Devise Web Server and Web Application Attacks
How Black Hat Hackers Can Make MoneyWe’lleploying Malware and Controlling Botnets
Black hat hackers and other malicious users are motivated mainly by financial rewards, even though a few do it for fun. Some of the common attacks used include botnets and Malware. Botnets use an infected computer as an enslaved person to send out spam messages or perform other actions, such as participating in a DDMicrosoft’sBotnets can be used to send out spam messages containing links to products on sale or phishing websites that can be used to steal a victim’s financial information. Blackhat hackers can also use botnets to perform DDOS attacks, which damage a company’s network; the hackers can then blackmail the company for funds (Benz & Chatterjee, 2020). Black hat hackers also use Malware programs; Malware can infect a company’s computer system and encrypt their data, then require a ransom to decrypt it. Hackers can also use Malware to steal private information, which can be sold to the company’s competitors to raise funds. Hackers can also use malware programs to launder money. Funds obtained through ill-gotten means can be transferred online for non-existent services or goods; in this way, the funds will gain a legal root and would have been cleaned or laundered. Black hat hackers can also exploit botnets to mine cryptocurrencies. In this scenario, the computational power of the victim’s computers will be used for mining, but they will not gain anything; instead, their computers will slow down. Malware can also Botnets can be leased out to other hackers or individuals. The black hat hackers who own these botnets will gain financially from leasing the botnets, which is another motivation for creating the botnets. Hackers can also sell their malware collection to willing buyers to earn returns.
How Security Controls Like Microsoft’s Firewall Assist in Controlling the Spread of Malware
Cyber security controls and firewalls such as the Microsoft firewall are vital in preventing attacks and infection of Malware. Cyber security controls include guidelines a company can use to avoid attacks and elements that can control access to particular computer resources such as database systems. Cyber security controls such as biometrics can be used to manage the number of individuals who can access a specific room, say the server room; this system is also efficient as it will provide a log of individuals who visited the room and the times they were in the room in case any incident occurred. Firewalls can also reduce the chances of a computer system being infected with Malware by sifting through network traffic, stopping suspicious data packets, and alarming the administrator that there is a potential cyberattack. Malicious attacks can be detected by their regular pattern, whereas normal network traffic is random, with variations depending on what the user is doing on the network (Crumpler & Lewis 2019). Gateway firewalls can also be a man-in-the-middle filter between the internal and external networks. Firewalls can also filter allowed and blocked devices; for instance, if a particular IP address or Mac address has been used before to conduct an attack, the machine can be stopped, and any traffic originating from the device will be prevented. Firewalls can also contain malware infection by creating a list of company devices and only allowing those particular devices to access the company’s internal network. Firewall authentication is another way in which Malware and other kinds of infections can be prevented. Setting up authentication with solid passwords will reduce the chances of an attacker gaining access to the network and introducing Malware.
How I Would Determine if My Computer Were the Victim of an Advanced Persistent Threat
An advanced persistent threat is an attack that is highly complex and exceptionally stealthy, hence the use of advanced. The episode also takes place over an extended period, hence the use of persistence, and is also under the direct control of a human rather than an automated program. Advanced persistent threats are also comprised of several attack techniques, such as Malware, viruses, and worms, to obtain the required outcome. One of the main methods of determining if you have been a victim of an advanced persistent threat is to check login activities. A victim of an advanced constant threat would have unidentified login details; the system would log logins not made by company members or, in the case of an individual, by the individual. Another method would be that a user might find their device has been logged out despite them leaving the device logged in. Another indicator of an advanced persistent threat would be open spam emails on company emails or devices connected to the internal network. Another indicator of an advanced constant threat will be if members of the organization have received phone calls from odd numbers pretending to be either the IT department or other members of their network requesting information. During a scan of the network, if the cyber security experts find backdoors open within the internal network, this can indicate an advanced persistent threat working within the system but is hidden from plain sight. Application software can also be used as a tool for advanced persistent threats. Some of the warning signs that can be detected include sudden hanging off the computer and if the application software keeps crashing for no apparent reason. Data movement is also another sign of an advanced persistent threat; if the user of a computer system realizes that data has been moved from one server to another or from one location to another on the same device, it is an indicator that attackers might have penetrated the system (Sun et al. 2018).
Ways That Black Hat Hackers Could Try to Obfuscate the SQL Commands They Are Using
When hackers use SQL injection or any other attack technique, they want to keep the attack hidden to exploit the system again. The hiding of an attacker’s footprint is known as obfuscation. Some of the techniques used for SQL obfuscation include SQL HEX encoding systems. SQL HEX obfuscation is used to hide an attack by converting the query into another type of language to bypass security systems (Chaturvedi & Chakravarthy, 2020). MYSQL server is vulnerable to SQL HEX obfuscation alongside many other SQL servers since the code is changed and the system firewalls and attack monitoring system cannot detect the attack. Obfuscation is used for all episodes since attackers want to hide their intentions and not get noticed. If an attacker is to be realized, the attacker would prefer it to happen after the attack is completed. XOR technique is one method that can be used to obfuscate an attack; the method hides the attack by changing some bits of the code of a regular application, making it invisible to most antivirus software. Register reassignment is another technique malicious users and hackers use to hide or obfuscate an attack (Sun et al., 2018).
Other Web Attacks and How They Work
One of the standard attack techniques is the use of fuzzing attacks. Fuzzing attacks occur when a hacker inputs a large amount of random information into an application software or operating system to make it crash. This way, the attacker can scan the code of the crashed application and find loopholes in the system. After discovering loopholes, the attacker can then exploit these loopholes to attack a website, server, or computer system. Denial of service attacks is another common type of cybersecurity attack. Denial of service attacks overload the webserver to deny other users from accessing the system. Denial of service attacks are usually launched to deface a website or to ask for ransom from a particular organization. Brute force attacks are another joint website attack; they work by forcing random characters at an authentication system to guess the correct password and authentication system. Man-in-the-middle attack is another form in which the attacker comes between the user and the server to snoop or change the message to gain an advantage. Man-in-the-middle attacks are commonly used to achieve authentication information, private data, or other data. Website defacing is another form of web attack joint in the modern world. Web defacement occurs for various reasons, one being to embarrass a particular organization or to change payment details on the organization and realize a financial benefit. Competitors can also conduct a web defacement attack to steal the competition’s market share. The use of third-party code is another joint attack where the system is infected when a user uses third-party code to infect their computer (Lezzi, Lazoi & Corallo 2018). Cross-site scripting is another common type of attack, comprising more than 30% of all website attacks. Cross-site scripting works by injecting malicious code that attacks the visitor’s computer rather than the website’s host.
References
Benz, M., & Chatterjee, D. (2020). Calculated risk? A cybersecurity evaluation tool for SMEs. Business Horizons, 63(4), 531-540.
Crumpler, W., & Lewis, J. A. (2019). The cybersecurity workforce gap. Washington, DC, USA: Center for Strategic and International Studies (CSIS).
Lezzi, M., Lazoi, M., & Corallo, A. (2018). Cybersecurity for Industry 4.0 in the current literature: A reference framework. Computers in Industry, 103, 97-110.
Sun, N., Zhang, J., Rimba, P., Gao, S., Zhang, L. Y., & Xiang, Y. (2018). Data-driven cybersecurity incident prediction: A survey. IEEE communications surveys & tutorials, 21(2), 1744-1772.
Williams, C. M., Chaturvedi, R., & Chakravarthy, K. (2020). Cybersecurity risks in a pandemic. Journal of medical Internet research, 22(9), e23692.
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question 
Devise Web Server and Web Application Attacks
Part 1: Devise Windows Client Firewall Rules, APTs, and Black Hat Hacking
1) Explain how black hat hackers can make money by deploying Malware and controlling botnets. In addition to the book, use appropriate Internet resources—300 words minimum.
2) How do security controls like Microsoft’s firewall assist in controlling the spread of Malware? What additional features of an Internet Connection Firewall can be used in an organization with Active Directory? 300 words minimum.
3) Using the book, explain how you would determine if your computer were the victim of an advanced persistent threat. Explain any command line switches or tools you would use—350 words minimum.
Part 2: Attack a Webserver
1) How could black hat hackers try to obfuscate the SQL commands they are using? 200 words minimum.
2) What are some other Web attacks, and how do they work? 300 words minimum.