Intrusion
From The IT Law Wiki
(Redirected from Computer intrusion)
An intrusion (also referred to as a network intrusion) is an “unauthorized act of bypassing the security mechanisms of a system.”[1] It may involve unauthorized access or access in excess of a user’s privileges on a network. An intrusion is usually accomplished by taking advantage of a system that is not properly configured, a known vulnerability that was not patched, or weak security implementation such as a blank or easily guessed password.
Once access to the network has been gained, the intruder(s) can exploit the system in various ways. Some examples include —
- Intelligence gathering.
- Determining user accounts and passwords.
- Network mapping.
- Creating additional accounts or access paths (backdoors) for later use.
- Escalating user privileges.
- Using sniffer software to monitor network traffic.
- Using network resources to store and/or share files.
- Gaining access to proprietary or confidential data.
- Theft or destruction of data.
- Using resources to identify and exploit other vulnerable systems.
[edit] References
- ↑ Comm. on Nat’l Security Sys., National Information Assurance Glossary 35 (Inst. No. 4009 (2006)).
