Network Security: Most Common Cyberattacks on Computer Networks
Computer networks certainly face serious security threats, and these threats can manifest themselves in a variety of forms. There are different ways one might choose to classify the various threats to your system, You could choose to classify them by the mage they cause, the level of skill required to execute the attack, or perhaps even by the motivation behind the attack. In this article, we will review the most common attacks on computer networks.
- Denial of Service (DoS) attack
The first type of attack we should examine is the denial of service (DoS). A denial of service attack is an attack that aims to deny legitimate users the use of the target system. This class of attack does not actually aim to infiltrate a system or to obtain sensitive information. It simply aims to prevent legitimate users from accessing a given system.
This type of attack is one of the most common categories of attack. Many experts feel that it is so common due to the fact that most forms of denying a service attack can be fairly easy to execute. These attacks can be executed with ease, meaning that even attackers with minimal technical skills can often successfully perform a denial of service. The concept underlying the denial of service attack is based on the fact that any device has operational limits. This fact applies to all devices, not just computer systems. For example, bridges are designed to hold weight up to a certain limit, aircraft have limits on how far they can travel without refueling, and automobiles can accelerate until a certain point. All of these various devices share a common trait: They have set limitations to their capacity in order to perform work. Computers are no different from these, or any other machine; they too also have limits. Any computer system, web server, or network can only handle a finite load.
How a workload can be defined depends on the machine. A workload for a computer system might be defined in a number of different ways, including the number of simultaneous users, the size of the files, the speed of transmission, or the amount of data stored. For example, if you can flood a webserver with more requests than it can process, it will overload and will no longer be able to respond to further requests. This reality underlies the DoS attack. Simply overload the system with requests, and it will no longer be able to respond to legitimate users attempting to access the webserver.
Commonly known DoS attacks are Syn floods, TCP floods, UDP floods, Smurf attacks, and Ping of Death (PoD) attacks. These attacks are easily executed using open sources freely available tools such as Low Orbit Ion Cannon (LOIC) and HOIC. It is extremely important to patch the system on regular basis to avoid DoS attacks.
2. Buffer Overflow Attacks
Buffer Overflow is another most popular attack on computer systems. A buffer overflow is designed to populate the system's buffer more than its capacity. This means that although the threat might be less than it once was, it is still a real threat. Any application that communicates with the internet or private network must receive some data. This data is stored, at least temporarily, in a space in memory called a buffer. If the programmer who wrote the application was more careful, the buffer would truncate or reject any information that exceeds the buffer limit.
Given the number of applications that might be running on a target system, and the number of buffers one each application, the chance of having at least one incorrectly written buffer is significantly high enough to cause any cautious system administrator concern. A person moderately skilled in programming can write a program that purposefully writes more data into the buffer than it can hold. For example, if the buffer can hold 1024 bytes of data and you attempt to fill it with 2048 bytes, the extra will simply be loaded into memory.
Luckily, the buffer overflow attacks are not kids' play. One requires expertise in C or C++ programming languages to execute this type of attack. The hacker also must be smart enough to understand systems’ vulnerabilities.
3. IP Spoofing
IP spoofing is used to gain unauthorized access to the computer. It is also used to mask the origin of the DoS attack. With IP Spoofing, the intruder sends messages to a computer system with an IP address indicating that the message is coming from a different IP address than it is actually coming from. If the intent is to gain unauthorized access, then the spoofed IP address will be that of a system the target considers a trusted host.
The successfully perpetrate IP spoofing, the hacker must first find the IP address of a machine that the target considers a trusted source. Hackers might employ a variety of techniques to find the IP address of the trusted host. After they have obtained the trusted IP address they can then modify the packets and the headers of their transmissions so it appears that the packets are coming from that host.
One can protect their system from IP spoofing by not disclosing the internal IP addresses and continuously monitoring the IP packets. Netlog is a popular tool used in this regard.
4. Session Hijacking
This is the last cyber attack on computer networks we will discuss here. Session hijacking is also a very popular cyberattack used for hacking the TCP sessions between two machines. Because authentication is frequently done only at the start of a TCP session, this allows the hacker to break into the communication stream and take control of the session. For example, a person might log on to a machine remotely. After establishing a connection with the host, the hacker might use session hacking to take over that session, thereby gaining the access to the target machine.
The most common type of session hijacking is the “man-in-the-middle-attack”. In this case, a hacker uses some sort of packet sniffer software to simply listen to the transmission between two computers, taking whatever information he wants, but not actually disrupting the conversation. A common component of such an attack is to execute a DoS attack against one endpoint to stop it from responding. Because that endpoint is no longer accessible and is not responding the hacker can now interject his own machine to stand in for that endpoint.
These are the most popular attacks on computer systems. Every network administrator must know these attacks and their countering tactics. However, cybersecurity is very dynamic, and newer attacks are being created every day. It is important to gain advanced skills and knowledge in the cybersecurity domain to protect our systems from hackers.
I hope you liked this article, please like and follow for more knowledge on cybersecurity and related technologies.
See you next time …! :)
