Cybersecurity is becoming more of a common term in today’s industry. It is being passed around executive meetings along with financial information and projected marketing strategies. Within the cybersecurity lexicon, there are some attack methods that are repeated enough to become part of a “common tongue”. These terms are infrastructure agnostic; it does not really matter the infrastructure type you have. If there is value to your organization’s data, a criminal wants to get it.

Reconnaissance Attacks

Reconnaissance attacks are centered around general knowledge gathering. These efforts stem from both physical reconnaissance, as well as a bit of digital research. Characteristics of this information gathering can be anything from probing the network, to social engineering, and physical surveillance.  Some common examples of reconnaissance attacks include packet sniffing, ping sweeps, port scanning, phishing, social engineering, and internet information queries. It is worth noting that these attacks can be preventable as well. These can be examined further by breaking them into two categories: Logical, and Physical.

Logical Reconnaissance refers to anything that is done in the digital realm and doesn’t require a human interaction element to be achieved. Ping sweeps and port scans, for example, are two methods of discovering both if the targeted system exists, and what it is looking for on the network. An example of a return on a port scan would be discovering that a server had telnet (a remote access service) enabled receiving an affirmative response on port 23. Such a response alerts an attacker to know that they can attempt exploitation geared towards that telnet service. Additionally, information queries over the internet, including leveraging public information services such as “Whois” queries make the information gathering that much easier.  Of course, a Whois query exists for a legitimate purpose, but criminals exploit this for (Read more...)