Exploring cyberattacks and trends - Wireshark Tutorial

- [Narrator] When the incident response team sends an alert that your proactive threat detection system has identified and quarantined malware, you investigate and mitigate the threat. However, today's threats may have slipped by your systems and found a home on your network. The fact is it is a challenge to face the daily onset of threats to our infrastructure. Anyone can get in the game. In fact, if you do need help spawning a cyber attack, everything is for sale on the darknet including malware kits and hoods for hire. They even offer technical support. An attack vector is the way by which someone gains unauthorized entry into a system and can include email, webpages, and the user. The goal is to deliver a malicious payload or a malicious act by taking advantage of system vulnerabilities or known weak spots to gain entry. Webpages and pop-ups take advantage of the ability browsers have to access various programming languages such as JavaScript, ActiveX, and macros. When clicked, the malware can install spyware, adware, hijackers, dialers, trojans, or other malware. Instant messaging, internet relay chat, and peer-to-peer file sharing programs many times start with the user having to install custom software to enable the service to work. Unfortunately, this makes your machine vulnerable to an attack, as malware is often bundled with other software and you may inadvertently install the malware without your knowledge. Wireless networks are everywhere in today's world and provide an attractive attack vector. The 802.11 standard or Wi-Fi is characteristically insecure and will continue to be more vulnerable to attack than a wired network. The most vulnerable attack vector is the user, which is the weakest link in any system. Human error is still the main cause for most attacks. Email threats have been going on for years and some causing severe and costly damage. In January 2004, hackers released Mydoom, which was the fastest spreading email worm ever and caused damage of over $38 billion. Email attachments are one of the original methods to send malware, spam, and bogus links. They continue to improve in sophistication and are making a comeback as a popular attack vector because they're handy and used by just about everyone. Email continues to be a dangerous yet effective threat and messages can contain links to bogus websites and malware. Phishing and pharming techniques send out massive emails. Phishing emails bait victims to click to claim a prize, sign up for a special program, or sign in and check account information. The message appears urgent and requires a quick response. One in 10 individuals will respond to a phishing email or spam. Cybercriminals are using social engineering methods that are more refined to get you to click on a link or go to a website. They have done their research and identified their targets for a company to ensure a more successful exploit. For example, a hacker has registered this legitimate looking domain name, USPSgetmypackage and sent the email to a business using a spear phishing attack. Many offices send and receive multiple packages every week. Imagine a busy administrative assistant going about the day when an email comes in as follows. One click is all it takes takes to release malware. It is a challenge to face the daily onset of threats to our infrastructure. Packet analysis is an important skill, as today's threats may have slipped by your threat management systems and have found a home on your network.