“No technology that's connected to the internet is unhackable.

Information Security
  
8

CONTENTS

O/S attacks:...................................................................................................................................................................1
Security:.........................................................................................................................................................................1
Security breaches:.........................................................................................................................................................2
Types:.........................................................................................................................................................................2
Hacking:.........................................................................................................................................................................3
Phases of Attacks:.........................................................................................................................................................3
Types of attack:.............................................................................................................................................................4
Shrink wrap code attacks:...........................................................................................................................................4
What are they?........................................................................................................................................................4
How to avoid?.........................................................................................................................................................4
Buffer overflow attack:...............................................................................................................................................5
What are they?........................................................................................................................................................5
How to avoid?.........................................................................................................................................................6
References:......................................................................................................................................................................6

O/S ATTACKS:
8

Many operating system today include a very big number of services, as well as ports that could
be opened up that activated or installed by default. The reason why they programmed this way is
because the manufacturer is trying to make it easier for users as well as trying to make it fully
featured because whenever we get into it, this adds to complexity. Most of the time attackers are
actually looking for different ways to gain access to these known vulnerabilities in OS. Some of
these mistakes are just by default that get implemented at time of manufacturing. All OS has
their own defaults and most of them are lock down really well.

One of the major way that attackers are able to get in via operating system attack is because
people have not gone through the system and updated their system on time. Sometimes these
updates are complex for some users, so several companies have tried to make this easy, including
Microsoft, they have come out with their own little product call Windows Update Services, but if
you don’t have any practice or training on it or if you’ve no information about product, you will
never know what you are doing, you may not actually implement it. Some of these OS attacks
can actually result in attacker implementing a Buffer Overflow attack as well as exploding
network protocols and cracking passwords and possibly even breaking File System Security of a
system.

SECURITY:

Today almost every company is becoming completely networked, exchanging information and
data over network on daily basis. There is an increased dependency on computers, any disruption
in their operation, integrity or behavior will lead to the loss of time and money.

Securing our information and data is very essential nowadays, attackers are always ready to
attack our computers whenever a slight vulnerability is detected. It is state of well-being of our
information and infrastructure in which possibility of successful yet undetected theft, attacks and
leaking of information is kept as low as possible. There are certain elements of security which
will stop a hacker or attacker to enter our system. One hacking event will affect any one of the
essential element of security.

“We cannot stop a Hacker to

Elements of Security
enter our system, what we
Confidentiality: the information or resources are confidential can do is to make it difficult
(secret) enough to prevent from intruders. for them.”
Authenticity: The correctness of information and data, usually
depends on identification of authorized users.
Integrity: The ability of detecting any unauthorized change in
information and resources.
Availability: The ability to use desired information or resource.

Accountability: Security administrators/Authorities or

managers should know by whom, when, how and why system
8

was accessed.
Assurance: Confidence and surety that our system or resource
will behave according to its specifications.
SECURITY BREACHES:

If the intruder snatches our document and personal information that’s a data breach. It happens a
lot in large and small organizations. A security breach can damage an organization’s reputation
and finances. It can also result in loss of important data and information. Security breach
happens when all the elements of security are not well observed and system is not updated on
time. These little vulnerabilities results in big loss and also loss of regular customers in an
organization.

It occurs when an intruder gains unauthorized access to our protected system and data. It is an
early stage violation that can lead to things like system damage and data loss.

TYPES:

Attacker can hack our system in many ways but three major ways are virus, spywares and
malwares.

They often use malicious software to break into our protected systems, they usually arrive
through emails or by downloading stuff from internet without authentication. Sometimes there
are some software on internet which have some malicious code or part which arrives in our
system when we install that specific software or application. Intruders add these malicious part
while manufacturing those applications or software.

For instance, there is email with an attached text, image or audio been sent by a website or
application or it could be an email for an update. Opening that email or audio can infect our
system. Now it is possible that intruder or hacker sent that email by gaining information that we
are using that application or software on daily basis.

When we install any application or song from internet it is possible that they have malicious
content in them and by installing, virus can infect our system or hacker can easily access our
system. That is why we should always authenticate everything before downloading or we should
download stuff from known and authentic websites.

Once our system is exposed, an attacker can collect all information or data he want and can also
erase his tracks easily afterwards.

HACKING:
8

Hacking requires extraordinary computer skills to go beyond the secured computer systems.
Nowadays there are automated tools and codes available on internet that make it possible for
almost anyone to hack a system. An intruder always keep the attack secret in order to be saved.

Sometimes hacker deliberately add malicious part or code in application while designing and
when a user or common lay man install that application that specific malware or virus enters
their system and results in destruction.

“They (hacker) don’t care what kind of business you’re, they just want to use your computer
systems,” says Assistant U.S Attorney Floyd Short in Seattle.

PHASES OF ATTACKS:

Generally there are 5 phases that make up an attack:

Attack

Reconnaissance Gaining access Maintaining access Covering tracks

Scanning

Attacks
Reconnaissance: It is considered as preparatory stage where an attacker seeks to gather as
much information as possible about target or system before launching an attack. This
information can be gathered directly or indirectly.

Scanning: It is a pre-attack phase where attacker uses gathered information to setup an

attack. An attacker can gather critical network information, such as the mapping of systems,
routers, and firewalls and security breaches. They just want a single point to enter a system.

Gaining access: Gaining access refers to penetration phase. The hacker exploits the
vulnerability in system. The exploit can occur over a LAN, internet or cracking passwords.
This results in buffer overflows, denial of service, session hijacking, shrink wrap codes. In
this phase, attacker gains access of the system by using gathered and scanned information.

Maintaining access: This phase refers to maintaining their access to system they owned in
previous stage. Hacker may harden the system for other hackers by securing their exclusive
access or techniques. They can download, update or manipulate data, applications on their
owned system.
8

Covering tracks: In this phase, hackers tries to cover their misdeeds. Activities performed
to hide track of entering in someone’s system is done in this phase.

TYPES OF ATTACK:

There are certain type of attacks which can be used to destroy a system. The hacker must be able
to exploit and expose vulnerabilities of a system in order to access secured information and
system.

SHRINK WRAP CODE ATTACKS :

WHAT ARE THEY?

 Attacker or hacker uses this kind of attack when there is some vulnerability in unpatched
Operating system. In this type of attack hacker exploits holes in unpatched OS or poorly
configure systems and applications. Whenever an OS is installed in new system, it is
possible that there are bugs left in that OS, or it is not installed properly. These
vulnerabilities helps an attacker to enter our system. To avoid these bugs, there are
regular updates given by vendor of that OS such as Microsoft windows give updates
almost monthly. If a lazy user forgets or is not able to update the system, there is chance
that intruders will enter that system by using vulnerabilities.
 When an OS is developed, manufacturer always uses debugging scripts in that OS to
debug. And sometimes they forgets to close that scripts. Intruders can also use those
scripts to enter the system.
 Attackers also take advantage of lazy developers in this types of attack. They intend to
add malicious code in a script or program or may add code in a software repository where
other code and programs are also available. When a developer who don’t want to rewrite
code, copies that code from internet or any other application or uses free libraries
licensed from other sources and without scanning or reviewing use that code and
libraries in their own program over and over. This creates a vulnerability in system and
attackers gains multiple point where they can hit and enters a system to create chaos.

HOW TO AVOID?

 Always update you system regularly.

 DONOT download any script or code from internet that are not configured.
8

 If you download codes or libraries from repository or internet, make sure to “Auto Tune”
them i.e. review or edit that code according to your need or at least CHECK that code for
once. As a developer you will know if any malicious code is there.

BUFFER OVERFLOW ATTACK:

WHAT ARE THEY?

 Buffer overflow is an anomaly that happens when software writing data to a buffer

overflows the buffer’s capacity, leading to adjacent memory locations being overwritten.
In other words, an excessive amount of information is being passed into a container
that doesn't have enough space, which information lands up replacing data in adjacent
containers.
Buffer overflows will be exploited by attackers with a goal of modifying a computer’s
memory so as to undermine or take hold of program execution.

 An attacker can deliberately feed a carefully crafted input into a program which

will cause the program to undertake and store that input in an exceedingly buffer that
isn’t large enough, overwriting portions of memory connected to the buffer space. If the
memory layout of the program is well-defined, the attacker can deliberately overwrite
areas known to contain executable code. The attacker can then replace this code along
with his own executable code, which may drastically change how the program is meant to
figure.
 For example if the overwritten part in memory contains a pointer (an object that points to
a different place in memory) the attacker’s code could replace that code with another
pointer that points to an exploit payload. this may transfer control of the entire program
over to the attacker’s code

 Certain coding languages are more at risk of buffer overflow than others. C and C++ are
two popular languages with high vulnerability, since they contain no built-in protections
against accessing or overwriting data in their memory.
 Windows, Mac OSX, and Linux all contain code written in one or both of
those languages. More modern languages like Java, PERL, and C# have built-in features
that help reduce the probabilities of buffer overflow, but cannot prevent it altogether.

HOW TO AVOID?
8

Luckily, modern operating systems have runtime protections which help mitigate buffer
overflow attacks

 Data execution prevention - Marks certain areas of memory either executable or non-
executable, preventing an exploit from running code found in a very non-executable area.
 Address space randomization - Randomly rearranges the address space locations of key
data areas of a process. Buffer overflow attacks generally depend on knowing the
precise location of important executable code, randomization of address spaces makes
that just impossible.
 Software developers also can take precautions against buffer overflow vulnerabilities by
writing in languages that have built-in protections or using special security procedures in
their code.
Despite precautions, new buffer overflow vulnerabilities still be discovered by
developers, sometimes within the wake of a successful exploitation. When new
vulnerabilities are discovered, engineers have to patch the affected software and make
sure that users of the software get access to the patch.

REFERENCES:

[1].https://www.coursehero.com/file/p50u4el/Shrink-wrap-code-attacks-These-attacks-take-
advantage-of-the-built-in-code-and/
[2].https://nextbigthings.info/cyber-attack-types/
[3].https://www.youtube.com/watch?v=VAaHE4jB0Vw
[4].https://www.youtube.com/watch?v=sKD85l47djs
[5].https://nextbigthings.info/cyber-attack-types/
[6].http://maui.hawaii.edu/cybersecurity/wp-content/uploads/sites/13/2013/01/Intro-to-Ethical-
Hacking.ppt_.pdf
[7].https://www.youtube.com/watch?v=LsuoJb7n3co
[8].https://sci-hub.se/https://ieeexplore.ieee.org/abstract/document/6916397/
[9].https://sci-hub.se/
8