From the course: CompTIA Security+ (SY0-701) Cert Prep
Attacker motivations
From the course: CompTIA Security+ (SY0-701) Cert Prep
Attacker motivations
- [Instructor] Let's spend some time talking about some of the goals that attackers have when they break into systems, networks, and applications. First, attackers might be attempting to perform data exfiltration. In this case, they're targeting sensitive information within the system that can be of high value. This might include intellectual property, customer, or employee data, or financial records. Attackers may also be conducting espionage. In this scenario, they covertly monitor and extract information from the target system for a sustained period of time. Their objective might be to gain strategic, political, or economic advantages. Corporate competitors, or state actors, might employ this tactic to gather insights about future products, internal strategies, or to destabilize operations. Service disruption is another common goal of attackers. They may launch denial of service attacks or deploy ransomware to cripple a system, causing significant downtime. These attacks are designed to impede the normal functioning of systems, often leading to financial losses and damaging the reputation of the targeted organization. Blackmail is another common motive for attackers. They might infiltrate systems to obtain sensitive information and then threaten to disclose that information publicly unless a ransom is paid. This might include personal data of customers or confidential business data that, if revealed, could have serious legal or reputational consequences. Some attackers are motivated by financial gain, by infiltrating systems, they can steal credit card information, perform bank fraud, or engage in cryptocurrency mining. Hacktivists break into systems driven by philosophical or political beliefs. Their aim could be to expose perceived injustices, make political statements, or trigger change by revealing sensitive information to the public. Ethical hacking involves authorized penetration of systems with the goal of discovering vulnerabilities that can then be addressed. These attackers employed as cybersecurity professionals aim to improve system security through their work. Revenge attacks are often personal and targeted. Disgruntled employees or business rivals might break into systems to cause harm as a form of retribution. This could involve sabotage or the leaking of sensitive information with the intention of causing reputational or financial damage. Some attackers may aim to cause disruption or chaos. They might deploy malware that disrupts operations or spread false information to create confusion and mistrust. These attacks can be particularly destructive and are often difficult to anticipate and prevent. Finally, governments may sanction cyber warfare attacks on another country's critical infrastructure, such as power grids, transportation systems, or communication networks. These can be part of a larger military strategy aimed at destabilizing or incapacitating a nation.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
The goals of information security2m 11s
-
Authentication, authorization, and accounting (AAA)3m 31s
-
Categorizing security controls5m 11s
-
Conducting a gap analysis2m 34s
-
Zero Trust5m 32s
-
Physical access control4m 40s
-
Physical security personnel2m 12s
-
Deception technologies2m 55s
-
Change management6m 2s
-
-
-
Trust models2m 52s
-
PKI and digital certificates4m 5s
-
Hash functions7m 38s
-
Digital signatures3m 50s
-
Digital signature standard1m 27s
-
Create a digital certificate4m 55s
-
Revoke a digital certificate1m 28s
-
Certificate stapling2m 29s
-
Certificate authorities6m 13s
-
Certificate subjects3m 35s
-
Certificate types2m 55s
-
Certificate formats2m 30s
-
-
-
Preventing SQL injection4m 25s
-
Understanding cross-site scripting3m 17s
-
Request forgery4m 8s
-
Overflow attacks3m 21s
-
Explaining cookies and attachments4m 7s
-
Session hijacking4m 8s
-
Code execution attacks2m 43s
-
Privilege escalation1m 56s
-
OWASP Top Ten4m 45s
-
Application security4m 3s
-
Defending against directory traversal3m 4s
-
Race condition vulnerabilities2m 13s
-
-
-
Restricting network access2m 8s
-
Network access control4m 30s
-
Router configuration security4m 5s
-
Switch configuration security3m 42s
-
Maintaining network availability2m 32s
-
Network monitoring3m 41s
-
SNMP2m 54s
-
Isolating sensitive systems2m
-
Zero trust networking4m 9s
-
Secure access service edge (SASE)3m 50s
-
-
-
Operating system security8m 44s
-
Malware prevention7m 25s
-
Application management3m 46s
-
Host-based network security controls7m 44s
-
File integrity monitoring4m 9s
-
Data loss prevention5m 17s
-
Data encryption5m 39s
-
Hardware and firmware security5m 24s
-
Linux file permissions4m 2s
-
Web content filtering1m 47s
-
-
-
What is vulnerability management?5m 2s
-
Identify scan targets4m 24s
-
Scan configuration5m 20s
-
Scan perspective4m 24s
-
Security Content Automation Protocol (SCAP)2m 27s
-
Common Vulnerability Scoring System (CVSS )3m 31s
-
Analyzing scan reports4m 37s
-
Correlating scan results2m 20s
-
Vulnerability response and remediation2m 14s
-
-
-
Authentication factors3m 26s
-
Multifactor authentication2m 17s
-
Something you have4m 24s
-
Password policy4m 19s
-
Password managers2m 3s
-
Passwordless authentication3m 23s
-
Single sign-on and federation3m 9s
-
Kerberos and LDAP5m 18s
-
SAML2m 35s
-
OAUTH and OpenID Connect2m 55s
-
Certificate-based authentication5m 25s
-