ITE 305: Information Assurance and Security 2

Module #4

Name: Class number: _________________

__________________________________________ Date: _________________________
Section: _________ Schedule: ______________________

Lesson title: Cyber Attacks in Information Security Materials:

Lesson Objectives: The student should be able to: Module
-Understand the attacks on information security
-Recognize the type attacks and be able to cite examples. References:
Principles of Information Security.
Whitman
Information Security Management
Principles
W3Schools.com

Productivity Tip:
“Do not attack all at once, attack one by one, until you can understand all in this module.”

A. LESSON PREVIEW/REVIEW
1) Introduction (2 mins)
Hello! I hope you are doing well.
Once again do not be threatened by the title, I know it sounds scary but we are to learn about them. Currently with
the rise of COVID 19 and the rise of people staying at home and getting bored. A lot of people rely on their
internet, and the ones who got bored actually got the spare time of thinking that they should learn hacking.
This is very common occurrence. At the start of the home quarantine, cyberattacks increased by 300% just a
month after quarantine is imposed globally.
This is why we must learn and be better on ourselves in knowing these attacks. In this module we will teach you
the potential attacks that can happen to Information Security. We will try our best to give you an idea on these
attacks and some solutions to them.
Take note that by the end that in the future of this course you will be focusing in the attacks and how to defend
against them.

1
FLM 1.0
 ITE 305: Information Assurance and Security 2
Module #4

Name: Class number: _________________

__________________________________________ Date: _________________________
Section: _________ Schedule: ______________________

2) Activity 1: What I Know Chart, part 1 (3 mins)

What I Know Questions: What I Learned (Activity 4)
1. 1. What are Attacks? 1.

2. 2. Why do we need to understand 2.

attacks in Information security?

B.MAIN LESSON
1) Activity 2: Content Notes (13 mins)
We are now in the main focus or you can say the juiciest part of this course. As a future IT professional, you
should be aware of attacks against the company you work on, and also securing your own personal computer,
devices, or assets.
Attacks
An attack is an act that takes advantage of a vulnerability to compromise a controlled system. It is accomplished by a
threat agent that damages or steals an organization’s information or physical asset.
Vulnerability is an identified weakness in a controlled system, where controls are not present or are no longer
effective.
Unlike threats, which are always presents, attacks only exist when a specific act may cause a loss.
For example, the threat of damage from a thunderstorm is present all the time. But an attack and its associated risk
of loss only exist for the duration of an actual thunderstorm
Another example, the threat of a hacker is always there, but an attack is the way and during the actual hacking to the
system.

We will be listing down major type of attacks used on against controlled system.
Types of Attacks:
1. Malicious Code
The malicious code attack includes the execution of viruses, worms, Trojan horses, and active web scripts with
the intent to destroy or steal information.
2
FLM 1.0
 ITE 305: Information Assurance and Security 2
Module #4

Name: Class number: _________________

__________________________________________ Date: _________________________
Section: _________ Schedule: ______________________

These can be easily received from suspicious infected flash drives and suspicious website that is filled with
advertisements that asks you to download an .exe or .apk file that once opened or activated will spread the virus.

2. Hoaxes
A more tricky attack on computer systems is the transmission of a virus hoax with a real virus attached. When the
attack is masked in a seemingly legitimate message, unsuspecting users more readily distribute it. Even though these
users are trying to do the right thing to avoid infection, they end up sending the attack on their coworkers and friends
and infecting many users along the way.
These can be easily found on websites that saying “your computer is infected with a virus please scan now and
remove the virus” but in actuality it will be putting a virus instead.

3. Back Doors
Using a known or previously unknown and newly discovered access mechanism, an attacker can gain access to a
system or network resource through a back door. Sometimes these entries are left behind by system designers or
maintenance staff, and thus are called trap doors.

4. Password Crack
Attempting to reverse-calculate a password is often called cracking. A cracking attack is a component of many
dictionary attacks (will be explained later). It is used when a copy of the security account manager data file, which
contains encrypted passwords of users, can be obtained. A password can be decrypted using the same algorithm in
encrypting it. If they are the same, then the password has been cracked.

5. Brute Force
The application of computing and network resources to try every possible password combination is called a brute
force attack. Since the brute force attack is often used to obtain passwords to commonly used accounts, it is
sometimes called a password attack.
If attackers can narrow the field of target accounts, they can focus the time and resources to these accounts. This
is the reason companies and even websites remind you to regularly change your passwords.
These can be prevented by applying a 3 try rule in accessing the account, if the account has been attempted to be
accessed more than 3 times, the system will stop allowing trying to access the account.

6. Dictionary Attacks
This is a variation of a brute force attack which narrows the field by selecting specific target accounts and using a
list of commonly used password (usually a premade dictionary, or the actual dictionary) instead of random

3
FLM 1.0
 ITE 305: Information Assurance and Security 2
Module #4

Name: Class number: _________________

__________________________________________ Date: _________________________
Section: _________ Schedule: ______________________

combinations.
These can be prevented by disallowing using of words from the dictionary.
7. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS)
In a denial-of-service (DoS) attack, the attacker sends a large number of connection or information requests to a
target or subject. When so many requests are made to the target or subject system, the system becomes overloaded
and cannot respond to legitimate requests for service. The system may crash or simply become unable to perform
ordinary functions.
A Distributed denial-of-service (DDoS) attack, is an attack in which a coordinated stream of requests is launched
against a target from many systems, perhaps thousands, are attacked.

8. Spoofing
Spoofing is a technique used to gain unauthorized access to computers, wherein the intruder sends messages with
a source IP address that has been forged to indicate that the messages are coming from a trusted host.
To engage in IP spoofing, hackers or attackers use a variety of techniques to obtain trusted IP addresses, and then
modify the packet headers to insert these forged addresses.
In other words they change a routers IP source to allow their computer to access the network.
Newer routers and good firewall arrangements can offer protection against IP spoofing.

9. Man-in-the-Middle
Man in the middle attack or TCP hijacking attack, an attacker monitors packets from the networks, modifies them,
and inserts them back into the network. This type of attack uses IP spoofing to enable an attacker to impersonate
another entity on the network.
It allows the attacker to eavesdrop as well as to change, delete, reroute, add, forge data.

10. Spam
Spam is unsolicited commercial e-mail. While many consider spam as a trivial nuisance rather than an attack, it
has been used as a means of enhancing malicious code attacks.
Mostly spam only irritates the attacked user or system. It is tiring to open your email and see that you have
thousands of email, with 1 or 2 are important, and the rest are spam or trash, and you have to find the 2 important
emails.

4
FLM 1.0
 ITE 305: Information Assurance and Security 2
Module #4

Name: Class number: _________________

__________________________________________ Date: _________________________
Section: _________ Schedule: ______________________

11. Mail Bombing

This is also another form of e-mail attack which is also a DoS attack, a combination of both. Mail bomb is an
attack in which an attacker routes large quantities of e-mail to the target. This can be accomplished by means of social
engineering or by exploiting various technical flaws in Mailing Protocols. If the target or the subject has weak
security in their email systems, it is easier for an attacker to send multiple emails that doesn’t scan as spam, it can
even reach in thousands to millions of unwanted emails.

12. Sniffers
A sniffer is a program or device that can monitor data traveling over a network. Sniffers can be used both for
legitimate network management functions and for stealing information. Sniffers can only read the sent data from local
networks, and then if the data is a password that is used locally, a sniffer can get the password and use it for other
types of attack.

13. Social Engineering

In Information security, social engineering is the process of using social skills to convince people to reveal access
credentials or other valuable information to the attacker. This is commonly known as scamming people, sadly this is
still very effective in the IT industry where there are thousands of people are scammed every day, where scammed
people think they can trust the person they are talking to.
Social engineering can be done in physical/actual conversations or virtual conversations. You might be drinking
in a bar and talking to a stranger, little you know that the information you are giving are actually useful to the
stranger, or worse it was the plan of the stranger and get the information from you and hack your company’s system
or your system.

14. Phishing
There are many other attacks that involve social engineering. Phishing is one of them, it is an attempt to gain
personal or financial information from an individual, usually posing as a legit entity/operation.
Sometimes phishing is done by sending an email to the person sending a link that redirects you to a site that you
thought is legit, sometimes they use a site identical to your company’s site, and once you login you are then redirected
to the actual site of your company, and you didn’t know you just accessed your login info to a fake site that now has
your login info.

15. Pharming
Is the redirection of legitimate web traffic such as browser requests to an illegitimate site for the purpose of
obtaining private information. Pharming often uses Trojans, worms, or other virus technologies to attack the Internet
browser’s address bar so that the valid URL typed by the user is modified to that of the attacker’s illegitimate web
site.
5
FLM 1.0
 ITE 305: Information Assurance and Security 2
Module #4

Name: Class number: _________________

__________________________________________ Date: _________________________
Section: _________ Schedule: ______________________

16. Timing Attack

A Timing attack explores the contents of a web browser’s cache and stores a malicious cookie on the client’s
system. The cookie can allow the attacker to collect information on how to access password-protected sites.
In other words an attacker attaches a code to a cookie that you gained from a legitimate website, and then that
code’s purpose is to send the login info to the attacker.

Companies are not safe from all of these attacks. Day by day, there are new technologies and new ways to attack
people’s assets. And some of these attacks are impossible to 100% eradicate. Such as Social Engineering, you can never
tell who those attackers are planning to steal access from employees or you. The best way to reduce these attacks from
happening is to continuously train or inform yourself and company’s employees.

2) Activity 3: Skill-building Activities (with answer key) (18 mins + 2 mins checking)
Congrats in reaching here. You are now ready to enhance your knowledge about attacks.
Exercise 1: Identification. Write in the space provided what is asked in each number
______________________ 1. It is a type of attack that uses social skills to convince people to reveal their access
information.
______________________ 2. A type of attack that sends a large number of requests to a target to make it overloaded.
______________________ 3. A type of attack that includes the execution of viruses with the intent of destroying or
stealing information.
______________________ 4. It is an attempt to gain personal or financial information from an individual while posing as
a legitimate operation
______________________ 5. A type of attack that inserts a real virus with a fake virus.

Exercise 1: Explanation. Compare and contrast the given terms.

1. Spam and Mail Bombing

6
FLM 1.0
 ITE 305: Information Assurance and Security 2
Module #4

Name: Class number: _________________

__________________________________________ Date: _________________________
Section: _________ Schedule: ______________________

2. Password Crack, Brute Force and Dictionary Attacks

3) Activity 4: What I Know Chart, part 2 (2 mins)

Please visit the What I know Chart from Activity 1 and write your answers to the questions based on what you
know in the third column of the chart
4) Activity 5: Check for Understanding (5 mins)
From your experience, which of these attack is the most common anyone can encounter? And why do you think it
is common? Can you give at least 1 example? How would you prevent it? (Note there is only 1 type of attack that
is most common)

7
FLM 1.0
 ITE 305: Information Assurance and Security 2
Module #4

Name: Class number: _________________

__________________________________________ Date: _________________________
Section: _________ Schedule: ______________________

C. LESSON WRAP-UP
1) Activity 6: Thinking about Learning (5 mins)
You are done with this session! Let’s track your progress. Shade the session number you just completed.

Did you have challenges learning the common terms in IAS? If none, which parts of the module helped you learn the
terms? Did you enjoy the modules?
FAQs
1. Do companies encounter these attacks daily, or just occasionally?
Answer: It depends mostly on the company, big companies are at risk of these attacks daily, but not necessarily that they
encounter this. But some companies such as new companies that put up their sites are actually attacked daily by DDoS by
some people who really just enjoy doing that.

8
FLM 1.0