It is challenging to face the daily onset of threats to your infrastructure. Packet analysis is an important skill, as today’s threats may have slipped by your threat management systems, having found a home on your network.
- [Narrator] When the incident response team sends an alert that your pro active threat detection system has identified and quarantined malware you investigate and mitigate the threat. However today's threats may have slipped by your systems, and found a home on your network. The fact is it is a challenge to face the daily onset of threats to our infrastructure. Cyber crime losses in the U.S. went up nearly five billion during the past four years.
As we see in this info graphic, total losses were four point six three billion dollars. Many players are involved in virtual attacks, including hackers, organized crime gangs, and nation states. The motivation for most malware attacks is profit. Cyber attacks have resulted in billions of dollars in lost revenue and production.
Anyone can get in the game. In fact if you do need help spawning a cyber attack everything is for sale on the dark net. Including malware kits and hoods for hire. They even offer technical support. An Attack Vector is the way by which someone gains unauthorized entry into a system, and can include email, webpages, and the user. The goal is to deliver a malicious payload or malicious act by taking advantage of system vulnerabilities or known weak spots to gain entry.
Unfortunately, this makes your machine vulnerable to an attack as malware is often bundled with other software and you may inadvertently install the malware without your knowledge. Wireless networks are everywhere in today's world and provide an attractive attack vector. The eight oh two dot 11 standard or Wi-Fi is characteristically insecure, and will continue to be more vulnerable to attack than a wired network.
The most vulnerable attack vector is the user, which is the weakest link in any system. Human error is still the main cause for most attacks. Email threats have been going on for yours, and some causing severe and costly damage. In January 2004 hackers released Mydoom which was the fastest spreading email worm ever, and caused damage of over 38 billion dollars.
Email attachments are one of the original methods to send malware, spam, and bogus links. They continue to improve in sophistication and are making a comeback as a popular attack vector because they're handy and used by just about everyone. Email continues to be a dangerous yet effective threat and messages can contain links to bogus websites and malware. Phishing and pharming techniques send out massive emails.
Phishing emails bait victims to click to claim a prize, sign up for a special program, or sign in and check account information. The message appears urgent and requires a quick response. One in ten individuals will respond to a phishing email or spam. Cyber criminals are using social engineering methods that are more refined to get you to click on a link or go to a website. They have done their research and identified their targets for a company to ensure a more successful exploit.
For example a hacker has registered this legitimate looking domain name USPS get my package and sent the email to a business using a spear phishing attack. Many offices send and receive multiple packages every week. Imagine a busy administrative assistant going about the day when an email comes in as follows: one click is all it takes to release malware.
It is a challenge to face the daily onset of threats to our infrastructure. Packet analysis is an important skill, as today's threats may have slipped by your threat management systems and have found a home on your network.
- Trends in cyberattacks
- Preventing system compromise
- Analyzing packets
- Using Wireshark
- Creating firewall rules
- Baselining a network
- Using capture filters
- Using a ring buffer
- Handling OSI layer attacks
- Identifying attack signatures
- Using VirusTotal
- Handling unwanted TOR activity