Communication Security threats
Main vulnerabilities are:
• Packet Sniffing – when an intruder listen to the network traffic and analyses the packets having a possibility to read our incoming and outgoing information using obscure protocols (eg.FTP) in Voice over IP protocol also known as eavesdropping.
• IP Spoofing – where an intruder sends the packets to our network and disguises himself as a trusted host (that we could have communicated with in the past) or in order to try Denial of Service attack so that the packets are reflected on the actual target.
• Password breaking – where there are many methods, brutal-force using rainbow tables or disguising as trusted entity sends requests to the target to confirm his username and password (also known as phishing).
• Man in the middle attack – it’s an attack where intruder attack someone who has already established a trusted communication with us, for instance subcontractor or another company we do business with, therefore because our network is too secure intruder attacks less secure network we have connection with.
• Denial of Service attack – occurs where intruder is sending extremely high amount of packets/information so that our network/server can’t handle it. Sometimes it may be caused by the number of users using certain services at the same time causing ‘legitimate’ denial of service.
• There are also all the other threats that affect communication security like spyware, malware ,viruses ,Trojans ,backdoors ,net boots and other malicious software all designed to interrupt the confidentiality of our information to retrieve it or destroy it.
• General vulnerabilities – operating systems bugs, protocol bugs, transfer medium failure, data storage failure and bad organised physical security (data centre doors wide open).
Microsoft. (2007). Common Security Threats. Available: http://technet.microsoft.com/en-us/library/bb964031%28office.12%29.aspx.