INVITATION TO CYBERSECURITY 106 Vulnerabilities exist in hardware as well. Side-channel attacks can be used to compromise otherwise secure processes and algorithms. A side-channel attack is an attack that exploits incidental information leakage. An example is the electromagnetic emissions produced by processors when performing cryptographic calculations that can be measured with sensitive equipment and used to narrow down key value ranges. The Rowhammer attack exploits a vulnerability in memory chips that can be used to gain unauthorized modification access to data. Vulnerabilities also exist in computer networks. Vulnerabilities in networking protocols, including authentication protocols, are frequently discovered and exploited by hackers to gain unauthorized access to computer systems and data. The LAND (local area network denial) attack is similar to the Ping of Death attack in that it causes a computer system to crash by sending it a malformed packet. In the LAND attack, a packet is sent with a source IP address that is spoofed to match the destination system’s IP address. If the system is not programmed to catch this trick, it will enter into an infinite loop of sending replies to itself and will quickly consume all of its computing resources! 5.3.3.4 Facilities Cyber vulnerabilities also exist in facilities. If hackers are able to physically access computer systems, they may be able to login and exfiltrate data or plant malware. An example of a facility-related vulnerability are Ethernet ports located in walls throughout office buildings. If the ports are active, a bad actor may be able to plug in his laptop in an inconspicuous area and gain access to the local area network. As part of cybersecurity, organizations need to examine their physical office space for vulnerabilities that could be exploited by cyber attackers that come onsite. Cyber vulnerabilities need to be enumerated as part of the cyber risk management process. Chapter 4 covered multiple different ways hackers attack computer systems and data. Organizations need to be familiar with these techniques and the vulnerabilities that make them possible. Organizations should also perform pentests and vulnerability assessments to help identify vulnerabilities. 5.3.4 Risk Analysis Cyber risks occur where threats and vulnerabilities intersect. A cyber risk is the potential for a cyber threat actor to exploit a vulnerability that allows him to disclose, alter, or deny access to a cyber asset. Risk is sometimes written as the formula: Risk = Threats x Vulnerabilities Both inputs on the right side of the equation are necessary because no risk exists when threats are present but not vulnerabilities, and vice versa. As a non-cyberspace example, some biological viruses pose no risk to certain people. This could be because the virus is present in their area but they are immune to it (i.e., the threat exists but not the vulnerability), or because they are susceptible to the virus, but it is not found in their area
RkJQdWJsaXNoZXIy MTM4ODY=