Layered Attacks

Rust College STEM Website Banner (1).gif

RUST COLLEGE HAS PARTNERED WITH NISSAN TO CREATE THE NISSAN-RC CYBERSECURITY SIMULATION LAB

Understanding Cyber Attacks Across the OSI Model In cybersecurity, threats can emerge at different layers of the OSI (Open Systems Interconnection) model, which defines how data is transmitted across networks. Each of the seven layers presents unique vulnerabilities that attackers can exploit, ranging from physical tampering (Layer 1 - Physical Layer) to application-based exploits (Layer 7 - Application Layer). For example, an attacker may launch a Man-in-the-Middle (MitM) attack at the Network Layer (Layer 3) to intercept data in transit, while an SQL Injection attack targets web applications at the Application Layer (Layer 7). Understanding how cyber threats map to each OSI layer helps organizations implement targeted security measures and build a stronger defense against modern cyber threats.

Imagine the OSI Model as a seven-layer cake, where each layer represents a different part of how computers and networks communicate. Just like a cake, if one layer is weak, the whole structure can crumble. Hackers can attack each layer in different ways, so understanding these attacks helps us protect our devices, data, and networks. Let's explore the many attacks at different layers of the OSI model.

Layer 1: Physical Layer – The "Wires & Hardware" Layer What Happens Here?

This layer includes physical devices like cables, routers, Wi-Fi signals, and servers—basically, anything you can touch.

Types of Attacks at This Layer:

Wiretapping (Eavesdropping on Cables or Wi-Fi Signals)

A hacker physically connects to a network cable or intercepts Wi-Fi signals to steal data.
Example: Imagine someone secretly plugging into your office’s network cable to spy on your emails.

Jamming (Disrupting Wireless Signals)

Attackers flood the network with noise to block Wi-Fi signals.
Example: Think of a loud siren drowning out a conversation so nobody can hear.

Physical Destruction or Theft

Hackers physically damage or steal a server, router, or hard drive.
Example: If a thief steals your computer, they could access all your personal files.

Layer 2: Data Link Layer – The "Traffic Control" Layer What Happens Here?

This layer makes sure data gets sent to the right place, just like traffic lights direct cars at intersections.

Types of Attacks at This Layer:

MAC Address Spoofing(Impersonation)

Hackers trick the network by pretending to be someone else’s computer.
Example: It’s like a thief dressing up as you to enter a restricted area.

ARP Spoofing (Man-in-the-Middle Attack)

A hacker sends fake messages to a network, rerouting data to their own device.
Example: Imagine mailing a letter to your bank, but a hacker secretly intercepts and alters it before it reaches them.

Switch Hijacking

Hackers manipulate network switches to control traffic.
Example: Think of a crooked traffic officer redirecting all cars down the wrong road.

Layer 3: Network Layer – The "Navigation System" Layer What Happens Here?

This layer handles how data moves between different networks (like the internet). It’s responsible for IP addresses and routing data.

Types of Attacks at This Layer:

IP Spoofing(Faking an Address)

Hackers disguise their identity by using a fake IP address.
Example: It’s like a burglar changing their caller ID to pretend they’re from the police

DDoS (Distributed Denial of Service) Attack

Attackers flood a network with so much fake traffic that it crashes.
Example: Imagine 1,000 fake customers entering a small store at once, making it impossible for real customers to shop.

Route Poisoning(Misdirecting Traffic)

Hackers alter routing tables, sending data to the wrong places.
Example: It’s like a GPS hacker changing your map so you drive in circles.

Layer 4: Transport Layer – The "Package Delivery" Layer What Happens Here?

This layer ensures data is properly packaged and delivered to the right location (like UPS delivering a package).

Types of Attacks at This Layer:

TCP SYN Flood (Overloading a Connection)

Hackers trick a server into opening multiple fake connections, exhausting its resources.
Example: It’s like calling a pizza place 1,000 times but never placing an order, so no one else can order.

Port Scanning (Checking for Weak Spots)

Hackers scan a system for open ports they can attack.
Example: A thief checking all doors and windows of a house to find the easiest way in.

Layer 5: Session Layer – The "Handshake" Layer What Happens Here?

This layer manages sessions, which are like conversations between computers.

Types of Attacks at This Layer:

Session Hijacking(Taking Over a User’s Session)

Hackers steal an active session to take control of a user’s account.
Example: If you leave your Facebook logged in at a library, someone else could post as you.

Replay Attack(Reusing Stolen Data)

Hackers capture and reuse old login credentials to gain access.
Example: Someone records your security badge beep and replays it later to unlock a door.

Layer 6: Presentation Layer – The "Translator & Security" Layer What Happens Here?

This layer translates data so computers understand each other and handles encryption for security.

Types of Attacks at This Layer:

Screenshot 2025-03-17 at 11.08.20 AM.png

SSL Stripping (Removing Encryption)

Hackers downgrade a secure connection (HTTPS → HTTP) to steal data.
Example: Imagine a secure vault, but someone removes the lock before you put valuables inside.

Screenshot 2025-03-17 at 11.08.25 AM.png

Code Injection (Malicious Code Execution)

Attackers inject harmful scripts into a program.
Example: Like a corrupt mechanic secretly adding a virus to your car’s GPS system.

Layer 7: Application Layer – The "User Interface" Layer What Happens Here?

This is where users interact with applications like web browsers, emails, and social media.

Types of Attacks at This Layer:

Phishing (Tricking Users into Giving Info)

Hackers create fake emails or websites to steal passwords.
Example: A fake “Bank of America” email asks for your account details.

SQL Injection (Hacking Databases)

Attackers exploit vulnerabilities in web forms to steal or delete data.
Example: A hacker inputs malicious code in a login box to bypass authentication.

Ransomware (Locking Files for Money)

A virus locks your files and demands a ransom to unlock them.
Example: Like a kidnapper locking your documents in a safe and asking for money to return them.

Final Thoughts: How to Protect Yourself from Cyber Attacks

To stay safe from these attacks, follow these simple cybersecurity practices:

Cybercriminals attack different layers of a network, but by understanding where and how attacks happen, we can strengthen our defenses and keep our digital world safe.