Page 33 - CITP Review
P. 33
threat actor. A DoS attack is accomplished by flooding the targeted host or network with traffic until
the target cannot respond or simply crashes, preventing access for legitimate users. These attacks
22
can render an organization’s resources unusable, often at a great cost of time and money.
Distributed denial of service. A distributed denial-of-service (DDoS) attack is a DoS that uses a number
of machines in concert to attack a single target. DDoS attacks can be very powerful, sending an
enormous number of requests to the target at once. It also increases the difficulty of attribution,
because the true source of the attack is harder to identify. DDoS attackers often leverage the use of a
botnet — a group of hijacked internet-connected devices — to carry out large-scale attacks.
Malware. Software or firmware intended to perform an unauthorized process that will have adverse
impact on an information system. The malware may be a virus, worm, Trojan horse, or other code-
23
based entity that infects a host.
Ransomware. Ransomware is a type of malicious software, or malware, designed to deny access to a
computer system or data until a ransom is paid. Ransomware typically spreads through phishing
24
emails or by unknowingly visiting an infected website.
Spyware. Spyware is also known as "adware." It refers to a category of software that, when installed
on your computer, may send you pop-up ads, redirect your browser to certain web sites, or monitor
the web sites that you visit. Some extreme, invasive versions of spyware may track exactly what keys
25
you type.
Phishing. Phishing uses social engineering techniques to solicit sensitive personal information from
unsuspecting users. Phishing emails are crafted to appear as if they have been sent from a legitimate
organization or known individual. These emails often attempt to entice users to click on a link that will
take the user to a fraudulent website that appears legitimate. The site may then ask users for
personal information, such as account usernames and passwords, that can be used maliciously.
26
These fraudulent websites may also contain malicious code.
Spear phishing. Spear phishing is a form of phishing generally delivered via email, targeting a specific
individual, organization, or business.
Social engineering. Social engineering leverages psychological manipulation to trick people into
performing specified actions or providing confidential information.
Brute force attack. A malicious actor tries to access an account by guessing the password.
Password spraying. A style of brute force attack in which the malicious actor attempts a single
27
password against many accounts before moving on to attempt a second password, and so on.
Advanced persistent threats
28
One notable type of cyberattack that can leverage a number of the previously detailed attacks is the
advanced persistent threat (APT). An APT is a large-scale attack that takes place over an extended period
of time, generally for the purpose of espionage or financial or political gain. The attacker selects a target
for a very specific purpose, often taking a good deal of time to thoroughly research potential
vulnerabilities and designing custom malware specifically for the attack. Rather than getting in and out
22
See www.us-cert.gov/ncas/tips/ST04-015, accessed June 20, 2019.
23
See https://csrc.nist.gov/glossary/term/malware, accessed June 20, 2019.
24 See www.us-cert.gov/Ransomware, accessed June 20, 2019.
25 See www.us-cert.gov/ncas/tips/ST04-016, accessed June 20, 2019.
26
See www.us-cert.gov/report-phishing, last accessed June 20, 2019.
27
See www.us-cert.gov/ncas/alerts/TA18-086A, last accessed June 20, 2019.
28
Sourced from www.csoonline.com/article/2615666/5-signs-youve-been-hit-with-an-apt.html and
www.imperva.com/learn/application-security/apt-advanced-persistent-threat/.
© 2019 Association of International Certified Professional Accountants. All rights reserved. 1-25
