This type of attack involves breaking into a system using the known security flaws of the system. Once the intruder has penetrated the system he has access to the entire systems resources. Acting as an authorized user the intruder can perform any task that suits his needs. Data can be altered, removed, or copied. Viruses and Trojan Horses can be inserted. And the system can be forced to perform functions without the owners’ knowledge or permission.
Known Penetration Attacks have happened to Universities where students have attempted to alter their grades. In the business sector, disgruntled employees have attempted to steal propriety information for personal profit or to cause damage to their employer. Financial services are often targeted to collect financial data and make fraudulent withdrawals. These attacks can be accomplished either through direct access to the system, through backdoors known to insiders, or through the introduction of Viruses, or Trojan Horses from outside sources.
Depending on the intruders’ intent, the attack can be localized to a specific system. If connected to a LAN, or WAN network it can become a regional or even a global attack.
Through the use of Phishing, Viruses and Trojans inserted into e-mails or planted from suspect websites. These types of attacks are becoming more frequent as more people and systems come online.
The creators of these programs have their own industry. It is possible to find damaging and malicious software free for the taking on the internet, and elaborate Phishing kits can be purchased making it easier for the non-code writer. It is speculated that some international criminal organizations co-op the better programs. Besides it being easy to find malicious software on the internet the computer industry is lending a...