Controlling access is not limited to the control of authorized users; it also includes preventing unauthorized access.
Information systems may be attacked by a variety of attackers, ranging from script kiddies to worms to militarized attacks.
Attackers may use a variety of methods in their attempts to compromise the confidentiality, integrity, and availability of the systems.
The term “hacker” is often used in the media to describe a malicious individual who attacks the computer systems.
This term is originally described a nonmalicious explorer who used technologies in ways that their creators did not intend.
While some simply use the term “hacker” to describe a malicious computer attacker, better terms include “malicious hacker,” or “black hat.”
White hat hackers are the good guys, including the professional penetration testers who break into systems with permission, or malware researchers who research malicious code to provide better understanding and ethically disclose vulnerability to vendors.
A hacktivist is a hacker activist who attacks computer systems for political reasons. “Hacktivism” is hacking activism.
Script kiddies attack computer system with tools of which they have little or no understanding simply the uses the tools which is created by hackers.
Outsiders are attacker with no authorized privileged access to a system or organization. The outsider seeks to gain unauthorized access.
Outsiders launch the majority of attacks, but most are usually by defense-in-depth perimeter controls.
An insider attack is launched by an internal user who may be authorized to use the system that is attacked.
An insider attack may be intentional or accidental. Insider attackers range from poorly trained administrator who makes mistakes to malicious individuals who intentionally compromise the security of systems.
An authorized insider who attacks a system may be in a position to cause significant impact.
Bots and Botnets
A bot (short for robot) is a computer system running malware that is controlled via a botnet. A botnet contains a central command and control (C&C) network, managed by humans called bot herders. The term zombie is sometime used to describe a bot.
Phishing and Spear Phishers
A phisher (“fisher” spelled with the hacker spelling of “ph” instead of “f”) is malicious attacker who attempts to trick users into divulging account credentials or PII.
Phishing is a social engineering attack that sometimes includes other attacks, including client side attacks.
Users who click links in phishing emails may be subject to client-side attacks and theft of credentials.
Simply visiting a phishing site is dangerous, and the client may be automatically compromised.