Access Attacks
As the name implies, the goal of an access attack is to gain access to a computer or network.
Having gained access, the user may be able to perform many different functions. These
functions can be broken into three distinct categories:
■ Interception—Gaining unauthorized access to a resource. This could be access to
confidential data such as personnel records, payroll records, or research and
development projects. As soon as the user gains access, he might be able to read, write
to, copy, or move this data. If an intruder gains access, the only way to protect your
sensitive data is to save it in an encrypted format (beforehand). This prevents the
intruder from being able to read the data.
■ Modification—Having gained access, the unauthorized user can alter the resource. This
includes not only altering file content but also altering system configurations, changing
the level of authorized system access, and escalating authorized privilege levels.
Unauthorized system access is achieved by exploiting vulnerability in either the operating
system or a software package running on that system. Unauthorized privilege escalation
occurs when a user who has a low-level but authorized account attempts to gain higherlevel
or more-privileged user account information or to increase his or her own privilege
level. This gives the user greater control over the target system or network.
■ Fabrication—With access to the target system or network, the unauthorized user can
create false objects and introduce them into the environment. This can include altering
data or inserting packaged exploits such as a virus, worm, or Trojan horse, which can
continue attacking the network from within:
— Virus—Computer viruses range from annoying to destructive. They
consist of computer code that attaches itself to other software running on
the computer. This way, each time the attached software opens, the virus
reproduces and can continue growing until it wreaks havoc on the infected
computer.
— Worm—A worm is a virus that exploits vulnerabilities on networked
systems to replicate itself. A worm scans a network, looking for a computer
with a specific vulnerability. When it finds a host, it copies itself to that
system and begins scanning from there.