{"id":115,"date":"2022-05-17T15:49:32","date_gmt":"2022-05-17T14:49:32","guid":{"rendered":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/?page_id=115"},"modified":"2022-05-17T15:56:58","modified_gmt":"2022-05-17T14:56:58","slug":"security-risks","status":"publish","type":"page","link":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/security-risks\/","title":{"rendered":"Security Risks"},"content":{"rendered":"

Tracking Cookies<\/span><\/span>\u00a0<\/span><\/h2>\n

Tracking cookies are a specific type of cookie th<\/span><\/span>at is used to identify users and possibly prepare customized web pages for them. When you enter a web site using cookies, you may be asked to fill in some information for example search criteria. This information is stored on your computer as a cookie file (a small text file). The next time you go to the same web site, or a website that can access the tracking cookies, your browser will send the cookie to the web server. The server can use this information to present you with custom web pages.<\/span><\/span>\u00a0<\/span><\/p>\n

\"\"<\/p>\n

Tracking cookies are not harmful and don\u2019t pose a security risk like malware, worms, or viruses, but they can be a privacy concern as they store and pass information to other websites about websites you have been visiting and information you have been entering into them.<\/span><\/span>\u00a0<\/span><\/p>\n

Denial of Service (DoS) Attack<\/h2>\n

\"\"<\/p>\n

A denial of service (DoS) attack is a cyber attack that involves flooding a web server with a large number of requests so the webpages stored on it become unavailable to legitimate users.<\/span><\/p>\n

As can be seen from the diagram opposite, this type of DoS attack can be halted quite easily by blocking the attacker using a firewall.<\/span><\/p>\n

To get round this, attackers are now using DDoS (Distributed Denial Of Service) attacks<\/span><\/p>\n

\"\"<\/p>\n

This is where a large number of slave computers (who may not even know they have this spyware installed on them) all send requests for information from the \u2018target server\u2019.\u00a0 Because the requests are coming from thousands if not millions of computers, it is much more difficult to clock these attacks<\/span><\/span>.<\/span><\/span>\u00a0<\/span><\/p>\n

Types of Attacks<\/h2>\n

Bandwidth consumption<\/span><\/b><\/h3>\n

A smurf attack relies on misconfigured network devices that allow packets to be sent to all computer hosts on a particular network via the broadcast address of the network, rather than a specific machine. The attacker will send large numbers of IP packets with the source address faked to appear to be the address of the victim. The network’s bandwidth is quickly used up, preventing legitimate packets from getting through to their destination.<\/span><\/p>\n

Resource starvation<\/span><\/b><\/h3>\n

The resources that are being starved are items like the computer\u2019s memory, hard disc space and even CPU processing time.\u00a0 For example, a disk space attack, is one in which an attacker is able to consume a particular resource until it is exhausted. For example, an attacker might continuously issue requests to your Web site to create folders or create users. If this occurs, you will eventually run out of disc capacity.<\/span><\/p>\n

Another example is a memory starvation attack is designed to force your Web site to consume excess memory. If an e-commerce site is the target, then an attacker can continuously add items to \u2018baskets\u2019 using a script that adds millions of line items so an attacker will eventually exhaust the available memory of the server, resulting in a DoS.<\/span><\/p>\n

Domain Name Service (DNS)<\/span><\/b><\/h3>\n

A DNS server is a computer server that contains a database of public IP addresses and their associated hostnames, and translates those common names to IP addresses as requested.<\/span><\/p>\n

For example, to connect to the website\u00a0<\/span>www.lifewire.com<\/span><\/a>\u00a0the computer really needs to know its IP address 151.101.129.121.\u00a0 When you type in the web address in a browser the DNS server translates this into the IP address.<\/span><\/p>\n

A DoS attack can target the DNS server for a particular company meaning genuine clients when they enter the web address are unable to get it translated to the IP address and are therefore unable to access the website.<\/span><\/p>\n

DoS Implications<\/h2>\n

Symptoms<\/span><\/b><\/h3>\n

Slow performance<\/b>
\nDue to the server being flooded with requests for information the server will be spending so much of its time servicing these requests that other requests e.g. access to a webpage or opening a piece of software will be extremely slow.<\/span><\/p>\n

Inability to access<\/b>
\nAt the extreme end, if the server is unable to cope with all these requests then it may crash or shut itself down.\u00a0 Both of these will mean that legitimate users will be unable to access the server.<\/span><\/p>\n

Effects<\/span><\/b><\/h3>\n

Disruption to users and business<\/span><\/b>
\nA report in 2014 surveyed a large number of companies about DoS attacks and the affect it had on their businesses.\u00a0 39% of companies said that their server had been down for 1 hour or less. 16% selected between 1 and 4 hours and 6% experienced between 4-8 hours.<\/span><\/p>\n

Obviously if the main server is not available for this length of time there is severe disruption not only to customers who are maybe trying to access the company website, but also to company employees who are trying to get on with their work.<\/span><\/p>\n

Cost<\/span><\/b><\/h3>\n

Lost revenue<\/span><\/b>
\nThe latest Neustar report on DoS attacks found that the average revenue loss of a DoS attack was about $250,000 per hour.<\/span><\/p>\n

\"\"<\/p>\n

This could either be from customers not being able to buy goods from your website, or from employees not being able to carry out the organisation\u2019s business e.g. trading in stocks and shares.<\/span><\/p>\n

Labour in rectifying fault<\/span><\/b>
\nWhen a DoS attack is detected there is a responsibility on the business to put sufficient security precautions in place to ensure that it doesn\u2019t happen again.\u00a0 This can involve hiring security consultants, designing a new network architecture and buying new hardware and software; this can cost hundreds of thousands of pounds and upwards depending upon the size of the business.<\/span><\/p>\n

Also when a DoS attack occurs, there is also the worry that other malware may have been planted on the servers that will pass private information to the attackers.\u00a0 A huge amount of time will be spent checking the servers to ensure no malware has been planted.<\/span><\/p>\n

Reasons<\/span><\/b><\/h3>\n

Financial<\/span><\/b>
\nCriminal gangs use DoS attacks on companies and then tell them they will only stop the attacks if they pay them a certain amount.\u00a0\u00a0 Because these attacks are slowing down or crashing their servers, some businesses choose to pay this \u2018ransom\u2019.<\/span><\/p>\n

Political<\/span><\/b>
\nDoS attacks are sometime used for political purposes.\u00a0 Examples are:<\/span><\/p>\n

    \n
  • When Russia fell out with Estonia and Georgia a significant increase in the DoS attacks on those countries could be directly attributed to Russia.<\/span><\/li>\n
  • When America imposed increased sanctions on North Korea, a large number of DoS attacks occurred on American companies that were traced back to North Korea.<\/span><\/li>\n
  • In the lead up to the Russian elections in late 2007, the website for the dissident politician and well-known chess Grand Master Gary Kasparov and his political party were both hit with substantial DDoS attacks. Kasparov has been a very vocal counterpoint to the powers in Moscow, specifically former Russian president Putin\u2019s administration, for many years.\u00a0 During the attacks, Kasparov\u2019s site was inaccessible, and so was his political party\u2019s.<\/span><\/li>\n
  • Most recently, in January 2016, the New World Hacking group claimed responsibility for taking down Donald Trump\u2018s website as they disapproved of some of his politics.<\/span><\/li>\n
  • It is anticipated that the next major war between countries will involve \u2018cyber-war\u2019 where DoS and other types of attack will be involved to try and ruin the countries infrastructure.<\/span><\/li>\n<\/ul>\n

    Personal<\/span><\/b>
    \nSometimes DoS attacks take place for personal reasons:<\/span><\/p>\n

      \n
    • Revenge, when an employee is made redundant they sometimes wish to take revenge on their employer and hence either carry out a DoS attack or pay for one to be carried out.<\/span><\/li>\n<\/ul>\n

      In hacking circles there is sometimes a level of \u2018Kudos\u2019 for bringing down a large server.\u00a0 These are sometimes known as \u2018Script Kiddies\u2019 due to the childish motivation of the attacker.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

      Tracking Cookies\u00a0 Tracking cookies are a specific type of cookie that is used to identify users and possibly prepare customized web pages for them. When you enter a web site using cookies, you may be asked to fill in some information for example search criteria. This information is stored on your computer as a cookie […]<\/p>\n","protected":false},"author":79984,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-115","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/wp-json\/wp\/v2\/pages\/115","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/wp-json\/wp\/v2\/users\/79984"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/wp-json\/wp\/v2\/comments?post=115"}],"version-history":[{"count":3,"href":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/wp-json\/wp\/v2\/pages\/115\/revisions"}],"predecessor-version":[{"id":122,"href":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/wp-json\/wp\/v2\/pages\/115\/revisions\/122"}],"wp:attachment":[{"href":"https:\/\/blogs.glowscotland.org.uk\/glowblogs\/phshighercomputingscience\/wp-json\/wp\/v2\/media?parent=115"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}