Common Network Security Exploits Responses

Provide (2) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.

RESPONSE 1:

The worst kind of attack in my opinion is a social engineering attack. Kaspersky describes social engineering as a manipulation technique that exploits human error to gain private information, access and valuables. I consider these types of attacks the worst since the attack targets the weakest link in the security chain, users. While social engineering attacks can take a few different forms but the one I want to focus on is Phishing. Phishing is an attempt to gain private information, like passwords and login names by using what seems like a legitimate site or link in an email from what seems like a trusted source but in actuality it’s a scam that is trying to get your sensitive data. Phishing also has a few forms of attacks as well but the one the example I’m using today is a spear phishing attack on Google and Facebook.

In 2013 a Lithuanian group called the Lithuanian National Evaldas Rimasuskas pretended to be a computer manufacturer that worked for both Google and Facebook, called Company-2, which sounds very similar to the actual hardware company called Company-1. Rimasuskas then send invoices to facebook and Google for legitimate services performed for the tech giants but the bill came from the fraudulent company, which paid into a bank account under the fake company name. I would consider this a win for social engineering since this plan worked for 2 years before Rimasuskas plead guilty to the scheme.

-Marx

RESPONSE 2:

Similar to a DOS (Denial Of Service) attack, a DDOS (Distributed Denial Of Service) attack is where a large influx of network traffic is sent to a targeted network, service, or server with the intent of overloading it and denying the use of it to others. The difference between a DOS and a DDOS attack is where a DOS attack utilizes only one system, a DDOS attack uses multiple. I believe this to be the worst type of attack for multiple reasons. For one, they are relatively simple to perform. They can be conducted by multiple hackers with multiple systems or an individual hacker remotely controlling multiple systems. The attack involves sending ICMP requests, sometimes referred to as pings, to one location. If a large enough amount of pings are sent frequently enough, the target server wont be accessible to any of the daily regular web traffic. DDOS attacks are also very difficult to prevent due to the distributed nature of the attack, with the possibility of the sources of the attack ranging from all around a city to all around the world. There are also difficulties involved in trying to tell the difference between regular web traffic and web traffic sent with the malicious intent of overloading the network.

Provide (2) 150 words substantive response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that’s discusses the responses. 100% original work and not plagiarized. Must meet deadline.

RESPONSE 1:

The worst kind of attack in my opinion is a social engineering attack. Kaspersky describes social engineering as a manipulation technique that exploits human error to gain private information, access and valuables. I consider these types of attacks the worst since the attack targets the weakest link in the security chain, users. While social engineering attacks can take a few different forms but the one I want to focus on is Phishing. Phishing is an attempt to gain private information, like passwords and login names by using what seems like a legitimate site or link in an email from what seems like a trusted source but in actuality it’s a scam that is trying to get your sensitive data. Phishing also has a few forms of attacks as well but the one the example I’m using today is a spear phishing attack on Google and Facebook.

In 2013 a Lithuanian group called the Lithuanian National Evaldas Rimasuskas pretended to be a computer manufacturer that worked for both Google and Facebook, called Company-2, which sounds very similar to the actual hardware company called Company-1. Rimasuskas then send invoices to facebook and Google for legitimate services performed for the tech giants but the bill came from the fraudulent company, which paid into a bank account under the fake company name. I would consider this a win for social engineering since this plan worked for 2 years before Rimasuskas plead guilty to the scheme.

-Marx

RESPONSE 2:

Similar to a DOS (Denial Of Service) attack, a DDOS (Distributed Denial Of Service) attack is where a large influx of network traffic is sent to a targeted network, service, or server with the intent of overloading it and denying the use of it to others. The difference between a DOS and a DDOS attack is where a DOS attack utilizes only one system, a DDOS attack uses multiple. I believe this to be the worst type of attack for multiple reasons. For one, they are relatively simple to perform. They can be conducted by multiple hackers with multiple systems or an individual hacker remotely controlling multiple systems. The attack involves sending ICMP requests, sometimes referred to as pings, to one location. If a large enough amount of pings are sent frequently enough, the target server wont be accessible to any of the daily regular web traffic. DDOS attacks are also very difficult to prevent due to the distributed nature of the attack, with the possibility of the sources of the attack ranging from all around a city to all around the world. There are also difficulties involved in trying to tell the difference between regular web traffic and web traffic sent with the malicious intent of overloading the network.