Typical Attacks Against a Network

In this video, we’re going to be going over typical attacks against a network. So as I said, we’re going over typical attacks on a network, meaning that we’re going over the ones that you’ll most likely see. Now there are other methods of attacks on different networks and individuals, but again, I do want to go over more of the common ones. And these type of things we’re going to be going over in more detail later, but this is an overview of these type of attacks. So the first one is reconnaissance. Now reconnaissance is phase one of the five phases of hacking. Now whether the individual is a malicious hacker or a pen tester, hackers generally go with five different phases.

And the first one again being reconnaissance. Now in this phase, a hacker is going to learn as much as they can about you and your network - collection of names, phone numbers, email addresses, URL photos et cetera. In this phase, a hacker is not likely to engage a target directly, and the goal is try and gather as much information about the target or the target network as possible. Because the more information a hacker has before they actually launch a real attack, the better off they’re going to be. Now the next type of attack we’re going to go over is phishing and spear phishing. Now phishing is when an email is sent, typically to a number of people.

It could be - well, actually it could be an individual or it could be several people. It’s going to be generally a non-direct attack. It’s going to be kind of a go out to, again, random people or a group of people. Now a spear phishing attack will typically be a crafted email against a specific target, or it could be several people in an organisation, for example. These can be spear phishing attacks. These are very custom for whoever the target is. Now the email will generally be spoofed.

It’s going to try to entice a target in some way to engage with the hacker. So this means either clicking a link, opening a file, calling someone, et cetera. The link or file will typically carry some sort of payload, and so if the phishing or spear phishing email is a PDF, the PDF will probably have some sort of payload in there, like a reverse shell key logger - something like that. The link a hacker might try to get someone to click on will typically steal their password. Again, a reverse connection - things of this type of nature.

Now the next one we’re talking about is DOS or DDoS attacks. Now DOS attack stands for denial of service attack. DDoS is distributed denial of service attack. Now distributed denial of service attack is when several computers join together to attack a network, whereas a denial of service attack is typically one person launching attack. Now, this programme here is called Low Orbit Ion Cannon. It’s a pretty popular one for launching an attack, and we’ll go into more detail about this later with the demonstration. But to give you a quick overview, this type of attack is when an attacker launches - tries to flood the network. And it could be different types of trapping. It could be UDP, TCP, et cetera.

And it’s flooding the network with all these different requests. And what will happen is it’ll slow down the network and eventually crash it, if you can send enough packets out to that computer and flood it. We’ve seen these type attacks with things like Xbox Live, PlayStation going down and crashing. These are typically denial of service attacks or distributed denial of service attacks. And these are pretty nasty attacks, but there are ways to mitigate this, and we’ll go over those in later videos. Now we also have viruses and ransomware, and these are pretty common attacks. So virus payload - it could do a number of things. It can destroy your data. It could scramble it.

It could do things like put a key logger in and send information off to people, et cetera. Ransomware will typically lock your files and will demand some sort of ransom in order to unlock it. We’ll also have bad HID devices - bad USB drops. Now bad HID device stands for human interface device, so things like a USB drive. USB drive is going to be one of the most common attacks. A malicious hacker will take a USB drive, put a payload on it. A good example would be I could take a USB drive - a little $2 USB drive. I could get a little label and put it on, something on there like payroll.

And then I can create an Excel file that could have a virus on it. In that virus I could put Payroll Spreadsheet 2020, and then I could just drop it somewhere. So someone picks it up, they plug it in, they open the Excel spreadsheet, and I might have a reverse connection back to the computer, and I can take control of it. In this example here, I took a device called USB Rubber Ducky, which acts as a keyboard and types commands at an insanely high rate. And I had stuck it in a USB mouse. So it looked like a USB mouse, but when you plug it in, it actually deploys a payload.

This is another example of a bad human interface device.