Security
Reader small image

You're reading from  Certified Ethical Hacker (CEH) v12 312-50 Exam Guide

Product typeBook
Published inJul 2022
PublisherPackt
ISBN-139781801813099
Edition1st Edition
Tools
GitHubCloudFormation
Concepts
Penetration Testing
Right arrow
Author (1)
Dale Meredith
Dale Meredith
author image
Dale Meredith

Dale Meredith is an EC-Council Certified Ethical Hacker/Instructor and a Microsoft Certified Trainer. Dale has over 10 years of senior IT management experience and was a CTO for an ISP. Dale's skill as an IT trainer lies in clarifying complicated concepts and ensuring students understand the theories. Dale's teaching style is memorable and entertaining. His expertise has led to many opportunities, including teaching teams in Fortune 500 firms, universities globally, the Department of Homeland Security, and many US military branches. Along with authoring video courses, consulting, and classroom training, you can catch Dale on stage speaking at IT conferences around the world, helping teams keep their companies safe, relevant, and breach- aware.
Read more about Dale Meredith

Right arrow

Chapter 9: Malware and Other Digital Attacks

The difference between a threat and a treat is one letter. Malware is a treat depending on which side of the malware you're on. Malware is probably one of the biggest threats we have from a security perspective, for our networks in a professional capacity as well as our own private networks and devices.

As you read through this chapter, you will gain a greater understanding and awareness regarding what malware is, what it's designed to do, and the various methods of how malware infects a target.

In this chapter, we will cover the following main topics:

  • So, what is malware?
  • What is a Trojan?
  • Viruses and worms
  • Denial of Service (DoS) threats
  • Session-hijacking threats
  • Master list of countermeasures

One of the hardest struggles information technology (IT) people and end users deal with is the fact we've gotten so complacent and stuck in the mindset of networks that we don't care how...

So, what is malware?

Simply stated…it's a piece of software or computer program used to perform malicious actions or attacks on a target. Its name gives away what it does. Malware is a blend of two words: malicious and software. We have malware for computers, phones, tablets, and so on. The mobile industry is huge with malware right now. Once installed, attackers can potentially gain total control over your devices, or at least over the data on your devices.

Attackers can infect any computing device—including tablets and smartphones—with malware. Any person, company, or device is a target. The more computers and devices an attacker can infect, the more money they can make. In fact, they don't care who they infect—they just want to infect as many devices and people as possible. It's a numbers game. And guess what? It comes in various forms. Malware is just a categorization of security threats.

What's the purpose of malware?

...

What is a Trojan?

A Trojan is a type of malicious software disguised or included with a legitimate piece of software. It's hiding inside. The reason we hide it is that it's easy to install. The easiest way to get something done is to have the user do it for us. When it comes to Trojans, some people get this confused.

The Trojan horse gets its background from Greek mythology about the Trojan War, where the Greeks attacked the city of Troy. At the end of the war, the Greeks came up with a final plan of attack—they would build a giant hollow wooden horse (and for some strange reason, they were sacred to Trojans), and the hollow horse would be filled with soldiers. The Trojans brought the horse into the city and when they went to bed, the soldiers came out, including Brad Pitt, all glistening, and they ransacked the city. That's basically the same concept here. We're going to have a legitimate program, but our Trojan will contain some type of spyware, keylogger...

Viruses and worms

So, what's the difference between a virus and a worm? Well, to look at these, we need to compare what they are designed to do. Some people say we're comparing apples with apples because these two are really close to each other. However, when it comes to a virus, you need to understand it's simply a piece of malware that's designed to execute. When it executes, it likes to associate or attach itself to a file or program.

Those files and programs could be almost any file or program, but as a virus creator, I want to make sure the virus executes every time the OS fires up. So, many times, the virus creator will make sure it replaces system files such that every time the OS boots up, we make sure the machine is infected.

We can also infect other types of files or programs. For example, I can make my virus attach itself to Word, but that virus would only become active once the application is launched.

One of the biggest differences between...

DoS threats

DoS threats are among the most common threats faced by organizations. A DoS attack can be mounted against any organization, regardless of size or industry.

There are many different types of DoS attacks, but all have the same goal: to prevent legitimate users from accessing the organization's resources. Some of the most common types of DoS attacks include the following:

  • Flooding attacks—In a flooding attack, the attacker sends a large number of requests to the organization's servers, overwhelming them and preventing legitimate users from accessing the resources they need.
  • SYN floods—A synchronize (SYN) flood occurs when the attacker sends a large number of SYN packets to the organization's servers. Because the request is not complete, the servers are unable to send a SYN-ACK message, where ACK stands for acknowledgment. The servers become overwhelmed and legitimate users cannot access them.
  • Application layer assaults—...

Session-hijacking threats

Session-hijacking attacks are a type of attack in which an attacker diverts the session of a user to their machine. In this process, attackers try to capture users' packets and hijack their active sessions by cracking encryption codes or altering configurations. Sometimes, these attacks are conducted on a large scale for illegal activities that lead to economic gains, including credit card frauds and e-commerce scams. Attackers make use of easy-to-exploit and common vulnerabilities and attack victims where they are unprotected (open networks). However, session hijacking is more complex than other exploits because it depends on the attacker's ability to crack encryption codes.

Today, there are different types of session-hijacking attacks that are performed based on the level of access the attacker has to the network. The most common form of session hijacking is IP hijacking, where attackers divert traffic by acquiring the IP address of the victim...

Master list of countermeasures

These are my own best practices that I've come up with based on my experience. Some of them have also been discussed in various publications.

There are three levels or different areas we need to make sure we're protecting, as follows:

  • Server level—We have different products and solutions for our servers than we have for our desktop machines, laptops, or mobile devices. Please, please, please protect your mobile devices.
  • Desktop solutions level—Just because you have protection in place at the server level doesn't mean that desktops don't need to be covered as well. Some people say: "We have antivirus on our servers that scans everything." So, what happens when somebody plugs in a USB thumb drive they picked up in the parking lot? How is the server going to handle that? You should have desktop solutions as well as server solutions and vice versa because if you have stuff installed on your desktops...

Summary

We first talked about what malware is and why it's created. It's critical we grasp the nature of malware because it's the number-one issue for us right now as far as security is concerned. We also talked about DoS threats, which can be devastating. We covered the dangers of session hijacking and how attackers try to predict and overtake a user's session to use their credentials to continue their attacks, and finally, we calmed your nerves by looking at countermeasures.

In the next chapter, we'll talk about sniffing and the different types of sniffing available to us. We'll also cover how sniffing can be used in an attack and how to protect ourselves from these attacks.

Questions

As we conclude, here is a list of questions for you to test your knowledge regarding this chapter's material. You will find the answers in the Assessments section of the Appendix:

  1. To protect against Trojan attacks, how does Tripwire and other similar applications assist us?
    1. It's a file-integrity checking tool that detects and rejects malware designed for the kernel.
    2. It's an antivirus solution that quarantines and removes malware right away. 
    3. It's a file integrity checker that alerts you when a system file is changed.
    4. It's an antivirus program that detects and removes viruses during a scan.
  2. To continually pull data and monitor a network, what is typically used?
    1. Trojan
    2. APT
    3. A rootkit
    4. A virus
  3. What component can be used to install malware on a target?
    1. Crypter
    2. Dropper
    3. Exploit
    4. Obfuscator
  4. What is the name of a program that is concealed within another program?
    1. Multipart
    2. Ransomware
    3. Trojan
    4. Stealth
lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 12 of 23
Next Chapter
You have been reading a chapter from
Certified Ethical Hacker (CEH) v12 312-50 Exam Guide
Published in: Jul 2022Publisher: PacktISBN-13: 9781801813099
© 2022 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at $15.99/month. Cancel anytime

Author (1)

author image
Dale Meredith

Dale Meredith is an EC-Council Certified Ethical Hacker/Instructor and a Microsoft Certified Trainer. Dale has over 10 years of senior IT management experience and was a CTO for an ISP. Dale's skill as an IT trainer lies in clarifying complicated concepts and ensuring students understand the theories. Dale's teaching style is memorable and entertaining. His expertise has led to many opportunities, including teaching teams in Fortune 500 firms, universities globally, the Department of Homeland Security, and many US military branches. Along with authoring video courses, consulting, and classroom training, you can catch Dale on stage speaking at IT conferences around the world, helping teams keep their companies safe, relevant, and breach- aware.
Read more about Dale Meredith

Personalised recommendations for you

Based on your interests and search pattern

Attacking and Exploiting Modern Web Applications

Attacking and Exploiting Modern Web Applications

Attacking and Exploiting Modern Web Attacks will help you understand how to identify attack surfaces and detect vulnerabilities. This book takes a hands-on approach to implementation and associated methodologies and equips you with the knowledge and skills needed to effectively combat web attacks.

BookAug 2023338 pages
Automotive Cybersecurity Engineering Handbook

Automotive Cybersecurity Engineering Handbook

This Automotive Cybersecurity Engineering Handbook untangles the complexities of building secure automotive products and helps you to comply with cybersecurity standards. It provides practical tools, tips, and techniques coupled with real-world examples to enable you to create cyber-resilient automotive products with ease.

BookOct 2023392 pages
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide

Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide

This book will help you to design, develop, and operate security controls on Google Cloud as well as discover best practices for relevant security domains, including identity and access management, network, and data.

BookAug 2023496 pages
Cloud Penetration Testing for Red Teamers

Cloud Penetration Testing for Red Teamers

The advent of cloud networks and the AWS, Azure, and GCP platforms has revolutionized how companies of all sizes in all industries do business online. This book will help you meet the emerging demand for pentesting as it guides you through the tools, techniques, and security measures used by pentesters and red teamers in the 2020s and beyond.

BookNov 2023298 pages
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide

ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide

ISACA Certified in Risk and Information Systems Control (CRISC®) Certification Guide is an enterprise IT risk management professional’s dream. With its in-depth approach and various self-assessment exercises, this book arms you with knowledge of every single aspect of the certification, and is a fantastic career companion after you’re certified.

BookSep 2023316 pages5
Burp Suite Cookbook

Burp Suite Cookbook

Burp Suite is an immensely powerful and popular tool for web application security testing. This book provides a collection of recipes that address vulnerabilities in web applications and APIs. It offers guidance on how to configure Burp Suite, make the most of its tools, and explore into its extensions.

BookOct 2023450 pages
Building and Automating Penetration Testing Labs in the Cloud

Building and Automating Penetration Testing Labs in the Cloud

This hands-on guide will help you design and build a variety of penetration testing labs that mimic modern cloud environments running on AWS, Azure, and GCP. In addition to these, you will explore a number of practical strategies on how to manage the complexity, cost, and security risks involved when setting up vulnerable cloud lab environments.

BookOct 2023562 pages
Ethical Hacking Workshop

Ethical Hacking Workshop

As cyber-attacks grow and APT groups advance their skillset, you need to be able to protect your enterprise against cyber-attacks. In order to limit your attack surface, you need to ensure that you leverage the same skills and tools that an adversary may use to hack your environment and discover the security gaps. This book will teach you how to think like a hacker, use state-of-the-art hacking tools, and protect yourself and your organizaiton.

BookOct 2023220 pages
Windows Forensics Analyst Field Guide

Windows Forensics Analyst Field Guide

This book contains step-by-step processes to guide you in any investigation related to Windows OS. You’ll find out how to acquire evidence using multiple tools as well as examine and analyze the collected artifacts, while discovering multiple techniques used in real-world forensic incidents.

BookOct 2023318 pages
Implementing DevSecOps Practices

Implementing DevSecOps Practices

This book is a comprehensive, hands-on guide for individuals new to DevSecOps who want to implement DevSecOps practices successfully and efficiently. With its help, you’ll be able to shift security toward the left, enabling you to merge security into coding in no time.

BookDec 2023258 pages