Definitions[edit | edit source]
An attacker is a
|“||person deliberately exploiting vulnerabilities in technical and non- technical security controls in order to steal or compromise information systems and networks, or to compromise availability to legitimate users of information system and network resources.||”|
Attackers' advantages in today's systems[edit | edit source]
A number of factors in the current security environment provide would-be attackers with significant advantages over those trying to protect the large-scale networks and interconnected IT systems on which society increasingly depends. An attacker needs to find only one vulnerability; the defender must try to eliminate all vulnerabilities. Powerful attack tools, including automated tools for malicious actions, are now freely available for downloading over the Internet to anyone who wants them, and little skill is required to use them. The resources — including training and equipment — needed to launch potentially harmful attacks are not only readily available but relatively inexpensive compared to the costs of securing systems, networks, and information, and responding to attacks.
As a result, some classes of attacks can be initiated with little sophistication. Although these attacks are not generally significant threats to systems that are kept patched and well secured, they are effective against the many unpatched and poorly secured systems connected to the Internet, and contribute to a background level of ongoing malicious network activity. The automated tools that can be used by people with relatively little skill or knowledge continue to multiply, and are gradually increasing in capability in step with improvements in cyber security and information assurance technologies. Attackers also have the ability to exploit vulnerable third-party machines to launch their attacks.
Classes of attacks that require much greater expertise pose significantly greater threats. But while the sophistication required to mount such attacks limits them to a smaller set of adversaries, the capabilities of these high-threat adversaries also continue to advance. These trends offer a wide range of individuals and entities — from malicious hackers to nation states — the opportunity to support or directly engage in cyber attacks.
References[edit | edit source]
- Privacy Considerations for Internet Protocols, at 7.
- ISO/IEC 27033-1:2015.