access control
qkiii123
peerreview.docNaresh Avudootha
Week 4 - Discussion
窗体顶端
I will use the social engineering techniques such as phishing attack; tailgating and watering hole. This tricky technique manipulates the users to surrender their sensitive information without knowing it. A watering hole attack is a malware attack in which the attacker finds the websites often visited by a person or a particular group, and infects those sites with malware. A watering hole attack has the ability to infect the persons of the targeted victim group. Although uncommon, a watering hole attack does have a significant threat to websites, as these attacks are difficult to detect.
The following are some watering hole attack examples from the year 2017 to year 2019.
2017 Montreal-based International Civil Aviation Organization attack:
There was an organization-level watering-hole attack in Montreal from 2016-2017 by an unknown entity causing an information breach.
2017 CCleaner attack
From August to September 2017, the installation binary of CCleaner distributed by the vendor's download servers included malware. CCleaner is a popular tool used to clean potentially unwanted files from Windows computers, widely used by security-minded users. The distributed installer binaries were signed with the developer's certificate making it likely that an attacker compromised the development or build environment and used this to insert malware.
2017 NotPetya attack
In June 2017, the NotPetya (also known as ExPetr) malware, believed to have originated in Ukraine, compromised a Ukrainian government website. The attack vector was from users of the site downloading it. The malware erases the contents of victims' hard drives.
2018 Chinese country-level attack
There was a country-level watering-hole attack in China from late 2017 into March 2018, by the group "LuckyMouse" also known as "Iron Tiger", "EmissaryPanda", "APT 27" and "Threat Group-3390.
2019 Holy Water Campaign
In 2019, a watering-hole attack, called Holy Water Campaign, targeted Asian religious and charity groups.[17] Victims were prompted to update Adobe Flash which triggered the attack. It was creative and distinct due to its fast evolution. Motive remains unclear.
窗体底端
Adithya Reddy Vatti
Discussion 4
窗体顶端
Technical Controls and User Behavior
Application of social engineering techniques would be the most preferred technique if in need of gaining access to a network. Social engineering depends on human error which makes it dangerous (McIIvennie et al.,2020). It can be applied also in the instances where there are no vulnerabilities in the operating systems and software (McIIvennie et al.,2020). The mistakes that have been made by the legitimate users are also considered to be less predictable (Yang et al., 2013). This makes them difficult to be identified and thwarted as compared to the malware-based intrusion.
Social engineering attacks are difficult to defend against and detect because the attackers seek the type of information that is identical to the designated information requests from the legitimate inquiries (McIIvennie et al.,2020). This might include those at key call centers or help desks. Social engineering can be prevalent in situations where the IT systems have been kept up to date. The warning signs associated with social engineering might also not end up to be noticeable to all the users (McIIvennie et al.,2020). For example, the feeling of urgency might be a warning sign and a temptation to users at the same time. Such a message can be involved in making users feel the need to act at the designated time and fear the effects that might occur because of the “false” confidence.
Majority of social engineering attacks always get initiated by the perpetrator that pretends to be in need of sensitive information form the victim in order to carry out the task that is required (McIIvennie et al.,2020). The attacker can make the initial steps through the establishment of trust with the victim and going ahead to impersonate the key authorities such as bank, tax officials, police, or even fellow colleagues at the workplace (Yang et al., 2013). This involves the individuals that have the right-to-know the key desired authority (McIIvennie et al.,2020). End users need to know the signs of social engineering attacks such as misspelled hyperlinks, poor spelling and grammar, suspicious domains in the email, unknown senders, consequence threats and other key threats that might be experienced (Yang et al., 2013). Key social engineering techniques that might be deployed by workers include cookie theft, phishing, key logger, viruses, and Trojans along many others.
References
McIlvennie, C., Koliba, C., & Pritoni, M. (2020). Who Controls Energy in the Smart Home? A Multidisciplinary Taxonomy.
Yang, T. A., Vlas, R., Yang, A., & Vlas, C. (2013, September). Risk management in the era of byod: the quintet of technology adoption, controls, liabilities, user perception, and user behavior. In 2013 International Conference on Social Computing (pp. 411-416). IEEE.
窗体底端
