Week 6 Reading Summary and in the news
Packet sniffing is largely an internal threat which must be mitigated. Packet sniffing is susceptible in both a non-switched and switched network. Many off the shelf tools today allow insider threats to easily capture information deemed sensitive. Packet sniffers were intended for “good” use but inevitably have become a tool for malicious activity. A switched network considered to be more secure is also vulnerable to sniffing with a laptop and implementation of a man in the middle attack. There are a variety of mitigation steps that can be put in place that are more and less successful, but ultimately encryption is the most viable solution.
In the news: Beware of cash out attacks, banking Trojans via Malvertising and POS Memory-Scraping Malware