Cyber Primer
AEWhbF
AEWhbF
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Cyber</strong> threats<br />
b. Payload. Payload is computer code that will impact the target<br />
system through exploiting vulnerabilities, enabling the adversary<br />
to establish access and/or interact with the target. Often the vector<br />
and payload are combined in the form of malware.<br />
c. Behaviour. Behaviour describes the actions taken by an<br />
adversary to ensure the initial and enduring success of the vector<br />
and payload in their attack. Actions may include concealing<br />
adversarial activity, for example, being undetected in both system<br />
log audits and by anti-virus software. Adversaries will often delete<br />
or disguise evidence of their activities once the attack is complete.<br />
d. Effect. The outcomes of a cyber attack may be physical, but<br />
the majority are created through the virtual and cognitive domains.<br />
Effects may vary depending upon the attacker’s intent and nature of<br />
the payload. Effects may include the following.<br />
i. Direct action on the target system – for example, a denial<br />
of service (DoS) where an attacker aims to make a service or<br />
network unavailable to its users by overloading it with repeated<br />
requests for information or messages. 30<br />
ii. Accessing a system, which not only gives the actor access to<br />
the information held by that system, but may also provide the<br />
means to investigate and exploit further onward connections. 31<br />
iii. Accessing a system that may enable an adversary to render<br />
equipment useless, thus denying the Defence capabilities it<br />
relies upon to accomplish its missions.<br />
iv. Theft of data and/or altering of data – for example,<br />
password theft, data theft for reputational impact or loss of<br />
intellectual property and changing the integrity of databases<br />
30 An extension of a denial of service (DoS) is a distributed denial of service (DDoS)<br />
which uses multiple computers to attack the system, which can increase the duration and<br />
severity of the disruption.<br />
31 Access to a system will depend on the system configuration and privileges acquired by<br />
the attacker.<br />
<strong>Cyber</strong> <strong>Primer</strong> (2nd Edition) 27