Watch out for These Three Types of Network Attacks
Every industry is targeted by certain common attack strategies. There are three major types of attacks that can occur in your network:
• Reconnaissance Attacks
These are general knowledge gathering attacks. They occur by an outsider probing the network or through social engineering and physical surveillance; these attacks can be preventable. Common examples of reconnaissance attacks: Packet sniffing, ping sweeping, port scanning, phishing, social engineering, and internet information queries.
Solution: Limit the information posted about your company’s contact information. Edit banner returns for banner-grabbing attacks so the information is limited to the attacker. Be sure personnel are trained on how to spot social engineering attacks. Conduct audits of both the logical information and the physical security in place.
• Access Attacks
These attacks require any kind of intrusion capability. They consist of anything like gaining an account holder’s credentials or plugging foreign hardware directly into the network infrastructure.
Solution: This type of attack involves the need for network hardening. Most companies are limited to the capabilities of their equipment, so if your Cisco router is vulnerable to attack, then the best course of action is to know that attack, look for it, and set rules on your network IDS/IPS for it. Update often and regularly. Monitor the probing from any recently recognized reconnaissance attacks. If hackers are researching you, there is a greater possibility of future attack attempts. Test and audit current security standings.
• Denial of Service Attacks
These attacks render networks unable to move traffic in any capacity. This can happen from power failure or flooding the network with junk traffic that clogs the network’s ability to function. Both can be prevented with physical and logical blockers. This can be done via a botnet and it can bring swift devastation to a network without any warning through a process called the distributed denial of service. The linked computers all fire off packets into the network simultaneously. Flooding the network with these packets generates a need to respond, and if the network cannot keep up with the responses, then the network simply cannot function. Another type of denial of service attack is a system crash which can cause temporary or permanent damage to a network.
Solution: DoS and DDoS attack defense walk in parallel with access attack defense ideology. Protecting against these attacks can include a few options from maximizing bandwidth allocation to network isolation based on traffic types. If your webserver is attacked, you do not want that to affect the mail server or back end network management devices. Combine this with limiting privileges and roles.
Harden, Update, Control
Ultimately, just knowing the vulnerabilities that can affect you is crucial. A company needs to harden, update, and control. Harden your network devices. Ensure all systems hardware and software are updated and patched regularly. Control traffic flow. These things will go a long way to preventing network attacks.