Unlock the full potential of your projects.
Montrer carte totale
Copier éditer carte Copier

Cyber Attack Lifecycle and Cyber Risks 2

Éducation et remarques
WS
wojod saleh

it is from CYB33 course (Cyber Security & Electronic Warfare) - KSU - Lec2

Lancez-Vous. C'est gratuit
ou s'inscrire avec votre adresse e-mail
Cartes mentales similaires Plan de carte mentale
Cyber Attack Lifecycle and Cyber Risks 2 par Mind Map: Cyber Attack Lifecycle and Cyber Risks 2

1. Attack Surface & Attack Vector:

1.1. Attack Surface: All potential entry points for an attacker.

1.2. Attack Vector: The method used by an attacker to exploit a vulnerability.

1.3. Examples: Power grids, vehicles, homes, healthcare.

2. Cyber-Attack Phases:

2.1. Planning: Gather information about the target and plan the attack.

2.2. Preparation: Choose the attack vector and weapon.

2.3. Intrusion: Gain access to the target system.

2.4. Management & Enablement: Manage the attack and establish communication.

2.5. Sustainment & Attack Execution: Utilize access to achieve the attack's goal.

3. Synthesis of Steps & Phases:

3.1. Passive Reconnaissance: Gather publicly available information.

3.2. Scanning: Probe the target system to identify vulnerabilities.

3.3. Enumeration: Gather detailed information about the target.

3.4. Targeting & Weapons Pairing: Choose the target and weapon.

3.5. Stealing Credentials: Steal login and password data.

3.6. Develop a Payload: Create malicious code to exploit vulnerabilities.

3.7. Deliver Payload: Send the payload to the target system.

3.8. Exploitation: Trigger the payload to execute malicious code.

3.9. Escalate Privileges: Gain access to higher-level accounts.

3.10. Establish Command, Control, and Communication: Establish a communication channel to manage the attack.

3.11. Move Laterally: Spread the attack to other systems on the network.

4. Concepts & Terms:

4.1. Threat: Potential danger to an asset.

4.2. Vulnerability: Weakness in a system.

4.3. Exploit: Mechanism to leverage a vulnerability.

4.4. Threat Actors:

4.4.1. White Hat Hackers: Ethical hackers.

4.4.2. Grey Hat Hackers: Unethical but not malicious.

4.4.3. Black Hat Hackers: Criminal ha ckers.

4.4.4. Script Kiddies: Inexperienced hackers.

4.4.5. State-Sponsored: Government-backed hackers.

4.4.6. Cybercriminals: Hackers for profit.

4.4.7. Hacktivists: Hackers for political/social causes.

4.4.8. Vulnerability Brokers: Find and report exploits.

5. Common Threats & Attacks:

5.1. Malware:

5.1.1. Virus: Self-replicating code that infects other programs.

5.1.2. Worm: Self-replicating code that spreads across networks.

5.1.3. Trojan Horse: Malicious code disguised as legitimate software.

5.1.4. Key Logger: Records keystrokes.

5.1.5. Rootkit: Hides malicious activity on a system.

5.1.6. Botnet: Network of compromised computers.

5.1.7. Ransomware: Encrypts data and demands payment for decryption.

5.2. Social Engineering:

5.2.1. Deception to manipulate individuals into revealing information.

6. Types of Network Attacks:

6.1. Information Gathering (Recon):

6.1.1. Perform an information query: Gather basic information about the target.

6.1.2. Ping sweep: Identify active IP addresses on the target network.

6.1.3. Port scan: Determine open ports and services on target hosts.

6.2. Access Attacks:

6.2.1. Password attack: Attempt to discover passwords.

6.2.2. Pass-the-hash: Steal and use password hashes.

6.2.3. Trust exploitation: Gain access through a trusted host.

6.2.4. Port redirection: Use a compromised system to attack other targets.

6.2.5. Man-in-the-middle attack: Intercept communication between two parties.

6.2.6. IP, MAC, DHCP Spoofing: Falsify address data.

6.2.7. Social Engineering:

6.2.7.1. Pretexting: Lie to gain access to information.

6.2.7.2. Spam: Use spam emails to trick users.

6.2.7.3. Phishing: Send deceptive emails to steal information.

6.2.7.4. Spear phishing: Targeted phishing attacks.

6.2.7.5. Whaling: Phishing attacks targeting high-level executives.

6.2.7.6. Pharming: Compromises domain name services.

6.2.7.7. Watering hole: Infect websites frequented by the target group.

6.2.7.8. Vishing: Phishing attacks using voice calls.

6.2.7.9. Smishing: Phishing attacks using SMS messages.

6.3. Denial of Service (DoS) Attacks:

6.3.1. Overwhelm the target with traffic.

6.3.2. Send malicious packets.

6.3.3. DDoS Attacks: Coordinated attacks from multiple sources.

7. Steps of Offensive Cyber Operations:

7.1. Identify Vulnerabilities:

7.1.1. People: Social engineering.

7.1.2. Process: Policies and procedures.

7.1.3. Technology:

7.1.3.1. Network: Network protocols.

7.1.3.2. Software: Applications.

7.2. Get and Maintain Access:

7.2.1. Physical access: Gain physical access to the target system.

7.2.2. Remote access: Gain access remotely through vulnerabilities.

7.2.3. Corruption of supply chain: Compromised hardware or software.

7.3. Take Advantage:

7.3.1. Deliver a payload: Execute malicious code to achieve the attacker's goal.