us:
English: Americas
How Do Network Threats Work?
Network-delivered threats are typically of two basic types:
- Passive Network Threats: Activities such as wiretapping and idle scans that are designed to intercept traffic traveling through the network.
- Active Network Threats: Activities such as Denial of Service (DoS) attacks and SQL injection attacks where the attacker is attempting to execute commands to disrupt the network’s normal operation.
To execute a successful network attack, attackers must typically actively hack a company’s infrastructure to exploit software vulnerabilities that allow them to remotely execute commands on internal operating systems. DoS attacks and shared network hijacking (example: when corporate user is on a public WiFi network) of communications are exceptions.
Attackers typically gain access to internal operating systems via email-delivered threats which first compromise a set of machines, then install attacker controlled malware, and so provide the ability for the attacker to move laterally. This increases the likelihood of not being detected up front while providing an almost effortless entry point for the attacker.
According to a recent Microsoft security intelligence report, more than 45% of malware requires some form of user interaction, suggesting that user-targeted email, designed to trick users, is a primary tactic used by attackers to establish their access.
Some threats are designed to disrupt an organization’s operations rather than silently gather information for financial gain or espionage. The most popular approach is called a Denial of Service (DoS) attack. These attacks overwhelm network resources such as web and email gateways, routers, switches, etc. and prevent user and application access, ultimately taking a service offline or severely degrading the quality of a service. These do not necessarily require active hacking, but instead rely on attackers’ ability to scale traffic towards an organization to take advantage of misconfigured and poorly protected infrastructure. This means they often make use of a network of compromised computer systems that work in tandem to overwhelm the target, known as a Distributed Denial of Service (DDoS) attack. In many cases, attackers will launch DoS and DDoS attacks while attempting active hacking or sending in malicious email threats to camouflage their real motives from the information security teams by creating distractions.
While detection, perimeter hardening, and patching processes are required to mitigate network threats and attacks from active and passive network delivered threats, as a basic starting point organizations need to protect themselves especially from the email-delivered threats that subsequently enable network-threats to be successful.
Get Ahead of Tomorrow’s Threats with Proofpoint
Anticipating the nature of certain cyber threats helps organizations identify where their defenses are weak and which protective measures to prioritize. Most organizations are more resilient through layered strategies that leverage detection and prevention technologies, real-time threat intelligence, and user-focused training programs to reduce the risk of attacks via email and cloud environments. As threats like phishing, BEC, ransomware, and credential theft evolve, it’s important to have the right mix of tools and processes to keep your data and your people protected. Take ownership to protect against threats and make strides to improve your cybersecurity effectiveness.
Leverage the capabilities trusted by 83 of the Fortune 100 companies. Contact Proofpoint to learn more.
Related Resources
The latest news and updates from Proofpoint, delivered to your inbox.
Sign up to receive news and other stories from Proofpoint. Your information will be used in accordance with Proofpoint’s privacy policy. You may opt out at any time.
