4. The Need for Cybersecurity: Cyber Attacks 73 and JavaScript engines, respectively. In these attacks, the web server or web browser fails to compartmentalize user-inputted data from code that it executes. The result is that the target runs code provided by the attacker, providing the attacker with unauthorized access to data or the machine. Another example of web exploitation is cross-site request forgery (CSRF). In this type of attack, the attacker tricks the target’s web browser into making a website request crafted by the attacker. This could result in making a transaction or modifying data on behalf of but unbeknownst to the victim. Technical vulnerabilities also exist in computer networking protocols. For example, in the early days of the Internet, the Ping of Death attack caused victim computers to crash just by sending them a single packet. The packet did not comply with protocol standards, and the receiving computers did not know how to process it, causing them to crash. The Ping of Death attack is an example of a denial of service (DoS) attack. In DoS attacks, the attacker does not gain unauthorized access to the victim, but he denies authorized users access. This can be costly for victims because the computing resources are not available to employees or customers, and it takes time (i.e., more resources) to bring the resources back online. Some attacks can occur without any human user intervention. A drive-by-download is an attack that exploits vulnerabilities in web browsers and is triggered by just visiting a malicious website. Smartphones have been known to be compromised by just receiving a text message—this is called a no-click attack. When major operating systems and widely used software programs have vulnerabilities that can be exploited without human intervention, then it is possible for hackers to create a worm. Worms are a type of computer virus. Computer viruses are so-called because like biological viruses, their “infections” are capable of spreading. Worms are programmed to propagate on their own. Once they compromise a victim machine, they use it as a launching point to spread further, infecting other victims, and so on. Due to the potential for exponential growth at Internet speeds, worms can spread very quickly. The SQL Slammer Worm infected seventy-five thousand computers in less than ten minutes in 2003. Another famous worm affected millions of machines starting in 2008. That year Microsoft released a notorious security bulletin known as MS08-067 (the sixty-seventh bulletin released in 2008). It disclosed a major RCE vulnerability in a Windows server service that existed in almost every Windows computer across the globe. After the bulletin was published, threat actors quickly crafted an exploit that became known as the Conficker Worm. It infected millions of computers, enlisting them into a botnet. A botnet is a collection of “slave” computers that respond to the commands from a “master” computer. Botnets greatly multiply a hacker’s ability to wreak havoc. Sometimes botnets are rented out on a short-term basis to other hackers for a fee. Many computer owners do not know that their machines have been enlisted in a botnet because they may continue to operate like normal most of the time. The slaves in some botnets are IoT devices, and the owners have no visibility into their operation at all. Therefore, botnets can
RkJQdWJsaXNoZXIy MTM4ODY=