What are the Type of Attack in Operating System?
An attack is an information security threat that involves an attempt to obtain, alter, destroy, remove, implant or reveal information without authorized access or permission. It happens to both individuals and organizations. There are many different kinds of attacks, including but not limited to passive, active, targeted, clickjacking, brandjacking, botnet, phishing, spamming, inside and outside. An attack is one of the biggest security threats in information technology, and it comes in different forms. A passive attack is one that does not affect any system, although information is obtained. A good example of this is wiretapping. An active attack has the potential to cause major damage to an individuals or organizations resource because it attempts to alter system resources or affect how they work. A good example of this might be a virus or other type of malware.
Type of Attack in Operating System
i) Active attacks:
An active attack attempts to alter system resources or affect their operations. Active attack involve some modification of the data stream or creation of false statement. Types of active attacks are as following:
Masquerade attack takes place when one entity pretends to be a different entity. A Masquerade attack involves one of the other forms of active attacks.
2. Modification of messages
It means that some portion of a message is altered or that message is delayed or reordered to produce an unauthorized effect. For example, a message meaning. Allow JOHN to read confidential file X is modified as Allow Smith to read confidential file X.
This attack is done by either sender or receiver. The sender or receiver can deny later that he/she has send or receive a message. For example, customer asks his Bank. To transfer an amount to someone and later on the sender (customer) deny that he had made such a request. This is repudiation.
It involves the passive capture of a message and its subsequent transmission to produce an authorized effect.
5. Denial of Service
It prevents normal use of communication facilities. This attack may have a specific target. For example, an entity may suppress all messages directed to a particular destination. Another form of service denial is the disruption of an entire network wither by disabling the network or by overloading it by messages so as to degrade performance.
ii) Passive Attacks:
A Passive attack attempts to learn or make use of information from the system but does not affect system resources. Passive Attacks are in the nature of eavesdropping on or monitoring of transmission. The goal of the opponent is to obtain information is being transmitted.
Types of Passive attacks are as following:
1. The release of message content
Telephonic conversation, an electronic mail message or a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions.
2. Traffic analysis
Suppose that we had a way of masking (encryption) of information, so that the attacker even if captured the message could not extract any information from the message. The opponent could determine the location and identity of the communicating host and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place.
Malware is malicious software used to breach information systems by exploiting network vulnerabilities. This usually happens when users click links and attachments that install harmful software. There are different types of malware including spyware, ransomware, viruses, and worms. Malware can have a variety of malicious capabilities:
- It can block access to the network or parts of the network
- It can install other malware
- It can secretly copy data from the hard drive and transmit it
- It can disrupt the system and make it inoperable
According to the NTT Security 2018 Global Threat Intelligence Report, ransomware attacks increased globally by 350% in 2017 compared to 2016. Its therefore important that organizations prepare for such attacks. Web application penetration testing can identify vulnerabilities within an organizations website before cyber criminals can exploit them.
Phishing is a social engineering attack entailing fraudulent communications appearing to come from a trusted source. Attempts to steal sensitive information or trick people into installing malware often come via email. Phishing is the leading cause of cyber-attacks worldwide. As such, staff must be trained to recognize phishing emails and what to do when they receive one. Our Phishing Staff Awareness Course will prepare your employees to be alert, vigilant, and secure.
v) Man-in-the-middle attack
A MITM (man-in-the-middle) attack is one where the attacker intercepts and relays messages between two parties who believe they are interacting with one another. It is also known as an eavesdropping attack, and once attackers are in the conversation, they can filter, manipulate, and steal sensitive information. One way to protect your organization from such attacks is to encrypt data. Companies should also put in place auditing and monitoring so that they are kept aware of staff activities. Learn more about how your organization can implement effective information audits.
vi) Distributed denial-of-service attack
DDoS (distributed denial-of-service) attacks bombard an organizations central server with simultaneous data requests. Multiple compromised systems are used to generate these data requests. A DDoS attack aims to stop the server from fulfilling legitimate requests, providing a situation for criminal hackers to extort the victim for money. The timeline of a DDoS attack can vary, with 15% of attacks lasting as long as a month. Blindly implementing solutions to protect against DDoS attacks only resolves the immediate problem and leaves vulnerabilities in the system as a whole. Using a risk assessment tool takes a strategic approach to identify areas of vulnerability for DDoS attacks.
vii) SQL injection
SQL (Structured Query Language) is used in programming and is designed to manage data in relational database management systems. During SQL injections, criminal hackers insert malicious code into the server that uses SQL, which makes the server reveal sensitive information. SQL injections can be prevented by monitoring users in the application with whitelisting and blacklisting. They can also be protected against using network prevention systems such as firewalls.
viii) Zero-day exploit
When a network vulnerability is announced, there is a window of time before a patch or solution is used to fix the issue. Within that timeframe, cyber attackers will exploit the vulnerability. Constant monitoring is necessary in order to protect against this form of cyber-attack. Infrastructure penetration testing can identify your networks vulnerabilities before cyber criminals do.
ix) Cyber-attack prevention
With all the different types of cyber-attacks, its important to implement an ISMS (information security management system). ISO 27001 is the international standard that describes best practice for an ISMS. Achieving certification to ISO 27001 demonstrates to existing and potential customers that an organization has defined and put in place best-practice information security processes.