Module 5: Threats
Description
In cybersecurity, a threat is the potential for a negative security event to occur. This module examines common attacks against critical infrastructure including hijacking, denial-of-service attacks, malicious software, SMTP spam engines, Man-in-the-Middle (MITM) attacks, and social engineering. It explores how attacks are being conducted through users, and the different kinds of attacks that target server-side and client-side applications. The module also explores some of the common attacks that are launched against networks, CI and SCADA/Control Systems, and other CI devices today. There is a discussion of how malware is designed and configured, how it works, and the current and future impact of malware on SCADA systems. An overview of how malware like Stuxnet impacts SCADA systems serves as an example.
Objectives
| # | Revised Bloom’s Taxonomy | Objective | Slide # | Act. 1 | Team Act | Assess Ques # |
|---|---|---|---|---|---|---|
| 5.1 | Understand | Define threats and threat agents. | 6-14 | N/A | X | 2, 3, 4, 5, 8 |
| 5.2 | Understand | Identify how different threats—including hijacking, denial-of-service attacks, malicious software, SMTP spam engines, Man-in-the-Middle (MITM) attacks, and social engineering—would apply to critical infrastructure. | 15-16 | N/A | X | 1,6, 11, 16, 17, 18 |
| 5.3 | Understand | Identify different types of malware and their intended payloads. | 17-19 | N/A | X | 12, 15, 20 |
| 5.4 | Understand | Identify social engineering psychological attacks. | 22-23 | N/A | 9, 7 | |
| 5.5 | Understand | Identify the different types of server-side web application and client-side attacks relevant to critical infrastructure. | 25 | N/A | 13, 10 | |
| 5.6 | Understand | Identify overflow attacks. | 24 | N/A | X | 19 |
| 5.7 | Understand | Provide examples of malware attacks and discuss their functionality and impact on critical infrastructure systems. | N/A | X |
