Question

With example, explain the different types of attack surface?

Answer 1

`Hey,

Note: Brother if you have any queries related the answer please do comment. I would be very happy to resolve all your queries.

There are two main types of attack surfaces that can affect any company:

Digital attack surface

Today, it’s easier to hack digitally than to break into a digital fortress like a datacenter by just walking there.

The Internet offers many different ways to crack systems and obtain access to unauthorized areas—the bad guys have been doing this for decades. In the same way, white hat blue teams and red teams use penetration testing against many different attack surface areas.

One of the most popular types of attack surfaces is the digital variety. Every computer connected to the Internet is exposed to remote attacks, and in a similar way, local networks can still leave their own digital attack surfaces exposed even if they aren’t connected.

This attack surface, as we mentioned before, includes software applications, networks, ports, operating system services, web and desktop applications and more. In other words, everything running on the digital side of any company.

Physical attack surface

On the other hand, the physical attack surface includes everything related to hardware and physical devices; here we’re talking about routers, switches, tower or rack servers, desktop computers, notebooks, tablets and mobile phones, TVs, printers, USB ports, surveillance cameras, etc.

Once the attacker has gained access to the physical device, he’ll try to explore the systems and networks where the device is connected, in order to:

• Create a digital map of all the network, ports and services
• Inspect the source code of the running software, if found
• Check the running databases and the information stored there
• Upload virus, malware or backdoors to infect the operating system
• Crack login credentials to gain access to privileged areas
• Copy sensitive information to removable devices or send it to remote servers

While most offices now use such protective measures as biometric access control systems, access control cards and door locking to avoid tailgating and pretexting social techniques, most of the time an attacker doesn’t have to be inside the physical place/office to take control of a physical device. The human factor is often the weakest point of any cybersecurity system. This is why social engineering or rogue employees can be the open door to unauthorized access from the outside.

Kindly revert for any queries

Thanks.