ALERT

[WEBINAR] See the Whole Story: The Case for a Visualization Platform

Masquerade Attack

Definition - What does Masquerade Attack mean?

A masquerade attack is an attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification. If an authorization process is not fully protected, it can become extremely vulnerable to a masquerade attack.

Masquerade attacks can be perpetrated using stolen passwords and logons, by locating gaps in programs, or by finding a way around the authentication process. The attack can be triggered either by someone within the organization or by an outsider if the organization is connected to a public network. The amount of access masquerade attackers get depends on the level of authorization they've managed to attain. As such, masquerade attackers can have a full smorgasbord of cybercrime opportunities if they’ve gained the highest access authority to a business organization. Personal attacks, although less common, can also be harmful.

Techopedia explains Masquerade Attack

Masquerade attacks may happen in a number of ways. In case of an insider attack, a masquerade attacker gains access to the account of a legitimate user either by stealing the victim's account ID and password, or by using a keylogger. Another common method is by exploiting a legitimate user's laziness and trust. For example, if a legitimate user leaves the terminal or session open and logged in, a co-worker may act as a masquerade attacker.

Vulnerable authentication is one of the other factors that can trigger a masquerade attack, as it helps the attacker to gain access much more easily. Once the attackers gain access, they can get into all of the organization's critical data and can delete or modify it, steal sensitive data, or alter routing information and network configuration.

For example, although a unique IP address is assigned to each individual computer, a hacker can convince another system that it is the authorized user through spoofing, essentially convincing the target computer that the hacker's computer has the same IP.

A standard strategy to resist this kind of attack is to create innovative algorithms that can efficiently detect the suspicious actions, which could result in the detection of imposters.

Connect with us

Techopedia on Linkedin
Techopedia on Linkedin
Tweat cdn.techopedia.com
"Techopedia" on Twitter


'@Techopedia'
Sign up for Techopedia's Free Newsletter!

Email Newsletter

Join thousands of others with our weekly newsletter

Resources
Free Whitepaper: The Path to Hybrid Cloud
Free Whitepaper: The Path to Hybrid Cloud:
The Path to Hybrid Cloud: Intelligent Bursting To Amazon Web Services & Microsoft Azure
Free E-Book: Public Cloud Guide
Free E-Book: Public Cloud Guide:
This white paper is for leaders of Operations, Engineering, or Infrastructure teams who are creating or executing an IT roadmap.
Free Tool: Virtual Health Monitor
Free Tool: Virtual Health Monitor:
Virtual Health Monitor is a free virtualization monitoring and reporting tool for VMware, Hyper-V, RHEV, and XenServer environments.
Free 30 Day Trial – Turbonomic
Free 30 Day Trial – Turbonomic:
Turbonomic delivers an autonomic platform where virtual and cloud environments self-manage in real-time to assure application performance.