02 Nov 2020
Attack Type | Description |
---|---|
Eavesdropping Attack | This is when a threat actor captures and “listens” to network traffic. This attack is also referred to as sniffing or snooping. |
Data Modification Attack | If threat actors have captured enterprise traffic, they can alter the data in the packet without the knowledge of the sender or receiver. |
IP Address Spoofing Attack | A threat actor constructs an IP packet that appears to originate from a valid address inside the corporate intranet. |
Password-Based Attacks | If threat actors discover a valid user account, the threat actors have the same rights as the real user. Threat actors could use that valid account to obtain lists of other users, network information, change server and network configurations, and modify, reroute, or delete data. |
Denial of Service Attack | A DoS attack prevents normal use of a computer or network by valid users. A DoS attack can flood a computer or the entire network with traffic until a shutdown occurs because of the overload. A DoS attack can also block traffic, which results in a loss of access to network resources by authorized users. |
Man-in-the-Middle Attack | This attack occurs when threat actors have positioned themselves between a source and destination. They can now actively monitor, capture, and control the communication transparently. |
Compromised-Key Attack | If a threat actor obtains a secret key, that key is referred to as a compromised key. A compromised key can be used to gain access to a secured communication without the sender or receiver being aware of the attack. |
Sniffer Attack | A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. |