ICT Frame

Which Security Control Is The Hacker Affecting ?

A security contravention is an event that leads to unauthorized access of data, files, services, or the device itself. The nature of the incident or the level of the breach can be anything from low-risk to highly critical.

A hacker with a malicious intent whois attempting a security breach and trying to gain unauthorized access to a target inside a business will first try to bypass or disable any underlying security mechanism protecting the target. After trying several methods when the hacker gets frustrated, he/she will start a denial of service attack against the server attached to the goal (data /file/device/ network, etc).

Availability: Denial of Service attacks against the availability of the system. This type of attack prevents legitimate or authorized users from access the system/service. Regardless of whatever else the hacker has tried to accomplish against the machine, a successful DoS attack removes the availability of that machine. Remember, availability refers to the communications systems and data being ready for use when legitimate users need them.

Many methods are used for availability, depending on whether the discussion is about a system, network resource, or the data itself. However, they all attempt to ensure one thing: when the system or data is needed, it can’t be accessed by the appropriate personnel. Attacks against availability always fall into the denial of service realm.

Some of the ways a DoS attack can take place are:

  1. Disrupting a connection between the machines, or a service to a specific system or user
  2. Flooding the network with excessive messages/requests to disrupt legitimate network traffic.