Computer Systems Security Threats

Man wearing Anonymous mask in a server room

A Comprehensive List of Security Threats

In the digital age, our computers are the gateways to a world of information, communication, and limitless possibilities. Yet, as we traverse this virtual landscape, we must also navigate a battlefield of security threats that lurk in the shadows, ready to pounce on vulnerabilities and disrupt our digital lives. Welcome to our comprehensive guide on the security threats that have the potential to undermine your Windows, Mac, or Linux digital fortress. From cunning hackers and insidious viruses to stealthy malware and relentless phishing attacks, our journey is dedicated to understanding, combating, and ultimately conquering these adversaries.

Type of Attack

  • Social Engineering.
  • Malware.
  • Software based Threats.
  • Network Based Threats.
  • Wireless Threats.
  • Physical Threats.

Hackers

Hackers are individuals who have the skills to gain access to computer systems through unauthorized or unapproved means.

Type of Hacker

  • Black-Hat – A hacker who discovers & attacks security vulnerabilities without consent for financial gain or some other malicious purpose.
  • White-Hat – A hacker who discovers & exposes security flaws in applications & operating systems with organizations consent.
  • Grey-Hat – A hacker who exposes security flaws in applications & operating systems without consent but is not a Black-Hat because they do it for good cause not greed.

Crackers

Crackers are individuals who break encryption codes, defeats software copy protections, or specializes in breaking into systems.

Threat Actors

A threat actor is entity that is partially or wholly responsible for an incident that affects or potentially affects an organizations security. Also referred to as malicious actor.

These threat actors could be:

  • Script Kiddies
  • Hacktivists
  • Organized Crime Gangs
  • Nation States
  • Insiders
  • Competitors.

Social Engineering

Social Engineering is where a Threat Actors goal is to use deception to convince unsuspecting users to provide sensitive data or to violate security guidelines.

Open-Source Intelligence (OSint)

OSint is legally gathering information from publicly available sources.

Physical Exploits

  • Shoulder Surfing.
  • Dumpster Diving.
  • Tailgating.
  • Piggybacking.
  • Watering Hole Attacks.

Malicious Code

Malicious code is undesired or unauthorized software that is placed on a target computer to disrupt operations or to redirect system resources for the attacker’s benefit.

Malware

Malicious code like viruses, trojan’s or worms are designed to gain access to snoop on or damage computer systems & networks.

Rootkit

Software designed to take control of a system at the lowest level.

Virus

Malicious code that replicates itself from one computer to another by attaching itself to files.
User action triggers the process.

Worm

A worm is malware that spreads from system to system without attaching itself to other files.

Spyware

Spyware is malware that obfuscates itself so not to be noticed while it tracks & reports the usage on the target system or collects other data the attacker needs.

Adware

Adware is software that automatically displays or downloads advertisements when it is triggered.

Trojan

Trojans are malware that hides itself on an infected system & can cause damage to the system or give access for the threat actor to monitor or control the system.

Remote Access Trojans

The remote access Trojan provides unauthorized access outside of the organizations network to the threat actors system.

Keyloggers

A keylogger is a hardware or software application that logs every keystroke made by the victim.

Logic Bombs

A Logic Bomb is code that sits dormant on a victim’s computer until it’s triggered by a specific condition, usually a date & time.

Botnets

A Botnet is a collective of computers that have been infected by a master control program known as the Bot. The exploited systems are known as Zombies or Drones. The Bot gives control of every Zombie inside the Botnet to the threat actor to carry out attacks on a targeted victims system.

Ransomware

Ransomware is software that enables an attacker to take control of a victim’s system & encrypts system files until a demand is met usually a payment in Bitcoin.

Advanced persistent Threats

APT’s use multiple attack vectors for longevity in a system to keep unauthorized access to sensitive resources.

Software Attacks

A Software Attack is any attack that targets software resources including operating systems, applications, services, protocols or files.

Password Attacks

A Password Attack is used to gain unauthorized access to a system using passwords.

Cryptographic Attacks

A Cryptographic Attack is a software attack that exploits weaknesses in cryptographic system elements such as code, ciphers, protocols & key-management systems.

Backdoor Attacks

A Backdoor is a mechanism put in place allowing a threat actor to bypass usual authentication methods.

Application Attacks

Application Attacks target web-based & other Client-Server applications.

Zero Day Exploit

A Zero Day or 0-day is a vulnerability either unknown to vendors or is known to vendors but has no Patch yet.

Buffer Overflow Attack

A Buffer Overflow Attack is where the threat actor exploits the fixed data buffer size in a target’s software. It sends data packets that are too large for the buffer, causing the application to crash.

Driver Manipulation

Driver Manipulation is when the Attacker rewrites or replaces original drivers or the Application Programming Interface (API) to enable malicious activity to be performed.

Shimming

Shimming is the process of developing & implementing additional code between an application & the operating system to enable functionality that wouldn’t normally be there.

Refactoring

Refactoring is the process of restructuring application code to improve its design without affecting the external behavior of the application, or to enable it to handle particular conditions.

Privilege Escalation

Privilege Escalation is the practice of exploiting flaws in a computers operating system to give the attacker a higher level of access to the system.

Vertical Escalation

Vertical Escalation is when a user or application is able to access functionality & data that shouldn’t be available to them.

Horizontal Escalation

Horizontal Escalation is when a user accesses functionality & data that is intended for another user but has the same level of access.

Spoofing Attacks

A Spoofing Attack is a network-based attack where the attacker impersonates someone else to conceal their identity.

IP Address Spoofing

IP Address Spoofing is when the Attacker sends IP packets from a fake source IP address to communicate with the target.

MAC Address Spoofing

MAC Address Spoofing is when the traffic intended for a system is redirected to the spoofed MAC address.

ARP Poisoning

ARP poisoning is an attack where the attacker has access to the target network & redirects an IP address to the MAC address of a computer that is not the intended recipient.

DNS Poisoning

DNS Poisoning is a network-based attack where an attacker exploits the open nature of DNS to redirect a domain name to a different IP address.

Port Scanning

Port Scanning is a network-based attack where the attacker scans systems to see which ports are listening in an attempt to gain unauthorized access.

Eavesdropping Attacks

Eavesdropping Attacks also known as Sniffing, the attacker uses special monitoring software to gain access to private communications on the network wire or across a wireless network.

Man in the Middle Attack

A Man in the middle Attack is like Eavesdropping Attacks but the attacker makes an independent connection between two victims & steals data to use fraudulently.

Man in the Browser Attack

Man in the browser Attack is a network-based attack that combines a man in the middle attack with the use of a Trojan horse to intercept & modify web transactions in real time.

Replay Attacks

Replay Attacks are a network-based attack where an attacker captures network traffic & stores it for re-transmitting at a later time to gain unauthorized access to a specific host or network.

DoS Attacks

DoS Attacks are a network-based attack where the attacker tries to disrupt or disable systems that provide network services.

DDoS Attacks

DDoS Attacks are a network-based attack where the attacker uses multiple computers on different networks to launch a DoS attack from many simultaneous sources.

Hijacking Attacks

Hijacking Attacks are a group of network-based attacks where the attacker gains control of the communication between two systems, often masquerading as one of the entities.

Clickjacking

With Clickjacking the attacker hides links under other web page elements.

DNS Hijacking

DNS Hijacking is when the attacker sets up rogue DNS server to responds to legitimate requests with IP address for malicious or non-existent websites.

Domain Hijacking

Domain Hijacking is when domain registration data is altered & transferred.

Session Hijacking

Session Hijacking is when the attacker exploits a legitimate computer session.

URL Hijacking

URL Hijacking is when the attacker registers domain names that closely resemble legitimate web addresses.

Amplification Attacks

Amplification Attacks are a network-based attack where the attacker dramatically increases the bandwidth sent to a victim during a DDos Attack. There are a few different styles of attack including ICMP, DNS, UDP, NTP amplification attacks.

Pass The Hash Attacks

Pass The Hash Attacks is a network-based attack where the attacker steals hashed user credentials & uses them to authenticate themselves as that user.

Rogue Access Points

Rogue Access Points is an unauthorized wireless access point on an organizations or private network.

Evil Twin Attacks

Evil Twin Attacks are unauthorized wireless access points that deceive users into believing that they are legitimate network access points.

Jamming

Jamming is where Radio waves from other devices interfere with the wireless signals used to communicate over the wireless networks.

Bluejacking

Bluejacking is a wireless attack where an attacker sends unwanted Bluetooth signals from a smartphone, mobile phone, tablet or laptop to other Bluetooth devices.

Bluesnarfing

Bluesnarfing is a wireless attack where an attacker gains access to unauthorized data on a wireless device by using a Bluetooth connection.

Near field Communication Attacks

NFC is a communication standard for wireless devices in close physical proximity (almost touching)

RFID System Attacks

RFID is a technology that uses electromagnetic fields to automatically identify & track tags or chips affixed to selected objects & storing data about the objects.

War Driving and War Walking

War driving or war walking is a wireless threat where an attacker searches for wireless Lan networks while in motion by using wireless devices such as mobile phones, smart phones, tablets & laptops.

War Chalking

War Chalking is where the attacker uses symbols to markup sidewalks or walls to indicate the presence & status of a nearby wireless network.

Packet Sniffing

Packet Sniffing is a wireless attack where an attacker uses a protocol analyzer to capture data & register data flows.

IV Attacks

IV Attack is a wireless attack where the attacker predicts or controls the IV used in an encryption process, rendering the encrypted data vulnerable to access by the attacker.

Wireless Replay Attacks

Wireless Replay Attacks are used with IV attacks to break weak encryption.

WEP Attacks

WEP (Wired Equivalent Privacy) Is a deprecated protocol that provides 64-bit ,128-bit & 256-bit encryption for wireless communications using the 802.11a & 802.11b protocols.

WPA Attacks

WPA (Wi-Fi Protected Access) Is a wireless encryption protocol that generates a 128-bit key for each packet sent. Superseded by WPA2.

WPS Attacks

WPS Attacks is a wireless attack where an attacker leverages the insecure nature of WPS that allows wireless network connections based on an 8-digit PIN to drastically reduce the number of attempts it takes to crack the PIN.

Wireless Disassociation

Wireless Disassociation is a wireless attack where the attacker spoofs the MAC address of a wireless access point to force a target device to try & re-associate with the WAP.

Physical Threats & Vulnerabilities

Physical Threats & Vulnerabilities are general threats & vulnerabilities associated with risk assessment.

Hardware Attacks

Hardware Attacks are attacking a targets computers physical components & peripherals including its hard disk, motherboard, keyboard, network cabling or smart card readers.

Environmental Threats & Vulnerabilities

Environmental Threats & Vulnerabilities could be

  • Fire
  • Flood
  • Extreme Temperature
  • Extreme Humidity

Conclusion

Daunting as this array of threats may seem, it’s vital to remember that awareness and vigilance are your greatest allies. The digital battlefield is one of constant evolution, where new threats emerge, and established ones adapt.

In this ongoing battle for digital security, knowledge is your greatest weapon. Keep this guide as a beacon of awareness and an ever-evolving reference, ready to combat the security threats that dare to challenge the sanctity of your Windows, Mac, or Linux systems.

Stay Safe Folks!

Check out our library of Windows guides here: Windows Guides

Microsoft Support: https://support.microsoft.com/

Luke Barber

Hello, fellow tech enthusiasts! I'm Luke, a passionate learner and explorer in the vast realms of technology. Welcome to my digital space where I share the insights and adventures gained from my journey into the fascinating worlds of Arduino, Python, Linux, Ethical Hacking, and beyond. Armed with qualifications including CompTIA A+, Sec+, Cisco CCNA, Unix/Linux and Bash Shell Scripting, JavaScript Application Programming, Python Programming and Ethical Hacking, I thrive in the ever-evolving landscape of coding, computers, and networks. As a tech enthusiast, I'm on a mission to simplify the complexities of technology through my blogs, offering a glimpse into the marvels of Arduino, Python, Linux, and Ethical Hacking techniques. Whether you're a fellow coder or a curious mind, I invite you to join me on this journey of continuous learning and discovery.

Leave a Reply

Your email address will not be published. Required fields are marked *

Verified by MonsterInsights