Do you know your cyberthreats?
- 10 January, 2012 08:30
The watchdogs at the Government Accountability Office this week issued a report that takes a look at what information, or guidance as they call it, is available to help government agencies and public sector companies bulk up their cybersecurity efforts.
Since a GAO report late last year showed reports of security incidents from federal agencies have increased more than 650% over the past five years, the need for a community of help on the cybersecurity front is needed.
MORE ON SECURITY: IRS: Top 10 things every taxpayer should know about identity theft
Inside the current report, the GAO included a list and definitions of some of the more common, and perhaps some not-so-common, security exploits that federal agencies and private firms are hit with. Here's the list:
• Cross-site scripting: An attack that uses third-party web resources to run script within the victim's web browser or scriptable application. This occurs when a browser visits a malicious website or clicks a malicious link. The most dangerous consequences occur when this method is used to exploit additional vulnerabilities that may permit an attacker to steal cookies (data exchanged between a web server and a browser), log key strokes, capture screen shots, discover and collect network information, and remotely access and control the victim's machine.
• Denial-of-service: An attack that prevents or impairs the authorized use of networks, systems, or applications by exhausting resources.
• Distributed denial-of-service: A variant of the denial-of-service attack that uses numerous hosts to perform the attack.
• Logic bomb: A piece of programming code intentionally inserted into a software system that will cause a malicious function to occur when one or more specified conditions are met.
• Phishing: A digital form of social engineering that uses authentic-looking -- but fake -- e-mails to request information from users or direct them to a fake website that requests information.
• Passive wiretapping: The monitoring or recording of data, such as passwords transmitted in clear text, while they are being transmitted over a communications link. This is done without altering or affecting the data.
• SQL injection: An attack that involves the alteration of a database search in a web-based application, which can be used to obtain unauthorized access to sensitive information in a database.
• Trojan horse: A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms by, for example, masquerading as a useful program that a user would likely execute.
• Virus: A computer program that can copy itself and infect a computer without the permission or knowledge of the user. A virus might corrupt or delete data on a computer, use e-mail programs to spread itself to other computers, or even erase everything on a hard disk. Unlike a computer worm, a virus requires human involvement (usually unwitting) to propagate.
• War driving: The method of driving through cities and neighborhoods with a wireless-equipped computer -- sometimes with a powerful antenna -- searching for unsecured wireless networks.
• Worm: A self-replicating, self-propagating, self-contained program that uses network mechanisms to spread itself. Unlike computer viruses, worms do not require human involvement to propagate.
• Zero-day exploit: An exploit that takes advantage of a security vulnerability previously unknown to the general public. In many cases, the exploit code is written by the same person who discovered the vulnerability. By writing an exploit for the previously unknown vulnerability, the attacker creates a potent threat since the compressed time frame between public discoveries of both makes it difficult to defend against.
Read more about wide area network in Network World's Wide Area Network section.