Attack Prevention 1 Attack Prevention : Preventing Cyber Attacks Jon Bartholf CMGT441 : Introduction to Information Systems Security January 1 7 , 2011 Bashar Elkhatib Analyze the process of a cyber attack as described in the article, outlining the steps involved and the potential consequences. Based on the prevention techniques mentioned, assess which methods are most effective in defending against cyber attacks, particularly for home users and small businesses. Your response should be approximately 600 - 800 words . Attack Prevention 2 TABLE OF CONTENTS INTRODUCTION ....................................................................................... .............................. 3 CYBER ATTACK: WHAT IT IS ................. .. ...... . .................................................................. 3 STEPS OF A CYBER ATTACK . .......................... ......................... ..................................... . .... 4 Placement of Malware on Trusted Website .... . ...................................................................... 4 Client - Side Exploitation ..... ....... ............................................................................................. 4 Reverse Backdoor .................................................................................................................. 4 Hash Dumping ........ .............................. ................................................................................. 5 Pass - the - Hack Attack to Pivot ............................................................................................... 5 Compromise of Domain Controller ....................................................................................... 5 Exfiltration .............. ........... .................................................................................................... 5 PREVENTION TECHNIQUES ............................................................................................ . .. 5 Risk Assessment and Identity of Weaknesses......................................................................... 6 Back - up of Vital Information................................................................................................. 6 Anti - Virus Software and Firewalls........................................................................................ 6 Account Activity Monitoring.................................................................................................. 7 CONCLUSION................................................................................................................... .... . . . 7 APPENDIXES................................................................................................................... ........ 8 Appendix A: Cyber Attack Steps 1 through 3 (Figure 1)....................................................... 8 Appendix B: Cyber Attack Steps 4 through 6 (Figure 2)....................................................... 9 Appendix C: SWOT Analysis Example (Figure 3)................................................................. 1 0 REFERENCES ....................................................................................................................... . .. 11 Attack Prevention 3 Attack Prevention: Preventing Cyber Attacks Technology is everywhere , which is evident in the everyday products that we as a society use such as computers, cell phones, global positioning devices, and the Internet. As technology expands and grows, so does the reliance and dependence on these types of products. But reliance and dependence are not the only things that technology brings. Cyber attacks are a gradually increasing occurrence that is derived from technology; however, s topping these types of attacks before they occur is usually more difficult than can be expected, but is overall not impossible. The trick to averting such an attack lies in the programs and applications that one uses for defense that recognize s , detect s and notif ies the user that an attack is imminent. This can be something as simple as a malware and/or virus program to something more complex such as a firewall. The purpose of this paper is to discuss what constitutes a cyber attack, examine the steps involved in a cyber attack, and determine how to prevent them , which was discussed in the article by Tony M. Damico entitled Cyber Attack Prevention for the Home User: How to Prevent a Cyber Attack (2009) and other sources . Cyber Attack: What It Is A c yber attack, also known as Cyber Warfare, is “an attempt to undermine or compromise the function of a computer - based system, or an attempt to track the online movements of individuals without their permission” (WiseGeek, 2011). To put it in simpler terms, a cyber attack is the targeting of something electronic to make them malfunction so that some type of reward can be collected. As mentioned in the first definition, cyber attacks fall into two basic categories: those acts that are intended to collect information and those that are intended to do harm. Cyber attacks that are specifically carried out for the sole purpose of information gath ering range from tracking the movements that a user makes to copying important documents contained upon a hard drive ,