There is no shortage of actors in cyberspace who can be a potential threat to an organization. The list ranges from high schoolers who want to put newly acquired skills to the test, employees or partners who have access to the company network, to professional hackers who intend to hold data hostage or plan to resell information. On the highest-end, some state-financed actors extend their reach as far as possible into foreign countries. Motivation and intentions might vary, but the outcome for the targeted organization is the same. Data breaches lead to a lack of trust in the organization and ultimately destroy shareholder value. Executives are losing their job as they take responsibility for these breaches. Last but not least, the private data of customers and patients is compromised, causing in some cases irreparable harm.
One of the most damaging threats is the distributed denial-of-service. The attackers are flooding the target network with empty requests that exhaust the available network resources and render the operation useless.
DNS poisoning attacks
Here the idea is to redirect requests from a legitimate website to a different internet location. Hackers have to compromise the DNS server hosting the domain name. Once this has been accomplished, hackers can control traffic at their will. As a side note, China controls national internet access by redirecting requests of ‘banned’ websites to servers that they deem to be fit, essentially preventing its citizens from accessing foreign sites and keeping traffic on national servers.
This type of software restricts access to resources. For example, it can encrypt mission-critical data and won’t allow de-encryption with a password. Hackers typically demand a ransom in exchange for freeing up the data or making them otherwise available again. One of the most prominent examples is the Wannacry attacks that occurred in 2017.
If you wish to continue reading the eBook, I invite you to download a complimentary copy by clicking on the button below.