4 External Attacks

In this chapter, we will:

Leveraging the Hacker mindset and the OODA loop models to plan out our own theoretical attacks against Home and Company networks
Exploring how data injection attacks work
Using knowledge of the different types of malware to defensive strategies
Exploring how WiFi and mobile phone networks and how data can be intercepted and spoofed

Now that we’ve looked at how to think like a hacker, and what mental models we can use, we get to the really fun stuff: exploring how the most common external attacks work. As part of helping you anticipate external attacks, this chapter will have several exercises to teach you how to think and plan an attack yourself. We’ll also look at the different types of malware, as well as dig into the security problems with WiFi and mobile phone networks.

By the chapter’s end, you will be able to think like an attacker – to understand how and why some of the most common attacks work. By understanding how to use malware and attacks using security problems with WiFi and mobile networks to steal users’ credentials and data, you’ll be better able to defend against these attacks.

4.1 How do hackers get in?

4.1.1 Home Setup

4.1.2 Corporate Network

4.2 Data injection attacks

4.2.1 SQL Injection (SQLi)

4.2.2 Cross-Site Scripting (XSS)

4.3 Malware: Viruses, Trojans, and Ransomware

4.3.1 Viruses

4.3.2 Trojans

4.3.3 Ransomware

4.3.4 Protection

4.4 Dodgy Wifi

4.4.1 Defenses

4.5 Mobile phones, SMS, and 5G

4.5.1 Malware

4.5.2 IMEI cloning

4.5.3 SMS spoofing

4.5.4 Problems with 5G

4.5.5 Keeping safe

4.6 Summary