**3. Classification of computer threats and attacks**

Computer threats and attacks involve accessing information, obliterating or manipulating data, destabilizing the computer, or degrading its performance [1]. Computer attacks are mainly information gathering, privilege escalation, buffer overflow exploits, remote accessing by unauthorized users, and denial of service attacks [2]. Network attacks being a subset of computer attacks were mostly attacks on computer systems that form the basic infrastructure of a communication network. A network aids in sending an attack or it could be the means of attack.

There are various steps involved in the attacking scenario, and these steps are briefly listed here:

Step 1: spoofing

Before initiating any of the attacking steps, the hackers normally prefer to hide their identity and their activities. These are normally done by spoofing when the attacker hides his identity and pretends to be someone else. This can be done by MAC cloning, IP spoofing, or email spoofing.

Step 2: reconnaissance

It is always a good practice to plan well before undertaking any action, and this is applicable in the case of hacking too. The hackers first identifies a target to launch

**5**

*Introductory Chapter: Computer Security Threats DOI: http://dx.doi.org/10.5772/intechopen.93041*

Step 3: weaponization

Step 4: implementation

Step 5: exploitation

Step 6: installation

Step 7: control

**4. Computer threats**

**4.1 Spoofing**

attacker is in control of the target. Step 8: action on set goals

communication is called email spoofing.

**4.2 Information-gathering attacks**

vulnerability scanning, phishing, etc.

an attack, extract maximum information regarding this target, understand its

The hacker with the information collected in the previous phase identifies/ develops weapons in order to get into the computer or the network. During this phase, the hacker collects the tools that they plan to use once they gain access to the

In the implementation phase, the attack starts working. It is when the phishing e-mails are sent or when the fake web pages are posted to the Internet and the

This is a state when the sensitive and confidential data starts rolling in. It is the most exciting phase for the hackers, and they try out the usernames and passwords against web-based e-mail systems or secured connections to sensitive networks.

After a successful exploitation, the attacker will make sure to have continued access to the system. This is by installing a persistent backdoor or creating admin accounts on the system, disabling firewall rules, and perhaps even activating remote

Once the attacker gains access to the network or creates administrator accounts or installs all the necessary tools for backdoor entry any time to the system, the

With total control on the target system, the attacker can set goals and achieve it

Spoofing is when someone hides their identity to evade detection for their wrong acts and pretends to be someone else in an attempt to gain trust and get sensitive system information. The common spoofing done by changing the hardware or MAC address is called MAC cloning, changing the IP address or the unique identity on the network is called IP spoofing, and impersonating as someone else in their digital

Information gathering is the practice of attacker gaining priceless details about probable targets. This is not an attack but only a pre-phase of an attack and is totally passive as there is no explicit attack. Systems including computers, servers, and network infrastructure, including communication links and inter networking devices, are sniffed, scanned, and probed for information like whether the target system is up and running, what all ports are open, details regarding the operating system and its version, etc. Some of the information-gathering attacks are sniffing, mapping,

The attacks are thus classified depending on the various steps taken by the hacker in the process of the attack, starting from hiding the identity to information

collection, which is the pre-phase of an attack, to the actual attack.

system for the successful exploitation of the vulnerabilities in the system.

attacker patiently waits for all the data they need to start rolling in.

desktop access on computer systems on the network.

with or without the knowledge of the genuine user.

vulnerabilities, and then only explore the best ways to exploit it.

#### *Introductory Chapter: Computer Security Threats DOI: http://dx.doi.org/10.5772/intechopen.93041*

an attack, extract maximum information regarding this target, understand its vulnerabilities, and then only explore the best ways to exploit it.

Step 3: weaponization

*Computer Security Threats*

**2. Motivation and objectives of hackers**

enjoyable game to test their wits and skills.

credentials of individuals or organizations.

unwanted ads.

service attacks.

abilities. This is almost a pre-phase of an attack.

The purpose of a hacker is to break the security of computers and networks affecting the confidentiality, integrity, and availability of information/service on systems. Such activities of hackers are considered illegal as they invest their time and know how, to make personal gains and breach the security across networks. Before looking at the taxonomy of computer threats, it is necessary to classify the different types of hackers. Each type of hacker is expected to have their own motivation for their activities. The most common of those are included here:

**Fun:** Fun is the only motivation for the script kiddies and lot of nonserious hackers. For them, the breaking into a secure system is a challenging and adventurous

**Vulnerability testing:** Vulnerability testing is done by administrators to locate vulnerabilities and hence develop protections. The same is also done by hackers to identify vulnerabilities in target systems and to find the exploits for those vulner-

**Espionage:** Espionage is another type of theft where the hacker tries to get protected information instead of the direct financial gain. The information stolen can be either sold in black market or used by adversaries to gain strategic advantages. **Spamming:** Spamming is not just about unsolicited emails. This spam can be due to certain particular malware that invade the web browser and devastate with

**Control:** The hacker uses a Trojan or other means to take remote control over another system. Then the hacker can turn that compromised system into a bot or a zombie computer that they use to power spam or to deploy distributed denial of

**Disruption:** Disruption of services or access to information, by taking over websites or social media accounts, is usually an act of competition, protest, or rivalry.

Computer threats and attacks involve accessing information, obliterating or manipulating data, destabilizing the computer, or degrading its performance [1]. Computer attacks are mainly information gathering, privilege escalation, buffer overflow exploits, remote accessing by unauthorized users, and denial of service attacks [2]. Network attacks being a subset of computer attacks were mostly attacks on computer systems that form the basic infrastructure of a communication network. A network aids in sending an attack or it could be the means of

There are various steps involved in the attacking scenario, and these steps are

Before initiating any of the attacking steps, the hackers normally prefer to hide their identity and their activities. These are normally done by spoofing when the attacker hides his identity and pretends to be someone else. This can be done by

It is always a good practice to plan well before undertaking any action, and this is applicable in the case of hacking too. The hackers first identifies a target to launch

This effect will slow down or shut down of the target's Internet activity.

**3. Classification of computer threats and attacks**

MAC cloning, IP spoofing, or email spoofing.

Step 2: reconnaissance

**Theft:** Theft or stealing of data is when hackers infiltrate on a database of

**4**

attack.

briefly listed here: Step 1: spoofing

The hacker with the information collected in the previous phase identifies/ develops weapons in order to get into the computer or the network. During this phase, the hacker collects the tools that they plan to use once they gain access to the system for the successful exploitation of the vulnerabilities in the system.

Step 4: implementation

In the implementation phase, the attack starts working. It is when the phishing e-mails are sent or when the fake web pages are posted to the Internet and the attacker patiently waits for all the data they need to start rolling in.

Step 5: exploitation

This is a state when the sensitive and confidential data starts rolling in. It is the most exciting phase for the hackers, and they try out the usernames and passwords against web-based e-mail systems or secured connections to sensitive networks.

## Step 6: installation

After a successful exploitation, the attacker will make sure to have continued access to the system. This is by installing a persistent backdoor or creating admin accounts on the system, disabling firewall rules, and perhaps even activating remote desktop access on computer systems on the network.
