The study of real-word events helps illustrates the different types of cyberattack and how to deflect them
In series of case studies published, global information security consultancy, MWR InfoSecurity, has revealed the characteristics of ten different cyber attack. Each paper, produced with the support of the UK’s Centre for the Protection of National Infrastructure, aims to help organisations understand how these attacks are conducted. Describing real-world events, they also help show the potential impact of attacks and the failures that lead to compromise.
The papers include:
- Application Layer Attack
- Brute Force Attack
- DDoS Attack
- Network Protocol Attack
- Known Vulnerability Exploitation
- Zero Day Exploitation
- Phishing for Credentials
- Phishing with Malware
- Rogue Update Attack
- Watering Hole Attack
Speaking about the various attacks, Dr David Chismon, Senior Security Researcher at MWR InfoSecurity said, ““While all attacks will be tailored to the organisation being targeted, there will be similarities in how they’re orchestrated. Understanding common attack methodologies is key to better protecting the network. I hope users will find these case studies insightful, and will use the contents to help illustrate the reality of the threat and the need for investment in security measures perhaps even including them in training materials.” To read the full case studies, visit HERE. [su_box title=”About MWR InfoSecurity” style=”noise” box_color=”#336588″]Established in 2003, MWR InfoSecurity is a research-led information security consultancy, with a client list consisting of Dow Jones, NASDAQ, FTSE 100 companies and Government agencies & departments. MWR consults with clients around the world, providing specialist advice and services on all areas of security, from mobile through to supercomputers.
Central to its philosophy is the desire to deliver high quality cyber security consulting services and unsurpassed levels of support to clients. MWR’s focus is working with clients to develop and deliver a full security programme, tailored to meet the needs of each individual organisation.
MWR’s services range across professional and managed services, technical solutions and training covering areas such as security research, incident response, web defense, phishing, mobile and payment security.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.