnerability that’s unknown by the affected vendors or the general public.