1) Inside Jobs –
Gathering information about an agency from the actually agency itself through
infiltration and spying.
2) Back Doors -
Hackers gain access to an open or closed network by exploiting back doors administrative
shortcuts, configuration errors, easily deciphered passwords, and unsecured
dial-ups. With the aid of computerized searchers (bots), hackers can probably
find any weakness in your network.
3) Rogue Access Points - Rogue access points (APs) are unsecured wireless access
points that outsiders can easily breech. (Local hackers often advertise rogue
APs to each other.) Rogue APs are most often connected by well-meaning but
ignorant employees.
4) Trojan Horses - Trojan horses, these are attach their selves to other
programs and are the leading cause of all break-ins. When a user downloads and
activates a Trojan horse, the hacked software (SW) kicks off a virus, password
gobbler, or remote-control SW that gives the hacker control of the PC.
5) Viruses and Worms - Viruses and worms are self-replicating programs or code
fragments that attach themselves to other programs (viruses) or machines
(worms). Both viruses and worms attempt to shut down networks by flooding them
with massive amounts of bogus traffic, usually through e-mail. This is very
common and hackers make new viruses and worms every day.
6) Denial of Service - DoS attacks give hackers a way to bring down a network
without gaining internal access. DoS attacks work by flooding the access
routers with bogus traffic (which can be e-mail or Transmission Control
Protocol, TCP, packets).
Distributed
DoSs (DDoS5) are coordinated DoS attacks from multiple sources. A DDoS is more
difficult to block because it uses multiple, changing, source IP addresses.
7) Anarchists, Crackers, and Kiddies - Anarchists are the type of people who
just like to break into stuff. They usually exploit any target of opportunity.
Crackers
are hobbyists or professionals who break passwords and develop Trojan horses or
other SW (called warez). They either use the SW themselves (for bragging
rights) or sell it for profit.
Script
kiddies are hacker wannabes. They have no real hacker skills, so they buy or
download warez, which they launch.
Other
attackers include disgruntled employees, terrorists, political operatives, or
anyone else who feels slighted, exploited, ripped off, or unloved.
8) Sniffing and Spoofing - Sniffing refers to the act of intercepting TCP packets.
This interception can happen through simple eavesdropping or something more
sinister.
Spoofing
is the act of sending an illegitimate packet with an expected acknowledgment
(ACK), which a hacker can guess, predict, or obtain by snooping.