Unit 1 Assignment 1
In this assignment we are asked to identify the major threats and security concepts from a whitepaper located on the internet: http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf. This report stated that: “There are a number of recent and growing trends in the threat activity landscape that were observed by Symantec in 2009.” These threats are identified as: * Malicious code activity
* Tends to increase in countries experiencing rapid growth in broadband infrastructure and connectivity, , readily available malicious code kits are making it simple for attackers to mount attacks, the online underground economy and malicious activity are benefiting from the downturn in the global economy. * Web-based targeted attacks on enterprises are increasing
* Targeted attacks using advanced persistent threats (APT ) * Designed to remain undetected in order to gather information over prolonged periods. This type of attack has been observed in other large-scale data breaches that caused large numbers of identities to be exposed * Hacking attack using an SQL-injection attack
* The hackers can gain access to a company’s payment processing network. The attackers then installed malicious code designed to gather sensitive information from the network, which allowed them to easily access the network at their convenience. * Researching publically available information about a company or its employees * Creating phishing emails messages, also referred as spear phishing, that will be sent to the company or even specific staff employees. * Messages often contain attachments that exploit weaknesses in client-side applications, or links to websites that exploit vulnerabilities in Web browsers or browser plug-ins. * A successful attack could give the attacker access to a company’s network.
Please join StudyMode to read the full document