One of the best practices to learn is to read about attacks made on other organizations. In an earlier discussion, we reviewed the MITRE ATT&CK matrix for retrieving tactics, techniques, and procedures of bad actors and how to mitigate those attacks. This module will allow us to look at the basics of network architectures, network devices, and access methods to networks. The assigned reading for this discussion gives insight into a classic cyber attack by Kevin Mitnick who:
- Accessed a diskless workstation being used as an x-terminal that was granted through:
- IP Source Address Spoofing attack
- TCP sequence number prediction
- An existing connection to another machine was then hijacked.
Discussion Questions
- After reading the SANS Institute (2022) titled Kevin Mitnik, Hacking and Krishna, Kollou, and Raju (2014)'s work.
- Briefly summarize the attributes of Kevin Mitnik's attack.
- What security measures could have stopped this attack if they were put into place at the time? Would a firewall or intrusion prevention system have stopped the attack?
- Make certain to address the external devices/monitors as well as the changes to computer and network protocols that could have stopped or prevented this attack.
For Reading Purpose:
Kevin Mitnik, Hacking and Krishna, Kollou, and Raju (2014)'s work.