In this article we will have a look at how cybercriminals plan attacks. This article describes all the phases in performing cyber attacks like reconnaissance, scanning & scrutinizing, and launching an attack.
Watch this video to learn how cybercriminals plan attacks:
ARVE Error: src mismatchprovider: youtube
url: https://www.youtube.com/watch?v=z2ilqLn_qjc&list=PL_RcVnBPGmSLAGyNa6wiAf8bbVwxYYzCi&index=36
src in org: https://www.youtube.com/embed/z2ilqLn_qjc?list=PL_RcVnBPGmSLAGyNa6wiAf8bbVwxYYzCi
src gen org: https://www.youtube.com/embed/z2ilqLn_qjc
Cybercriminals commit cybercrimes using different tools and techniques. But, the basic process of performing the attacks is same in general. The process or steps involved in committing the cybercrime can be specified in 5 steps namely:
2) Scanning and Scrutinizing
3) Gaining Access
4) Maintaining Access and
5) Covering the tracks
The simplified or condensed process consists of 3 steps namely:
2) Scanning and Scrutinizing and
3) Launching an Attack
The 3 step process of how cybercriminals plan attacks is illustrated in the below image.
Contents
Reconnaissance
Reconnaissance is an act of exploring to find someone or something. Reconnaissance phase begins with Footprinting. Footprinting involves gathering information about the target’s environment to penetrate it. It provides an overview of system vulnerabilities. The objective of this phase (reconnaissance) is to understand the system, its networking ports and services, and any other related data. An attacker attempts to gather information in two phases: a) passive and b) active attacks.
Passive Attacks
This attack is used to gather information about a target without their knowledge. These attacks include:
- Google or Yahoo search
- Facebook, LinkedIn, other social sites
- Organization’s website (target)
- Blogs, newsgroups, press releases, etc
- Job postings on Naukri, Monster, Craiglist, etc
- Network sniffing
Active Attacks
This attack involves exploring the network to discover individual hosts to confirm the data gathered using passive attacks. This attack involves the risk of being detected and so it is called “Active Reconnaissance”. This attack allows the attacker to know the security measures in place.
Scanning and Scrutinizing
Scanning involves intelligent examination of gathered information about target. The objectives of scanning are:
- Port scanning
- Network scanning
- Vulnerability scanning
Scrutinizing is also called enumeration. 90% of the time in hacking is spent in reconnaissance, scanning and scrutinizing information. The objectives are:
- Find valid user accounts or groups
- Find network resources or shared resources
- OS and different applications running on the target
Launch an Attack
An attack follows the below steps:
- Crack the password
- Exploit the privileges
- Execute malicious software (backdoor)
- Hide or destroy files (if required)
- Cover the tracks
Suryateja Pericherla, at present is a Research Scholar (full-time Ph.D.) in the Dept. of Computer Science & Systems Engineering at Andhra University, Visakhapatnam. Previously worked as an Associate Professor in the Dept. of CSE at Vishnu Institute of Technology, India.
He has 11+ years of teaching experience and is an individual researcher whose research interests are Cloud Computing, Internet of Things, Computer Security, Network Security and Blockchain.
He is a member of professional societies like IEEE, ACM, CSI and ISCA. He published several research papers which are indexed by SCIE, WoS, Scopus, Springer and others.
Please post yoyr document for the Fuel for Cyber Crime
I am Dr PL Pradhan CSE Professor
[email protected]