Open in app

Sign in

Write

Sign in

Common Attacks

Hiteshverma
6 min readMar 4, 2024

--

Task 1 Information Introduction

Task 2 Common Attacks Social Engineering

Social engineering is a method of cyberattack that focuses on manipulating individuals to divulge sensitive information, grant unauthorized access, or perform actions that could compromise security. It involves exploiting human psychology rather than exploiting technical vulnerabilities. Here’s a more concise breakdown:

Staying Safe:

  1. Use Multi-Factor Authentication: Set up multiple layers of authentication for added security.
  2. Beware of External Media: Avoid plugging unknown USBs or CDs into important devices.
  3. Verify Identity: Always confirm the identity of unknown callers or messages, especially if they request sensitive information.

Task 3 Common Attacks Social Engineering: Phishing

Phishing Overview:
Definition: Phishing is a form of social engineering, specifically using online correspondence to trick individuals into revealing sensitive information or accessing malicious web pages.

Types of Phishing Attacks:
1. General Phishing:
— Mass attacks targeting large groups (e.g., PayPal or Amazon users).
— Often easily recognizable with poorly crafted messages and errors.

2. Spearphishing:
— Targeted at specific individuals or small groups (e.g., employees of a company).
— Crafted with more precision for a particular audience.

3. Whaling:
— Highly specific, targeting high-value individuals (e.g., C-Suite executives).
— Well-crafted and challenging to detect.

Phishing Process:
1. Attack Initiation:
— Scammer sends a malicious email campaign.
— Prospective victims receive emails, some of which may click the link.

2. Victim Interaction:
— Victims enter credentials on a fake web page controlled by the attacker.
— Credentials are stored or sent directly to the attacker.

3. Exploitation:
— Attacker uses obtained credentials to access the victim’s accounts.
— Potential misuse of sensitive information or further attacks.

Identifying Phishing Attacks:
- **Email Content:**
— Generic greetings or poor grammar may indicate a phishing attempt.
— Verify the legitimacy of unexpected emails, especially those with urgent requests.

- Domain Awareness:
— Check for domain name similarities but never identical to legitimate sites.
— Be cautious of URLs with slight variations that mimic real websites.

- Email Addresses:
— Suspicious “From” email addresses, especially if using generic services like Gmail.

- HTML Emails:
— HTML emails can mask real domain names; verify by hovering over links.

Staying Safe:
1. Email Handling:
— Delete unknown or untrusted emails without opening.
— Report suspicious emails as spam.

2. Attachments and Links:
— Avoid opening unexpected attachments.
— Do not click on embedded links; navigate to websites manually.

3. Device Security:
— Keep devices and antivirus software up-to-date.

4. Privacy Practices:
— Limit public exposure of personal information.
— Consider using a temporary email address for public use.

Response to Phishing:
- If you fall victim to a phishing attack, change affected passwords immediately.
- Contact IT Services for assistance if the attack occurs in a work environment.

Phishing attacks can vary in complexity, and staying vigilant with email scrutiny and security practices is crucial for prevention.

Task 4 Common Attacks Malware and Ransomware

Malware and Ransomware Overview:

Definition:

  • Malware: Malicious software designed to perform harmful actions on a system.
  • Ransomware: A specific type of malware that encrypts data and demands a ransom for its release.

Malware Functions:

  • Stealing information, causing damage, or executing arbitrary commands remotely.
  • Command and Control (C2) malware enables remote control, often involving tasks like keylogging.

Ransomware Characteristics:

  • Encrypts data on infected systems, holding it hostage.
  • Demands ransom payment, usually in cryptocurrency, for data release.
  • Spreads through exploiting vulnerabilities in commonly used software.

Delivery Methods:

  • Often delivered through social engineering or phishing attacks.
  • Common methods include malicious email attachments (Word, Excel, PDF files) or exploiting vulnerabilities in public-facing infrastructure.

Staying Safe:

  1. Keep Software Updated:
  • Accept updates promptly, especially for crucial software like operating systems.
  1. Beware of Suspicious Links and Emails:
  • Avoid clicking on suspicious links, especially in emails.
  • Exercise caution with email attachments; delete suspicious messages.
  1. Avoid Downloading or Running Suspicious Files:
  • Be cautious with file downloads, especially over email or instant messaging.
  1. USB Devices:
  • Avoid plugging unknown USB devices into important computers.
  1. Data Backup:
  • Regularly back up important data for recovery in case of a ransomware attack.
  1. Antivirus Software:
  • Keep antivirus software updated and activated.

Ransomware Response:

  • Do Not Pay Ransom:
  • Refrain from paying ransom; contact local authorities immediately.
  • Contain Infection:
  • Disable routers or prevent infected devices from connecting further.
  • Preserve Device:
  • Do not power off infected devices to preserve potential decryption opportunities.

Staying safe from malware and ransomware involves a combination of awareness, cautious online behavior, and proactive security measures.

Task 6 Staying Safe Multi-Factor Authentication and Password Managers

Multi-Factor Authentication

Multi-Factor Authentication (or MFA) is a term used to describe any authentication process where you need more than one thing to log in. The most common example of this is when you enter the password for an account, then get asked for a six-digit code that is sent to your phone and usually expires after fifteen minutes or so. This particular second authentication factor is referred to as a Time-based One Time Password (or TOTP) and is one of the most common second factors currently in use.

Task 7 Staying Safe Public Network Safety

The Problem

The internet plays a gargantuan role in modern life, with most people being connected in some way virtually constantly. As such, most public spaces (e.g. cafés, restaurants, public transport) are fully equipped with public WiFI to let people catch up on email (or, equally likely, play the latest hit mobile game). What many people don’t realise is that expecting public WiFi to be available can prove to be very dangerous indeed.

Public WiFi, whilst incredibly handy, also gives an attacker ideal opportunities to attack other users’ devices or simply intercept and record traffic to steal sensitive information. This latter technique can be as simple as exploiting the fact that most people expect to see public networks available. The attacker can quickly set up a network of their own and monitor the traffic of everyone who connects; this is referred to as a “man-in-the-middle” attack and is very easy to carry out. For example, if you were to connect to a network belonging to an attacker then logged into an account for a website that doesn’t use an encrypted (HTTPS) connection, the attacker could simply pluck your credentials out of the network traffic and use them to log into your account for themselves. This scenario will be explored in more detail in the interactive element to this task; however, it is fortunately significantly less likely to occur with modern websites which implement Transport Layer Security (TLS) to encrypt traffic between their servers and users as standard.

Equally, being connected to any network (regardless of whether you trust it or not) makes your device visible to others on the network. You never know who else is on a public network or what their intentions might be!

The Solutions

The ideal solution to this problem is simply not connecting to untrusted networks. Beneficial though public wireless connections are, it will always be safer to use a mobile hotspot or private network. Unfortunately, the ideal solution is not always feasible; when this is the case, we must rely on other methods of staying safe.

Virtual Private Networks (VPNs) encrypt all traffic leaving and re-entering your machine, rendering any interception techniques useless as the intercepted data will simply look like gibberish. Whilst it is possible to host your own VPN server for free, most people prefer to use one of the many online solutions. Some of these commercial solutions are free, but be warned: free VPNs tend not to provide the best security and often harvest your data themselves to make a profit. That said, the price of a good VPN is more than worth it for the increased safety when operating on untrusted networks. There are many good options around, including ProtonVPN and Mullvad VPN, to name two.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Tryhackme
Tryhackme Walkthrough
Tryhackme Writeup

--

--

Hiteshverma
Hiteshverma

Written by Hiteshverma

4 Followers
6 Following

Cybersecurity learner.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams