Types of Attacks on a System

Subscribe to my newsletter and never miss my upcoming articles

Listen to this article

Operating System Attacks In Operating System Attacks, Attackers always search for an operating system's vulnerabilities. If they found any vulnerability in an Operating System, they exploit to attack against the operating system. Some most common vulnerabilities of an operating system are:

Buffer overflow vulnerabilities Buffer Overflow is one of the major types of Operating System Attacks. It is related to software exploitation attacks. In Buffer overflow, when a program or application does not have well-defined boundaries such as restrictions or pre-defined functional area regarding the capacity of data it can handle or the type of data can be inputted. Buffer overflow causes problems such as Denial of Service (DoS), rebooting, the achievement of unrestricted access, and freezing. Bugs in the operating system In software exploitation attacks & bugs in software, the attacker tries to exploit the vulnerabilities in software. This vulnerability might be a mistake by the developer while developing the program code. Attackers can discover these mistakes, use them to gain access to the system. Unpatched operating system Unpatched Operating System allows malicious activities, or could not completely block malicious traffic into a system. Successful intrusion can impact severely in the form of compromising sensitive information, data loss, and disruption of regular operation. Misconfiguration Attacks In a corporate network while installation of new devices, the administrator must have to change the default configurations. If devices are left upon default configuration, using default credentials, any user who does not have the privileges to access the device but has connectivity can access the device.

It is not a big deal for an intruder to access such type of device because the default configuration has common, weak passwords and there are no security policies are enabled on devices by default.

Similarly, permitting an unauthorized person or giving resources and permission to a person more than his privileges might also lead to an attack.

Additionally, Using the organization in Username & password attributes make it easier for hackers to gain access.

Application-Level Attacks Before releasing an application, the developer must make sure, test & verify from its end, manufactures, or from the developer’s end. In an Application level attack, a hacker can use:

Buffer overflow Active content Cross-site script Denial of service SQL injection Session hijacking Phishing Shrink Wrap Code Attacks Shrink Wrap code attack is the type of attack in which a hacker uses the shrink-wrap code method for gaining access to a system. In this type of attack, hacker exploits holes in unpatched Operating systems, poorly configured software and application. To understand shrink wrap vulnerabilities, consider an operating system that has a bug in its original software version. The vendor may have released the update, but it is the most critical time between the release of a patch by the vendor till the client’s systems updates. During this critical time, unpatched systems are vulnerable to the Shrinkwrap attack. Shrinkwrap attack also includes vulnerability to the system installed with software that is bundled with insecure test pages and debugging scripts. The developer must have to remove these scripts before release.

 
Share this