Defending Against Email and Browser Attacks (38.5.12)
There are many actions that you can take to defend against email and browser attacks. Some of the most important ones are outlined here:
- It is difficult to stop spam, but there are ways to reduce its effects:
- Most Internet service providers (ISPs) filter spam before it reaches the user’s inbox.
- Many antivirus and email software programs automatically detect and remove dangerous spam from an email inbox.
- Organizations should educate employees about the dangers of unsolicited emails and make them aware of the dangers of opening attachments.
- Never assume that email attachments are safe, even when they come from a trusted contact. Always scan attachments before opening them.
- Become a member of the Anti-Phishing Working Group (APWG). It is an international association of companies focused on eliminating identity theft and fraud resulting from phishing and email spoofing.
- All software should be kept up-to-date, with the latest security patches applied to protect against any known security vulnerabilities.
The following are some other common attacks that cybercriminals can launch.
Physical Attacks
Physical attacks are intentional, offensive actions used to destroy, expose, alter, disable, steal, or gain unauthorized access to an organization’s infrastructure or hardware.
Examples of physical attacks include
- Loading malware onto a USB flash drive that infects a device when plugged in.
- Fitting cables and plugs such as generic USB cables, mobile device charging cables, and wall or power adapters with advanced technologies, such as a wireless chip, to allow an attacker to control or provide instructions to a device.
- Copying or skimming data from a credit or debit card using a specialized terminal to create a cloned card, which can be used to gain unauthorized access to the victim’s accounts.
Adversarial Artificial Intelligence Attacks
Machine learning is a method of automation that allows devices to carry out analysis and perform tasks without specifically being programmed to do so. It powers many of the applications we use today, such as web searching, photo tagging, spam detection, video surveillance, fraud detection, and security automation.
Machine learning uses mathematical models to predict outcomes. However, these models are dependent on the data that is inputted. If the data is tainted, it can have a negative impact on the predicted outcome. Attackers can take advantage of this to perpetrate attacks against machine learning algorithms; for example, using tainted data to trick an autonomous vehicle into misinterpreting street signs.
Many organizations interface with a third party for their systems management or to purchase components and software. Organizations may even rely on parts or components from a foreign source.
Attackers often find ways to intercept these supply chains. For example, software can be based on specific support agreements and subject to an end-of-life (EOL) date. Changing this date could mean that an organization is no longer eligible for service and maintenance support.
Rather than developing systems on their own premises, more and more organizations are making the move toward cloud-based computing, as we discussed earlier in this chapter.
The advantage is that the cloud provider will maintain the equipment, but this also opens up an organization to a host of potential threats. Attackers are constantly leveraging ways to exploit sensitive data stored on the cloud, as well as applications, platforms, and infrastructure that are cloud-based, as we saw with SaaS, PaaS, and IaaS.
Check Your Understanding—Application Attacks (38.5.13)
Refer to the online course to complete this activity.