Skip to content

THE user layer

Internet Protocol Users, Empowering Connections

malicious Online Activity

Exploiting 3rd Parties

Insider Threat

Scanning & Reconnaissance Exploitation

social engineering

CHATBOT ON PREVENTING AND REPORTING CYBERCRIME

LET US HELP YOU WITH PREVENTING AND REPORTING CYBERCRIME

THE USERS OF INTERNET PROTOCOL SERVICES

the Cyber ecosystem, The Users of IP Resources explained

Welcome to Layer 6: The Users. This layer focuses on the human element of the cyber ecosystem. At Listcrime.com, we explore the various attack vectors that target users, such as social engineering and insider threats. Empower yourself with knowledge on how to recognize and defend against these threats, ensuring that you are not the weakest link in your cybersecurity chain. The purpose of this website, The Cyber Ecosystem of Internet Protocol Resources is to bring a holistic unified view into our approach to cyber security. This document highlights the different levels of people, processes, technology and physical services that make up our cyber ecosystem, so that we can start to view the internet and its borderless security problems more broadly.

Most homes and businesses have a device that connects to the internet known as an Internet Service Provider (ISP) Gateway, it’s through that device that internet-capable devices reach the rest of the world and as covered in the ISP & Network Providers of Internet Protocol Resources, Last mile, Layer 5, these ISPs act as a last hop “access” network and are closest to you the Users of Internet Protocol Resources, Layer 6.

Thanks to that Gateway, we can communicate and send data back and forth, however that connection (conduit service) is full of attack vectors which also provide opportunities for the Abusers of Internet Protocol Resources, Layer 7 to gain access to your device, network or enterprise system. Attack vectors can occur through malicious intent, flaws, features or even user error, the Abusers of Internet Protocol Resources, Layer 7 will look to exploit them in a multitude of ways, often combining one or more attack vectors to achieve their end goal, which is ultimately to access, deny, alter or exfiltrate data from your device, network, or enterprise system.

Internet Protocol Users: Connecting You

The five Initial Access Attack Vectors of any cyber-attack. There are five Initial Access Attack Vectors (how the attacker gains initial access) for launching unauthorized access (scanning, reconnaissance and exploitation into your environment during a cyber-attack. They are a 3rd party exploitation, Insider, Scanning and Reconnaissance Exploitation (a triad) Social Engineering, and Malicious online activity with each Initial Access Attack Vector being foundational to the beginning stages of every cyber-attack. Together or separately these five Initial Access Attack Vectors serve as the opening segment of the attack pathway that every the Abusers of Internet Protocol Resources, Layer 7 will utilize as entry to the attack surface. Simply put, these five Initial Access Attack Vectors serve as a simplified version of the attack surface and attempt to align with other modeling methodologies such as the Draft NIST 800-154, MITRE ATT&CK , Cyber Kill Chain , NCSC.gov.uk and Common Attack Pattern Enumeration and Classification (CAPEC™).

According to Draft NIST Special Publication 800-154 , an attack vector is a segment of the entire attack surface pathway that an attacker uses to access a vulnerability. Each attack vector can be thought of as comprising a source of malicious content, a potentially vulnerable processor of that malicious content, and or the nature of the malicious content itself. I will also add a fourth variable, which is the method of delivery, the nature of the attack, characteristics or essence.

The MITRE ATT&CK and (CAPEC™) Frameworks enable contextual understanding of the attack patterns within an adversary’s operational lifecycle. Although each focus on specific use cases, CAPEC attack patterns and related ATT&CK techniques are cross referenced to bring information to the security community in a formalized way. The attack surface (Attack Vector X Attack Target = Attack Surface) may vary widely, spread across a single host or multiple hosts, involve an exploitation of a single vulnerability or multiple attack vectors. There exists the potential for some attack patterns to align with more than one category depending on one’s perspective. The categories (special highlight to CAPEC ) below represent the Six Initial Access Attack Vectors and categorize the different techniques used to attack a system.

Cyber Kill Chain and NCSC.gov.uk, Stages and Patterns specifically describe the Scanning and Reconnaissance Exploitation (Triad), it’s means, methods, ways, routes, processes or measures (how the attacker gains initial access) and how unauthorized access or the Scanning and Reconnaissance Exploitation (Triad) is used for initially infection access to your device, network, or enterprise system. Scanning can be defined as to look, sweep, search or cause a surface, object, or part to be traversed. While Reconnaissance is the observation of what you find, and Exploitation is gaining authority or taking advantage of a system.

The Attack Vectors

Cyber-crime encompasses a range of malicious activities that exploit digital technologies. The methodology outlined below categorizes these activities into five simple primary threats:

Attack Pathway

The sequence of actions, steps attackers take or methodology of an attack, encompassing four critical elements.