Unit 32
Ali Ghanem; 723202
Task1:
P1 + D1:
Attacks:
Types of attacks:
Denial-of-service attack: The DoS attack is the kind of attack that happens when a hostile
cyber threat actor prevents legitimate users from accessing information systems, devices, or
other network resources. Emails, websites, online accounts (such as banking), and other
services that rely on the compromised machine or network may be disrupted. This attack is
carried out by flooding the targeted host or network with traffic until it becomes unable to
react or simply just fails, denying genuine users’ access. While an organisation’s resources
and services are unavailable, DoS attacks can cost them both time and money. There are
few different methods to perform a DoS attack, however, the most common one is when
the attacker floods a network server with traffic, and this means that he sends multiple
requests to the target server overloading it with traffic. We also have a DDoS attack which is
the same as the DoS but the difference is that in this case there will be more than one
computer or device used to flood that targeted resource.
There are several DDoS attacks that happened to famous companies across the world:
The Google Attack, 2017; The AWS DDoS Attack in 2020; The Mirai Krebs and OVH DDoS
Attacks in 2016; The GitHub Attack in 2018.
, Unit 32
Ali Ghanem; 723202
The AWS DDoS attack that happened in 2020 was one of the largest attacks ever as it had
fired 2.3 Tbps, AWS reported. The company noted in an official report on its DDoS security
service, AWS Shield, that the attack’s peak was 44 percent larger than anything the service
has seen before, resulting in three days of “elevated threat” status. However, it did not
specify whose website or online service had been attacked.
Backdoor attack: in general, a backdoor attack is a type of breach in which hackers use
deception and proper hiding to install malware that can bypass a network’s normal security
requirements and authentication. Backdoors are designed to blend in with other
applications, such as a file converter, a suggested download, or a software update, although
some cyber-attacks are clearer and more noticeable (such as a ransomware attack or
phishing attempts).
WordPress uses the script language PHP to build up all their domains, however, in the 28th of
March 2021, they reported that it had been compromised by a backdoor attack that
included a remote code injection into a PHP script change. When the code was put into a
website’s language as part of a minor update, it opened the door for the hackers to
remotely take control of any PHP website. This sort of attack can only be prevented by the
, Unit 32
Ali Ghanem; 723202
continuous check of the servers and by increasing the security over the websites. Especially
a company like WordPress, as their website is used to create hundreds of other people’s
websites.
Spoofing: Spoofing occurs when an attacker pretends to be a legitimate device or user in
order to steal data, spread a malware, or get around access control measures.
There are several types of spoofing attacks, but the most common ones are:
IP address spoofing - Attacker sends packets over the network from a false IP
address
ARP spoofing - Attacker links their MAC address to an authorized IP address already
on the network
DNS spoofing - Attacker initiates a threat such as cache poisoning to reroute traffic
intended for a specific domain name traffic to a different IP address
An example of a spoofing attack is Email spoofing, it happens when an attacker sends emails
with incorrect sender addresses, which is technically part of a phishing scam. These types of
spoofing attacks are planned to steal the victim’s information, infect his computer
with malware, or simply blackmail him for money. These emails may also use social
engineering to convince the victim to reveal sensitive data.
DNS spoofing attack:
Mathematical attacks: this attack entails attempting to decrypt data using computation
based on the encryption algorithm’s mathematical properties. Using strong encryption (128
, Unit 32
Ali Ghanem; 723202
bit) instead of a weaker encryption is the best technique to avoid data decryption (both 40
and 56-bit encryption can easily be broken).
Brute force attacks: A brute force attack involves guessing login information, encryption
keys, or locating a hidden web page by trial and error. Hackers try all conceivable
combinations in the hopes of making the right guess. These attacks are carried out using
“brute force”, which means that they try to force their way into your private account by
using extreme force or forces. Even though this is an old school kind of attack, but it is still
effective and popular with hackers, as based on the complexity and the length of the
password, cracking it can few seconds up to many years. Hacking using brute force would
make the hacker benefit by:
Profiting from ads or collecting activity data
Stealing personal data and valuables
Spreading malware to cause disruptions
Hijacking your system for malicious activity
Ruining a website’s reputation
An example of a Brute force attack:
Tesco has suffered from a Brute force attack; thousands of accounts were compromised by
an unauthorised third party where the hackers used a combination of usernames and
passwords that were leaked from somewhere else and then used to do a brute force attack.
The company reported that no financial details were leaked, and they took immediate
actions towards the activity. Tesco has then issued 600K new loyalty cards to the customers.
It is true that cyber-attacks have increased so much in the last couple of yours, but we
should adapt with this reality too. I suggest that users should always create strong
passwords, but still easy to remember. An example could better be 8 characters long, and a
combination of uppercase and lowercase letters, numbers, and symbols.
