Unauthorized access should be understood as obtaining the ability to process data stored on various media and storage devices by unauthorized change or falsification of the corresponding rights and powers. A similar phenomenon occurs when some information is intended only for a certain circle of people, but the existing restriction is violated. NSD is carried out at the expense of errors made by the controlling structure or computer security system, as well as by substituting certification documents or unlawful seizure of information about another person who has been granted such access.
Unauthorized access classification
Cybercriminals can gain unauthorized access by attacking websites or web applications. This becomes possible if the site is infected with malware, hacked, or has unpatched vulnerabilities. In addition, the resource can be subjected to a DDoS attack.
Attackers can also gain access to information by intercepting data using spyware or sniffers.
Vulnerable software and its subsequent compromise are a common cause of unauthorized access to data. Other common options are using brute-force to brute-force passwords for administrative accounts or using social engineering. Errors in software configuration and software not sanctioned by the information security department add to the list of popular problems that open serious security holes.
Reasons for unauthorized access
The reasons for unauthorized access can be as follows.
1. The system of access control to certain databases is incorrectly configured. The actual responsibility lies with the administrator or other person involved in the matter.
2. There are gaps in the organization of protection of various means of authorization. These can be easily guessed passwords, automatic saving of data used for authorization in a specific system, saving login and other information in a public place, etc.
3. Outdated software is used, errors or software conflicts appear. The problem is solved by timely updating, installing exclusively licensed versions of programs, following standard computer security rules, contacting specialized specialists.
4. There is an abuse of trust and / or official authority.
5. Trojans, keyloggers and other similar means similar to cyber espionage are used.
6. Communication channels are listened to and intercepted in different ways.
7. Other options.
Implementation of unauthorized access occurs in different ways, the number of methods grows as the virtual world as a whole develops. The emergence of new types of gadgets also affects this. However, the existing methods can be roughly reduced to two. The first is bypassing the access system, the second is the illegal acquisition of data from an identified user.
Unauthorized access methods
A cybercriminal can take possession of personal information, information constituting a commercial secret, intellectual property (know-how is usually of particular interest), and internal corporate correspondence. A special subject of the assassination attempt is a state secret. Periodically unauthorized access leads to the fact that the work of a particular structure is completely or partially paralyzed.
The main ways to obtain unauthorized access:
1. Hacking information resources (corporate networks, websites, cloud services, individual computers and mobile devices).
2. Interception of messages. Any sent messages are meant, including e-mail, instant messengers, SMS, etc.
3. Data collection. Can be produced by legal means, but with an illegal purpose.
4. Blackmail, extortion, bribery.
5. Theft of information.
It should be noted that the listed options are often combined.
Obtaining unauthorized access threatens not only with data leakage and / or the risk of data modification, but also with the likelihood of implementing remotely controlled software that endangers the computer security system as a whole. There is a risk of loss of control. Also, important data is edited, deleted, an attacker can block access to them, make copies for the purpose of further illegal use.
Unauthorized access is often aimed at intercepting key messages that are of fundamental importance for protecting a PC, local system, or specific documents. In the latter case, gaining unauthorized access becomes part of a larger operation, often related to cyber intelligence.
An attacker is able to use a PC as a springboard for intercepting data from other devices within the network, sending spam, and malicious code. Finally, NSD makes it possible to destroy stored valuable data and (or) completely disable the computer system.
Loss of control threatens to lead to disruptions in the work of the provider, transport organization, online store, etc. Individual sites are of strategic importance. Therefore, the importance of developing well-organized protection against such attacks is beyond doubt.
Risk analysis
Most operating systems offer automatic built-in protection against unauthorized access. But these methods have a significant drawback: they quickly become obsolete. The current requirements and other regulatory documents of the FSTEC of Russia can be found here. Accordingly, experts recommend using a constantly updated software package to control access to individual documents. Hardware protection means are recognized as one of the most reliable; they are most often used by banking organizations when issuing money. Electronic locks are examples of such tools.
Higher security measures include strong and strong authentication. Special emphasis can be placed on logging the actions of the administrator and users. Among the supported technologies, USB keys and all kinds of smart cards have become increasingly widespread. One-time passwords are recognized as reliable. Experts also believe that the future belongs to biometrics. Within the framework of the latter, not only fingerprints can be used, but also the iris of the eye, the pattern of veins on the hands. The maximum level of security is achieved with multi-factor authentication, when access is provided when data from different sources coincide (for example, the results of an iris scan, presenting a smart card and entering a password). Such systems have already been successfully implemented.
Unauthorized access classification
Cybercriminals can gain unauthorized access by attacking websites or web applications. This becomes possible if the site is infected with malware, hacked, or has unpatched vulnerabilities. In addition, the resource can be subjected to a DDoS attack.
Attackers can also gain access to information by intercepting data using spyware or sniffers.
Vulnerable software and its subsequent compromise are a common cause of unauthorized access to data. Other common options are using brute-force to brute-force passwords for administrative accounts or using social engineering. Errors in software configuration and software not sanctioned by the information security department add to the list of popular problems that open serious security holes.
Reasons for unauthorized access
The reasons for unauthorized access can be as follows.
1. The system of access control to certain databases is incorrectly configured. The actual responsibility lies with the administrator or other person involved in the matter.
2. There are gaps in the organization of protection of various means of authorization. These can be easily guessed passwords, automatic saving of data used for authorization in a specific system, saving login and other information in a public place, etc.
3. Outdated software is used, errors or software conflicts appear. The problem is solved by timely updating, installing exclusively licensed versions of programs, following standard computer security rules, contacting specialized specialists.
4. There is an abuse of trust and / or official authority.
5. Trojans, keyloggers and other similar means similar to cyber espionage are used.
6. Communication channels are listened to and intercepted in different ways.
7. Other options.
Implementation of unauthorized access occurs in different ways, the number of methods grows as the virtual world as a whole develops. The emergence of new types of gadgets also affects this. However, the existing methods can be roughly reduced to two. The first is bypassing the access system, the second is the illegal acquisition of data from an identified user.
Unauthorized access methods
A cybercriminal can take possession of personal information, information constituting a commercial secret, intellectual property (know-how is usually of particular interest), and internal corporate correspondence. A special subject of the assassination attempt is a state secret. Periodically unauthorized access leads to the fact that the work of a particular structure is completely or partially paralyzed.
The main ways to obtain unauthorized access:
1. Hacking information resources (corporate networks, websites, cloud services, individual computers and mobile devices).
2. Interception of messages. Any sent messages are meant, including e-mail, instant messengers, SMS, etc.
3. Data collection. Can be produced by legal means, but with an illegal purpose.
4. Blackmail, extortion, bribery.
5. Theft of information.
It should be noted that the listed options are often combined.
Obtaining unauthorized access threatens not only with data leakage and / or the risk of data modification, but also with the likelihood of implementing remotely controlled software that endangers the computer security system as a whole. There is a risk of loss of control. Also, important data is edited, deleted, an attacker can block access to them, make copies for the purpose of further illegal use.
Unauthorized access is often aimed at intercepting key messages that are of fundamental importance for protecting a PC, local system, or specific documents. In the latter case, gaining unauthorized access becomes part of a larger operation, often related to cyber intelligence.
An attacker is able to use a PC as a springboard for intercepting data from other devices within the network, sending spam, and malicious code. Finally, NSD makes it possible to destroy stored valuable data and (or) completely disable the computer system.
Loss of control threatens to lead to disruptions in the work of the provider, transport organization, online store, etc. Individual sites are of strategic importance. Therefore, the importance of developing well-organized protection against such attacks is beyond doubt.
Risk analysis
Most operating systems offer automatic built-in protection against unauthorized access. But these methods have a significant drawback: they quickly become obsolete. The current requirements and other regulatory documents of the FSTEC of Russia can be found here. Accordingly, experts recommend using a constantly updated software package to control access to individual documents. Hardware protection means are recognized as one of the most reliable; they are most often used by banking organizations when issuing money. Electronic locks are examples of such tools.
Higher security measures include strong and strong authentication. Special emphasis can be placed on logging the actions of the administrator and users. Among the supported technologies, USB keys and all kinds of smart cards have become increasingly widespread. One-time passwords are recognized as reliable. Experts also believe that the future belongs to biometrics. Within the framework of the latter, not only fingerprints can be used, but also the iris of the eye, the pattern of veins on the hands. The maximum level of security is achieved with multi-factor authentication, when access is provided when data from different sources coincide (for example, the results of an iris scan, presenting a smart card and entering a password). Such systems have already been successfully implemented.
