Security Risks 

Tracking Cookies

Cookie tracking, cookie profiling or web profiling is the use of cookies to track a user's overall activity online. A cookie is a small file placed on a users computer by a website. On the next visits the cookies can be detected and any information inside can be read/altered. Tracking occurs the whole time you are browsing.

Performed by marketers who buy advertising rights on websites to collate cookie information and create a "profile" of a user.

• Targets potential customers based on their browsing habits

• Hence why most websites feature banner ads.

• Some users take their privacy seriously

For a cookie guide please see the following YouTube video:

A Denial Of Service (DOS) attack is when an attempt is made to force a website/online service to fail and not be able to provide its service. The simplest way to do this is to constantly hit/ping a server with requests repeatedly, or flood the server with data (traffic). This forces the server to try to deal with these requests. 

Distributed Denial of Service Attacks (DDOS)

A Distributed Denial of Service (DDOS) attack is a type of DOS that uses a network of computers sometimes called a botnet or zombie army. The users of the zombies may be unaware and this control can be achieved through viruses/trojans or malware.

There are various types of DOS attack:

• Bandwidth

• Resource Starvation

• Hardware Attacks

• DNS Attacks

Bandwidth

An attacker may be able to flood your server with packets of information. These can be as simple as PING (ICMP echo) requests. This forces the server to respond that it has received the packet, responding to a mass of these commands consumes the bandwidth available to the server.

Resource Starvation

A server has a finite amount of physical resources such as Backing Storage and Memory. What if you are able to continually force a server to create new user accounts or new orders or spamming an email server so that it uses all of the available backing storage. An attack of this type will try to exhaust whichever resources are crucial to the operating of the server.

Hardware Attacks

This is similar to a DNS/physical attack but switches/routers may be modified so that packets are “hi-jacked” and then re-routed.

There are various reasons for implementing a DOS Attack.

• Financial

There can be a blackmail aspect to a DOS attack where service can only be resumed once money has been exchanged. Some hackers will act as 'guns  for hire'

• Political

There may be a political aspect to an attack - particularly against those whose political views you disagree with.

• Personal

It could be as simple as a grudge against a former employer/partner etc.

Not all DOS attacks are malicious

A “test email” sent to more than 1.2 million NHS employees caused the entire system to crash on 14/11/16 (BBC News Article).

NHS staff used Twitter to complain about an email that “inadvertently” included everyone on the mailing list of the NHS email system. As thousands of replies to all were sent in response, asking to be removed from the mailing list, many claimed the entire system crashed. Staff used social media to encourage others to stop replying to the message.

There will be monetary costs associated with a DOS attack. Some costs would be:

1. Lost revenue through downtime.

2. Determining the nature of the attack.

3. The payment for labour to repair and respond to the attack.

4. Payment for labour to devise and implement safeguards.

5. Additional admin to compensate for loss of network services.

Passive attacks are where an attacker may just monitor a network - perhaps just intercepting data. Can be very difficult to identify this is occurring.  Encryption would be the primary defence against this.

Active attacks are when data will be actively modified this would usually be changing/deleting data on the network. It may also manifest itself by the deliberate bringing down of a network.

With the increase in use of mobile devices the loss of these devices are becoming an increasing concern. Not only due to the monetary value of the devices but due to the integrity of the data stored on them.

Companies may use mobile device management (MDM) policies which gives an organisation the opportunity to  perform various additional security functions such as the ability to track, remotely lock and erase devices.

A Watering Hole attack is when an attacker guesses or observes which websites/apps a target group often uses and infects one or more of them with malware. The fact that users already trust the site is an important factor.