Module I: Threats and Vulnerabilities to Information and

Computing Infrastructures

1. Internal Security Threats

Definition: Internal threats originate from within the organization. These threats are posed
by authorized users—employees, contractors, or business partners who have legitimate
access to the organization’s systems but misuse that access.
• Examples:
o Malicious Insider Threats: Employees who intentionally cause harm, such as
stealing data or sabotaging systems.
o Accidental Data Leaks: Employees may accidentally leak sensitive information
through negligence or error.
o Privilege Abuse: Employees using elevated access rights for unauthorized
actions, such as accessing data beyond their scope of work.
o Theft of Physical Devices: Theft of devices like laptops or hard drives that
contain sensitive data.
• Impact: These threats can result in severe damage, including data loss, financial loss,
reputation damage, and legal repercussions.
Mitigation Measures:
• Access Control and Role-based Access: Implement policies that restrict access to data
and systems based on job roles. The principle of least privilege ensures users only have
access to data necessary for their tasks.
• User Behavior Monitoring: Regularly monitor employee activity to detect any
suspicious behavior (e.g., accessing large amounts of sensitive data without
authorization).
• Separation of Duties: Segregating duties among employees to prevent any one person
from having full control over sensitive systems or data.
• Audit Trails: Regularly auditing and logging access to sensitive information and
systems to detect unauthorized access or abnormal activities.

2. Physical Security Threats

Definition: Physical threats refer to direct physical harm or access to computing
infrastructure. This includes unauthorized physical access to data centers, office spaces, and
devices.

• Examples:
o Break-ins: Intruders accessing server rooms or data centers to steal hardware
or data.
 o Natural Disasters: Earthquakes, floods, fires, and other environmental factors
that may damage physical infrastructure.
o Vandalism or Theft: Destruction or theft of hardware or devices, such as
laptops, desktops, or servers.
o Power Failures: Sudden power outages can disrupt operations or damage
critical systems.
• Impact: Physical security threats can lead to data breaches, hardware failure, business
disruption, and the loss of sensitive information.
Mitigation Measures:
• Physical Barriers: Use of secure doors, locks, and fences to prevent unauthorized
access.
• Surveillance Systems: Installing CCTV cameras and monitoring systems to detect
suspicious activities in and around critical areas.
• Environmental Controls: Proper ventilation, temperature control, and fire
suppression systems to prevent damage to equipment.
• Access Control Systems: Using biometrics, smart cards, or PIN-based systems to
ensure only authorized individuals can enter restricted areas.

3. E-Mail Threats and Vulnerabilities

Definition: Email remains one of the most common vectors for cyberattacks. Email threats
include phishing, spam, malware attachments, and other types of email-based vulnerabilities.

• Examples:
o Phishing: Fraudulent emails designed to trick the recipient into revealing
sensitive information, such as usernames, passwords, or financial details.
o Spear Phishing: A more targeted form of phishing, where the attacker
customizes the email to a specific individual or organization.
o Malware: Attachments or links in emails that, when clicked, download
malicious software like viruses, ransomware, or trojans onto the recipient’s
device.
o Email Spoofing: Faking the sender’s email address to make the message
appear to be from a trusted source.
• Impact: Email threats can lead to unauthorized access to systems, data breaches,
financial losses, or reputational damage.

Mitigation Measures:
• Email Filtering: Implementing advanced email filtering systems to detect and block
spam, phishing, and malware-laden emails.
• User Awareness: Conducting regular training sessions to help employees identify and
avoid email-based threats.
 • Multi-Factor Authentication (MFA): Enforcing MFA for email access to reduce the risk
of unauthorized logins.
• Email Encryption: Encrypting sensitive emails to prevent interception and
unauthorized access.

4. E-Commerce Vulnerabilities
Definition: E-commerce platforms often face vulnerabilities that can be exploited by
attackers. These vulnerabilities include weaknesses in payment systems, data transmission,
and authentication processes.

• Examples:
o Insecure Payment Gateways: Weaknesses in online payment systems can
allow attackers to intercept or manipulate transactions.
o SQL Injection: Attackers exploiting weaknesses in an e-commerce website's
database to gain unauthorized access to sensitive data.
o Cross-Site Scripting (XSS): Attackers embedding malicious scripts in e-
commerce websites to steal customer data or hijack sessions.
o Session Hijacking: Intercepting and taking over a valid user’s session, allowing
the attacker to perform unauthorized actions.
• Impact: E-commerce vulnerabilities can lead to financial fraud, loss of customer trust,
and legal consequences.

Mitigation Measures:
• Secure Payment Gateways: Use of SSL/TLS encryption and secure payment
technologies such as 3D Secure to protect transactions.
• Input Validation: Preventing SQL injection and XSS attacks by validating and sanitizing
all user inputs.
• Session Security: Using secure cookies, token-based authentication, and automatic
session expiration to prevent session hijacking.
• Regular Security Audits: Conducting vulnerability assessments and penetration
testing to identify and fix security flaws.

5. Hacking Techniques in Wired Networks

Definition: Wired networks can also be susceptible to various types of hacking techniques.
Attackers often exploit vulnerabilities in network protocols, devices, or systems.

• Examples:
o Man-in-the-Middle (MITM) Attacks: Intercepting and manipulating data
transmitted between two devices without their knowledge.
o Packet Sniffing: Capturing network traffic to analyze and extract sensitive
information, such as passwords or credit card numbers.
 o Denial of Service (DoS): Overloading a network with traffic, making services
unavailable to legitimate users.
o IP Spoofing: Falsifying the source IP address in a packet to appear as though it
is from a trusted source.
• Impact: These attacks can lead to data breaches, loss of service, or unauthorized
access to critical infrastructure.
Mitigation Measures:
• Encryption: Encrypting data in transit to prevent eavesdropping and data
manipulation.

• Firewalls: Configuring firewalls to monitor and block malicious traffic.

• Intrusion Detection Systems (IDS): Monitoring network traffic for abnormal or
suspicious behavior.
• Network Segmentation: Dividing networks into segments to limit the impact of an
attack.

6. Hacking Techniques in Wireless Networks

Definition: Wireless networks, while convenient, introduce unique security challenges.
Hacking wireless networks is easier in some cases due to weak encryption protocols and
improper configurations.

• Examples:
o WEP Cracking: Exploiting weaknesses in the WEP (Wired Equivalent Privacy)
protocol to gain unauthorized access to a network.
o Rogue Access Points: Unauthorized access points set up by attackers to
intercept network traffic.
o Wi-Fi Jamming: Overloading the wireless frequency to cause a denial of service
on a network.
o Evil Twin Attacks: Creating a fake Wi-Fi access point that mimics a legitimate
one, tricking users into connecting to it and potentially revealing sensitive data.
• Impact: Wireless network attacks can lead to unauthorized access to sensitive data,
network infiltration, and denial of service.

Mitigation Measures:
• WPA2/WPA3 Encryption: Using modern encryption standards like WPA2 or WPA3 to
secure wireless networks.
• Network Monitoring: Regularly scanning for rogue access points and ensuring that all
connected devices are authorized.
• Strong Authentication: Implementing strong passwords and multi-factor
authentication for accessing the wireless network.
• VPN Use: Encouraging the use of Virtual Private Networks (VPNs) to protect data
during transmission.