Introduction to Vulnerabilities, Threats, and Attacks
Threats

There are four primary classes of threats to network security , :

  1. Unstructured threats
    Unstructured threats consist of mostly inexperienced individuals using easily available hacking tools such as shell scripts and password crackers . Even unstructured threats that are only executed with the intent of testing and challenging a hacker’s skills can still do serious damage to a company. For example, if an external company Web site is hacked, the integrity of the company is damaged. Even if the external Web site is separate from the internal information that sits behind a protective firewall, the public does not know that. All the public knows is that the site is not a safe environment to conduct business.
  2. Structured threats
    Structured threats come from hackers that are more highly motivated and technically competent. These people know system vulnerabilities, and can understand and develop exploit-code and scripts. They understand, develop, and use sophisticated hacking techniques to penetrate unsuspecting businesses. These groups are often involved with the major fraud and theft cases reported to law enforcement agencies.
  3. External threats
    External threats can arise from individuals or organizations working outside of a company. They do not have authorized access to the computer systems or network. They work their way into a network mainly from the Internet or dialup access servers.
  4. Internal threats
    Internal threats occur when someone has authorized access to the network with either an account on a server or physical access to the network. According to the FBI, internal access and misuse account for 60 to 80 percent of reported incidents.

As the types of threats, attacks, and exploits have evolved, various terms have been coined to describe different groups of individuals. Some of the most common terms are as follows:

  • Hacker – Hacker is a general term that has historically been used to describe a computer programming expert. More recently, this term is commonly used in a negative way to describe an individual that attempts to gain unauthorized access to network resources with malicious intent.
  • Cracker – Cracker is the term that is generally regarded as the more accurate word that is used to describe an individual that attempts to gain unauthorized access to network resources with malicious intent.
  • Phreaker – A phreaker is an individual that manipulates the phone network in order to cause it to perform a function that is normally not allowed. A common goal of phreaking is breaking into the phone network, usually through a payphone, to make free long distance calls.
  • Spammer – A spammer is an individual that sends large quantities of unsolicited email messages. Spammers often use viruses to take control of home computers in order to use these computers to send out their bulk messages.
  • Phisher – A Phisher uses email or other means in an attempt to trick others into providing sensitive information, such as credit card numbers or passwords. The Phisher will masquerade as a trusted party that would have a legitimate need for the sensitive information.
  • White hat – White hat is a term used to describe individuals that use their abilities to find vulnerabilities in systems or networks, and then report these vulnerabilities to the owners of the system so that they can be fixed.
  • Black hat – Black hat is another term for individuals that use their knowledge of computer systems to break into systems or networks that they are not authorized to use.