1 00:00:01,850 --> 00:00:07,450 So we've already listed system resources which was relatively easy. 2 00:00:07,460 --> 00:00:12,660 Now we have to define the risk of an attack on those resources using the vulnerabilities we've found. 3 00:00:13,820 --> 00:00:22,600 At this point we should get to know the methods of the attackers if we know them we will better understand 4 00:00:22,600 --> 00:00:30,040 how the attackers could exploit some of the system errors or bugs. 5 00:00:30,080 --> 00:00:34,450 The picture you see in the slide shows an attack methodology from a school of hackers. 6 00:00:36,930 --> 00:00:41,750 This is a Chinese school of hackers that gives professional lessons in breaking into computers. 7 00:00:43,230 --> 00:00:49,760 The picture represents a very general method for an attack in order to pass the subject. 8 00:00:49,770 --> 00:00:57,740 A student must find an e-mail address of a victim or the IP address of its computer as we know from 9 00:00:57,740 --> 00:00:58,760 previous modules. 10 00:00:58,760 --> 00:01:04,280 This is relatively easy because such data is widely available and there are tools that make it easier 11 00:01:04,280 --> 00:01:05,290 to obtain them. 12 00:01:07,010 --> 00:01:13,910 Let's try the left route of the attack after having obtained the email address of the victim. 13 00:01:14,330 --> 00:01:17,940 We send him or her a malicious email. 14 00:01:18,080 --> 00:01:21,910 Then we define testamentary point. 15 00:01:22,040 --> 00:01:27,410 It turns out that the mail server and the email client programs installed on the computer can serve 16 00:01:27,440 --> 00:01:31,210 as the entry point. 17 00:01:31,300 --> 00:01:35,040 The most difficult part is to get the user to open the malicious attachment 18 00:01:37,850 --> 00:01:42,900 to achieve this we could use eye catching photos or interesting content. 19 00:01:44,950 --> 00:01:51,010 Next we have to ensure that we'll be able to access the system repeatedly. 20 00:01:51,020 --> 00:01:56,540 We will start a program that will allow us to take control of the victim's computer and to gain access 21 00:01:56,540 --> 00:01:57,700 to it in the future. 22 00:02:00,520 --> 00:02:05,630 We should fully use the effort we've put into the attack. 23 00:02:05,670 --> 00:02:11,740 If you analyze the diagram from the school of hackers by yourself you will know where is set trust boundaries 24 00:02:11,830 --> 00:02:13,810 and how to counter real threats. 25 00:02:15,000 --> 00:02:17,120 This is what threat modeling is all about. 26 00:02:18,280 --> 00:02:22,830 You have to define the actual threats to your computer to find a way to counter them 27 00:02:32,020 --> 00:02:35,050 risk management is quite complicated. 28 00:02:35,050 --> 00:02:40,270 It requires more skill than setting up the system downloading updates and enabling firewall protection 29 00:02:40,270 --> 00:02:42,790 do. 30 00:02:42,980 --> 00:02:45,700 Therefore we should use reliable solutions only 31 00:02:56,590 --> 00:03:04,510 one such solution is the strike model it divides threats in the six categories according to the consequences 32 00:03:04,510 --> 00:03:14,610 of the attack the attacker can spoof someone's identity that can tamper with data or deny that he or 33 00:03:14,610 --> 00:03:19,370 she performed an action which is called repudiation. 34 00:03:19,400 --> 00:03:25,950 We will discuss each of these in detail later in the seminar and other threat concerns the disclosure 35 00:03:25,950 --> 00:03:34,160 of confidential information obtained by an unauthorized person diyan the stride model sans for the denial 36 00:03:34,160 --> 00:03:42,370 of service attack which is an attempt to make service unavailable to its intended users. 37 00:03:42,380 --> 00:03:50,150 The last category of attack is called elevation of privilege that is gaining unauthorized elevation 38 00:03:50,150 --> 00:03:53,320 of user privileges. 39 00:03:53,360 --> 00:03:57,370 You can see the visualization of the stride model on the right side of the slide.