Computer network attack (CNA)

by anupmaurya
589 views

Computer network attack (CNA) can be defined as actions taken through the use of computer networks to disrupt, deny, degrade, or destroy information resident in computers and computer networks, or the computers and networks themselves.

Many people rely on the Internet for many of their professional, social and personal activities. But there are also people who attempt to damage our Internet-connected computers, violate our privacy, and render inoperable the Internet services.

What Is a Network Attack?

An attack is any attempt to expose, alter, disable, destroy, steal or gain information through unauthorized access to or make unauthorized use of an asset. There are two main types of network attacks:

  • Passive: Attackers gain access to a network and can monitor or steal sensitive information, but without making any change to the data, leaving it intact.
  • Active: Attackers not only gain unauthorized access but also modify data, either deleting, encrypting or otherwise harming it.

We distinguish network attacks from several other types of attacks:

  • Endpoint attacks—gaining unauthorized access to user devices, servers, or other endpoints, typically compromising them by infecting them with malware.
  • Malware attacks—infecting IT resources with malware, allowing attackers to compromise systems, steal data, and do damage. These also include ransomware attacks.
  • Vulnerabilities, exploits, and attacks—exploiting vulnerabilities in software used in the organization, to gain unauthorized access, compromise, or sabotage systems.
  • Advanced persistent threats—these are complex multilayered threats, which include network attacks but also other attack types.

What are the Common Types of Network Attacks?

Common threat vectors attackers can use to penetrate your network are as follows:

1. Unauthorized access
Unauthorized access refers to attackers accessing a network without receiving permission. Among the causes of unauthorized access attacks are weak passwords, lacking protection against social engineering, previously compromised accounts, and insider threats.

2. Distributed Denial of Service (DDoS) attacks
Attackers build botnets, large fleets of compromised devices, and use them to direct false traffic at your network or servers. DDoS can occur at the network level, for example by sending huge volumes of SYN/ACC packets which can overwhelm a server, or at the application level, for example by performing complex SQL queries that bring a database to its knees.

3. Man in the middle attacks
A man in the middle attack involves attackers intercepting traffic, either between your network and external sites or within your network. If communication protocols are not secured or attackers find a way to circumvent that security, they can steal data that is being transmitted, obtain user credentials and hijack their sessions.

4. Code and SQL injection attacks
Many websites accept user inputs and fail to validate and sanitize those inputs. Attackers can then fill out a form or make an API call, passing malicious code instead of the expected data values. The code is executed on the server and allows attackers to compromise it.

5. Privilege escalation
Once attackers penetrate your network, they can use privilege escalation to expand their reach. Horizontal privilege escalation involves attackers gaining access to additional, adjacent systems, and vertical escalation means attackers gain a higher level of privileges for the same systems.

6. Insider threats
A network is especially vulnerable to malicious insiders, who already have privileged access to organizational systems. Insider threats can be difficult to detect and protect against because insiders do not need to penetrate the network in order to do harm. New technologies like User and Even Behavioral Analytics (UEBA) can help identify suspicious or anomalous behavior by internal users, which can help identify insider attacks.

Why do cyber attacks happen?

Cyber attacks are designed to cause damage. They can have various objectives, including the following:

  1. Financial gain
  2. Disruption and revenge
  3. Cyberwarfare

You may also like