To be able to have a full understanding of how the attack is taking place you need
to put on the attacker hat and think like a one.
Time and place: Thinking of how, where when is important but actually
it is not that relevant because attacker will try 24/7 from everywhere as
anonymous servers and nodes are available all over the world are ready
to be a hacking initiation point intentionally or accidently.
An exception will be those application that are only available for a preset
time or period.
As most of web application are opened to public all the time the initial
scenario is the one that will stand but asking questions when an where
can be beneficial because it will be helpful in most scenarios to minimize
the access from nodes or areas that have a bad reputation in being a
source of many attacks, the following figure represents a snapshot of the
Norse Corp live threat map showing attack sources and targets in real
time.
What to target: everything…. all parts of the system should be potential
subject to attack, web platform, application, backend, databases, web client, transport and last not least the availability because security is like a chain weak as its weakest part
Mindset: persistence, iterative approach is always fruitful. normally attackers are pushed by huge ego, powerful feelings and lot of energy.
Attackers categories
Researches by Christian S. Fötinger Wolfgang Ziegler showed that
attackers have different categories depending on their motives and
mindset:
A. Old School Hackers: computer programmers from known
universities like Stanford or MIT interested in lines of code and
analyzing systems, but what they do is not related to criminal
activity as They don’t have a malicious intent.
B. Script Kiddies or Cyber-Punks: As an age group, they can be
between 12 and 30 years old, and on average have a grade 12
education. Bored in school, very adept with computers and
technology main intent is to vandalize or disrupt, like to brag
about skills and achievement.
C. Professional Criminals, or Crackers: make a living breaking into
systems and selling the information. They might get hired for
corporate or government espionage
D. Coders and Virus Writers: They like to see themselves as an elite.
They have a lot of programming background and write code but
won’t use it themselves they live that to others.
0 comments: