What types of threats do humans pose to infrastructure assets? How have threats from malicious actors evolved with technology advancements? What physical techniques and cybertechniques do terrorists and malicious actors use? Provide examples.

Over time networks have become more complex and this has generated more sophisticated attacks. People typically pose the threat of infiltration for either the purpose of stealing information or fraud or for destroying infrastructure.  The following techniques cover most of the malicious forms of attack.

 

Eavesdropping

 

An attacker who has gained access to data paths in the network can “listen in” or interpret the traffic.
Data Modification Hacker can modify the data in the packet without the knowledge of the sender or receiver.
Identity Spoofing Hacker uses a fake IP address on the network allowing access.
Password-Based Attacks

 

Password attacks can allow administrative access for:

•    Obtaining lists of valid user and computer names and network information.

•    Modifying server and network configurations, including access controls and routing tables.

•    Modify, reroute, or delete data.

 

 

One way to manage these risks would be to use more claims based authentication protocols. Claims-based authentication is and authentication mechanism that allows user to enter networks from external or different computers by challenging the user for authentication.  The claims made about the user may vary but often include having to provide information such as:

  • username or user ID in remote system,
  • full name of user,
  • e-mail address,
  • membership in security groups,
  • phone number,
  • color of eyes(Microsoft, 2015).

Claims-based authentication typically is a redirect from the login page and cookies are used to identify the user or their device. If the cookies are not present that identify the device then the user will be redirected to an authentication page where he or she must answer the claims (Kroenke, 2013). Once the claims have been answered the user is redirected back to the login for the network or application. This feature works well but can reduce functionality.

Bibliography

Kroenke, D. (2013). Experiencing MIS (4th Edition). New Jersey: Prentice Hall.

Microsoft. (2015, October 19). BranchCache Overview. Retrieved from Tech Net Microsoft: https://technet.microsoft.com/en-us/library/hh831696.aspx