Vulnerabilities, Threats, and Attacks
Attackers who attempt to access a system or network use various methods to find and exploit
specific targets. This section discusses the basic concepts of a cyber attack.
Vulnerabilities
To understand cyber attacks, you must remember that computers, no matter how advanced,
are still just machines that operate based on predetermined instruction sets. Operating
systems and other software packages are simply compiled instruction sets that the computer
uses to transform input into output. A computer cannot determine the difference between
authorized input and unauthorized input unless this information is written into the
instruction sets. Any point in a software package at which a user can alter the software or
gain access to a system (that was not specifically designed into the software) is called a
vulnerability. In most cases, a hacker gains access to a network or computer by exploiting a
vulnerability. It is possible to remotely connect to a computer on any of 65,535 ports.
Different applications configure a system to listen on specific ports. It is possible to scan a
computer to determine which ports are listening, and what applications are running on that
system. By knowing what vulnerabilities are associated with which applications, you can
determine what vulnerabilities exist and how to exploit them. As hardware and software
technology continue to advance, the “other side” continues to search for and discover new
vulnerabilities. For this reason, most software manufacturers continue to produce patches
for their products as vulnerabilities are discovered.
Threats
Potential threats are broken into the following two categories:
■ Structured threats—Threats that are preplanned and focus on a specific target. A
structured threat is an organized effort to breach a specific network or organization.
■ Unstructured threats—Threats that are random and tend to be the result of hackers
looking for a target of opportunity. These threats are the most common because an
abundance of script files are available on the Internet to users who want to scan
unprotected networks for vulnerabilities. Because the scripts are free and run with
minimal input from the user, they are widely used across the Internet. Many unstructured
threats are not of a malicious nature or for any specific purpose. The people who carry
them out are usually just novice hackers looking to see what they can do.