Network Security Attacks With real life examples

Chanchal Mal
8 min readJun 19, 2022

--

What is Network Security?

Network security allows you to take preventative measures to help cover the networking structure from malfunction, abuse, destruction, revision, unauthorized access, etc. While you’re uploading your data on the internet and allowing it’s safe and secure, bush hackers can transgress this data and leak nonpublic information or steal plutocrat. This is why it’s necessary to secure your network [1].

Network security, is an important part of cyber security and, helps in guarding your network and data stored in it from breaches, software and tackle intrusion, and more. Network security defines a set of important rules, regulations, and configurations grounded on pitfalls, network use, availability, and complete trouble security [1].

Types of Network Security

In the field of network security, there are multiple factors working together to insure the security of data and networks. Grounded on this, there are several different types of network security :

  • Firewalls
  • Access control
  • Virtual private networks (VPNs)
  • Intrusion prevention systems
  • Wireless security
  • Application security
  • Behavioral analytics [2]

Firewalls

Firewalls are services or devices that act as guards responsible for deciding which web runner, pop up, and other services enter and exit a network [2].

Fig 1. Firewall [6]

Access Control

Access control allows companies to help potential attackers from invading confidential information and to block unauthorized devices and users from penetrating the given network [2].

Fig 2. Access Control [7]

Virtual Private Networks (VPNs)

A VPN generally uses the internet to cipher the connection between an endpoint device and a network. Further, VPN allows professionals to authenticate the communication between the network and the device [2].

Fig 3. VPN [8]

Intrusion Prevention Systems

Intrusion prevention systems find and help attacks by scanning network traffic [2].

Fig 4. Intrusion Preventing System [9]

Wireless Security

Wired networks are not as a secure as wireless networks. It is necessary for you to control the devices and users that can pierce your company’s network [2].

Fig 5. Wireless Security [10]

Application Security

Application security involves a set of software, hardware, and processes that track and lock the weak points of an operation to be easily be targeted by attackers to infiltrate your network [2].

Fig 6. Application Security [11]

Behavioral Analytics

If you want to be able to identify anomalies and various network breaches as and when they occur, you need to have a clear idea of the normal behavior of your network [2].

Fig 7. Behavioral Analytics

Types of Attacks in Network Security

Still, you want to be able to identify anomalies and various network breaches as and when they occur, you need to have a clear idea of the normal behavior of your network [3].

Types of Attacks in Network Security

Some of the different types of network security attacks are mentioned below which are:

A. Virus:

It is a malicious file that is downloadable, and formerly opened by a user, it starts to replace the codes in the computer with its own set of codes. On spreading, the system files in the computer will be corrupted, which can affect in the corruption of the files of other computer systems in the network [3].

B. Malware:

It is among the severe-most and fastest types of malicious attacks that help gain unauthorized access to a system or network of systems. Malware is generally self-replicating, i.e., once a system is corrupted, malware earring entry through the internet and fluently corrupts all computer systems that are connected to the network via the internet. In the case of malware, indeed an external device connected to the system will get corrupted [3].

C. Worm:

It enters a given system without the need of a user. If a user is running an operation that is not too strong, any attacker or hacker using the same internet connection can easily send malware to that app. Without the knowledge of the user, the applications could accept and execute this malware over the internet, leading to the creation of a worm. Ethical hackers are in high demand to prevent or help this type of network security attack [3].

D. Packet sniffer:

If a user places a passive receiver in the region of a wireless transmitter, also it ends up seeing a copy of the transmitted packets. Often, these packets consist of confidential organization data, trade secrets, etc., which can get through to the packet receiver. The packet receiver becomes a packet sniffer and it goes through all the packets transmitted in the range. Cryptography is the best way to help this form of network security attack [3].

E. Phishing:

This is one of the most common forms of attacks on the network security. In this, attackers send emails to users pretending to be from a known source, similar as investors and bankers, and building a sense of urgency to catch the users’ attention and/or excite them. These emails have probable chances of containing malicious attachments or links, which ask users to share confidential data [3].

F. Compromised key:

When an attacker gets a network security key, it is known as a compromised key that acts as a tool to prize sensitive data. In this case, the attacker uses a compromised key and gets unauthorized access to secure data. This key comprises of a law or number that assists in interpreting secure data without any notification to the sender or receiver [3].

G. Botnet:

It is a malicious software that can attack a set of computers connected through a private network. The attacker earring access and controls all the systems on that network without the knowledge of the owners. All the computers on that network are referred to as zombies that spread and loose a large number of devices as per the instructions of the attacker [3].

H. DoS:

DoS is known as denial of service. This attack is able of destroying the users’ networks partially or completely. DoS can also attack even a complete IT infrastructure, making it unavailable to the actual users. DoS attacks can generally be classified into three orders, namely, connection flooding, vulnerability attacks, and bandwidth flooding [3].

Some real life examples:

1. Adobe:

Adobe faced the massive hacking of its IT infrastructure in October 2013. Personal information of millions of accounts was stolen. Later on another file was discovered that brought the number of accounts affected by the attack to 150 million. The company was attacked for its customer information as well as for its product data. But the theft of over 40GB of source code was the most worrying problem for Adobe [4].

2. Sony Company:

Sony’s PlayStation Network had faced an attack in April 2011. The multiplayer gaming service which includes the important data of millions of users was leaked. Personal data of millions of users was tampered. Banking information of numerous number of players was also compromised and thus Sony has to pay compensation of near about 15 million dollars. The reason was, data was unencrypted and thus could easily be hijacked with the help of SQL injection. This cyber-attack could have been largely avoided [4].

3. Marriot Hotel:

At the Marriott-owned Starwood hotel group, personal information of almost 500 million guests has been compromised which also includes banking data. It was all being happening since 2014, but it was recognized in 2018 for the first time. Even if Marriott says that the number of customers that suffered the loss of personal information is somewhere near 327 million, it is understood that the implications must be massive. The hackers got an access of information which includes payment information, names, phone numbers, passport information and much more [4].

4. Yahoo! :

Yahoo! had announced that it had suffered a cyber-attack in 2014 that affected almost 500 million user accounts. This was the largest massive hacking of individual data which was directed against a single company. Personal information such as names, dates of birth, telephone numbers and passwords were stolen. In March, Yahoo! admitted of being hacked once again where 32 million accounts got affected [4].

5. Twitter:

Hackers gained access to 130 private and corporate Twitter accounts which has at least a million followers each, in July 2020. They used some of these big accounts to promote a Bitcoin scam. Barack Obama, Elon Musk, Bill Gates, Apple, Uber, and some other popular and notable individuals and companies were also in the list of hacked accounts. A chain of spear phishing attacks was faced by twitter employees. Those hackers collected the information of company employees who were working from home. They contacted them and introduced themselves as Twitter IT administrators, and asked for user credentials. Using tampered employee accounts, the attackers gained the access to administrator tools. Using these tools, they changed the passwords of accounts of these famous Twitter users, and tweeted scam messages [5].

6. Police department:

Employee negligence is another matter of concern. The city of Dallas suffered a massive data loss in March and April 2021 due to this. An employee mistakenly deleted 8.7 million important police files that the Department had collected as evidence for its cases. The files include video, photos, audio, case notes, and other important stuff. An IT worker who didn’t have enough training about how to properly move files from cloud storage resulted into data loss. The IT employee didn’t check the existence of copies or we can say proofs before deleting them and didn’t pay much attention to backups as well [5].

Authors: Chanchal Mal, Sangeeta Malviya, Ashish Vaswani, Pratik Waso, Tanay Vartak.

References:

[1] https://www.forcepoint.com/cyber-edu/network-security#:~:text=Network%20security%20is%20a%20broad,both%20software%20and%20hardware%20technologies

[2] https://www.checkpoint.com/cyber-hub/network-security/what-is-network-security/

[3] https://intellipaat.com/blog/what-is-network-security/

[4] https://outpost24.com/blog/top-10-of-the-world-biggest-cyberattacks

[5] https://www.ekransystem.com/en/blog/real-life-examples-insider-threat-caused-breaches

[6] https://www.okta.com/sites/default/files/media/image/2021-04/How-Firewalls-Work.png

[7] https://www.atss.in/wp-content/uploads/2019/01/Access-Control-Systems-Atss.png

[8] https://surfshark.com/wp-content/uploads/2021/06/what-is-vpn1-1024x501.png

[9] https://www.okta.com/sites/default/files/media/image/2021-05/IntrusionPreventionSystem.png

[10] https://informationsecurityprogram.com/wp-content/uploads/2019/01/wireless-access-security-668x334.jpg

[11] https://www.atatus.com/glossary/content/images/2021/06/Application-Security--1-.jpeg

--

--