| A confidentiality attack tries to capture | | | | host. Port scans can also help gather more |
| confidential data (such as username, password, | | | | information about the target system such as |
| credit card numbers and data in emails) so an | | | | what operating system it's running. |
| attacker can use that data for malicious intent. | | | | Dumpster Diving: Many companies throw away |
| Confidentiality attacks often go undetected | | | | confidential data without properly shredding it. An |
| because the attacker makes a copy of the data, | | | | attacker can rummage through a company's trash |
| rather than trying to change the data or take | | | | in hopes of discovering data that could be used to |
| down the system. There are several different | | | | compromise network resources. |
| types or methods to a confidentiality attack: | | | | Wiretapping: If an attacker gains access to a |
| Packet Capture: A packet capture utility can | | | | network wiring closet, they can then physically |
| capture data that is sent across the network or | | | | tap into a telephone line and eavesdrop on the |
| from a PC's NIC card. The packets can contain | | | | conversation. They could also insert a hub inline |
| username and password, credit card numbers, | | | | with the network cable and receive copies of the |
| social security card numbers or anything that is in | | | | data. |
| plain text. An attacker can read this data from a | | | | Social Engineering: Phone techniques can be used |
| packet capture utility and use it for malicious | | | | to obtain information from end users. For |
| intent. | | | | example someone could pose as a member of |
| Ping sweep and port scan: Some attacks start | | | | the IT department and ask for the end users |
| with a scan of the network to identify devices to | | | | login information. |
| target on the network. A ping sweep will ping a | | | | Electromagnetic interfaces interception: Data is |
| range of IP addresses and wait for a reply. A ping | | | | often transmitted over a wire, often called a |
| reply might indicate that there is a network | | | | network cable. Attackers can copy data traveling |
| resource at those IP addresses. Once a collection | | | | over the wire by intercepting the EMI being |
| of IP addresses is identified, a port scan can be | | | | emitted by the wire. The EMI emissions are |
| ran to see what services are available on the | | | | sometimes called emanations. |