What is Stealth Attack - How To Prevent Stealth Attacks

Download PC Repair Tool to quickly notice & fix Windows errors automatically

I came across a whitepaper from McAfee and CISCO that explained what a stealth set on is likewise every bit how to counter them. This post is based on what I could grasp from the whitepaper and invites y'all to discuss the subject so that we all benefit.

What is A Stealth Attack

In one line, I would ascertain a stealth attack as one that remains undetected by the client computer. In that location are some techniques used past sure websites and hackers to query the computer yous are using. While the websites apply browsers and JavaScript to procure data from you, the stealth attacks are generally from existent people. The utilization of browsers to collect information is termed browser fingerprinting, and I'll encompass it in a split post and then that we can focus only on stealth attacks here.

A stealth attack could exist an active person querying data packets from and to your network so as to discover a method to compromise the security. Once the security is compromised or in other words, once the hacker gets access to your network, the person utilizes information technology for a short period of time for his gains and then, removes all traces of the network being compromised. The focus, it seems in this case, is on removing the traces of attack so that it remains undetected for long.

The following case quoted in the McAfee whitepaper will further explain stealth attacks:

"A stealthy attack operates quietly, hiding show of an attacker's actions. In Performance High Roller, malware scripts adjusted the banking company statements a victim could view, presenting a false residue and eliminating indications of the criminal's fraudulent transaction. By concealing proof of the transaction, the criminal had time to greenbacks out"

Methods Used In Stealth Attacks

In the aforementioned whitepaper, McAfee talks nigh v methods that a stealth assaulter may use to compromise and proceeds access to your data. I have listed out those five methods here with a summary:

1. Evasion: This seems to be the most common grade of stealth attack. The procedure involves the evasion of the security system y'all are using on your network. The aggressor moves across the operating system without the knowledge of the anti-malware and other security software on your network.
2. Targeting: Every bit axiomatic from the name, this type of set on is targeted at a detail organization's network. One example is AntiCNN.exe. The whitepaper just mentions its name and from what I could search on the Cyberspace, it looked more than similar a voluntary DDoS (Denial of Service) attack. AntiCNN was a tool adult by Chinese hackers to go public back up in knocking off the CNN website (Reference: The Nighttime Visitor).
3. Dormancy: The assaulter plants malware and waits for a assisting fourth dimension
4. Decision: The attacker keeps on trying until he gets access to the network
5. Complex: The method involves the creation of noise as a cover for malware to enter the network

Equally the hackers are always a pace ahead of the security systems available in the market to the general public, they are successful in stealth attacks. The whitepaper states that the people responsible for network security are not concerned much about stealth attacks every bit the full general trend of most people is to fix issues rather than to preclude or counter problems.

How to Counter or Forestall Stealth Attacks

I of the all-time solutions suggested in the McAfee whitepaper on Stealth Attacks is to create real-time or next-generation security systems that do not respond to undesired messages. That means keeping an centre on each entry point of the network and assessing the data transfer to see if the network is communicating simply to servers/nodes that it should. In today's environments, with BYOD and all, the entry points are many more than compared to by closed networks that were reliant only on wired connections. Thus, the security systems should be able to cheque both wired and especially, wireless network entry points.

Some other method to be used in conjunction with the higher up is to make sure your security system contains elements that can scan rootkits for malware. Every bit they load before your security arrangement, they pose a skilful threat. Also, since they are dormant until "the time is ripe for an attack", they are difficult to observe. You have to bandbox up the security systems that aid you in the detection of such malicious scripts.

Finally, a adept amount of network traffic assay is required. Collecting data over time and then checking for (outbound) communications to unknown or unwanted addresses can help counter/prevent stealth attacks to a expert extent.

This is what I learned from the McAfee whitepaper whose link is given below. If you lot have more information on what is stealth attacks and how to foreclose them, please share it with us.

References:

• CISCO, Whitepaper on Stealth Attacks
• The Dark Visitor, More than on AntiCNN.exe.

Arun Kumar is a Microsoft MVP alumnus, obsessed with technology, especially the Cyberspace. He deals with the multimedia content needs of training and corporate houses. Follow him on Twitter @PowercutIN

Source: https://www.thewindowsclub.com/prevent-stealth-attacks-internet

Posted by: maxwellsomenclover1966.blogspot.com

Share this post