• Choose a category
• All
• Classic-Fiction

Understanding Access Attack Types

The goal of an access attack is straightforward. An access attack is an attempt to gain access to information that the attacker isn’t authorized to have. These types of attacks focus on breaching the confidentiality of information. They occur either internally or externally; they might also occur when physical access to the information is possible.

Dumpster diving is a common physical access method. Companies normally generate a huge amount of paper, most of which eventually winds up in Dumpsters or recycle bins. Dumpsters may contain information that is highly sensitive in nature. In high-security and government environments, sensitive papers are either shredded or burned. Most businesses don’t do this. In addition, the advent of “green” companies has created an increase in the amount of recycled paper, which can often contain all kinds of juicy information about a company and its individual employees.

A second common method used in access attacks is to capture information en route between two systems; rather than paper, data is found in such attacks. There are several common types of access attacks:

Eavesdropping Eavesdropping is the process of listening in on or overhearing parts of a conversation, including listening in on your network traffic. This type of attack is generally passive. For example, a coworker might overhear your dinner plans because your speakerphone is set too loud or you’re yelling into your cell phone. The opportunity to overhear a conversation is coupled with the carelessness of the parties in the conversation.

Snooping Snooping occurs when someone looks through your files hoping to find something interesting. The files may be either electronic or on paper. In the case of physical snooping, people might inspect your Dumpster, recycling bins, or even your file cabinets; they can look under the keyboard for Post-it notes or look for scraps of paper tacked to your bulletin board. Computer snooping, on the other hand, involves someone searching through your electronic files trying to find something interesting.

Interception Interception can be either an active or a passive process. In a networked environment, a passive interception would involve someone who routinely monitors network traffic. Active interception might include putting a computer system between the sender and receiver to capture information as it’s sent. The process is usually covert. The last thing a person on an intercept mission wants is to be discovered. Intercept missions can occur for years without the knowledge of the parties being monitored.

Government agencies routinely run intercept missions to gather intelligence about the capabilities and locations of enemies. For instance, the FBI has several products that they install on ISPs’ systems to gather and process e-mail, looking for keywords. These keyword searches become the basis of an investigation.

The major difference between these types of attacks is how they’re accomplished. The ultimate objective is to gain unauthorized access to information.

Real World Scenario

Survey Your Surroundings

As an administrator, you’ve no doubt heard countless horror stories of data being accessed as a result of stupidity. Users write their passwords on scraps of paper and tape them to the monitor because the length/complexity requirements have made the passwords too difficult to remember. Other users go home without logging out and never return; the terminal stays logged in indefinitely, allowing an attacker to sit at it and copy key files. These stories may sound too unrealistic to believe, but there is some truth to them.

For this scenario, you’ll need to put yourself in the position of an outsider wanting to find any sliver of data that can be used to allow you to gain access to a network. That sliver of data could be a user’s password, the name and location of a data file, or anything else of a sensitive nature. From that perspective, see if you can answer these questions:

■ How often do users change their passwords,