reading-notes
Dedicated to my thoughts while learning cybersec
Reconnaissance
12/2/2020
The art of unseen information gathering
The goal of the reconnaissance phase in any cyber security attack is to identify weak points of the target. A successful military strategist would dedicate ample resources on reconnaissance to find weaknesses in the enemy’s defenses or to assess the enemy’s capabilities. In either case, any information gathered about the target (aka enemy) may be the crucial piece needed to reveal a critical weakness in defense or an unknown offensive capability of the enemy. Information is often the difference between life and death in war.
Any successful cyber attacker will dedicate a significant amount of time observing a target network to find weaknesses in its defense. Any weakness found may lead to infiltration of the target network. Most attacks usually start with a bad actor wanting to perform some sort of act and the act can usually be categorized into a particular pillar of cyber security.
| Bad Actor: I want to … | pillar violated |
|---|---|
| steal a file | confidentiality |
| deface a webpage | integrity |
| bring down a DNS server | availability |
| send a bad e-mail from some else’s account | non-repudiation |
| steal login credentials | authentication |
Gathering information without alerting the target is of the upmost importance, once alerted, a target will likely react by drastically increasing security in anticipation of an attack.