Examples in Real Life

The Silent Assassin

I am going through these CCNA Security videos and some of the examples seem a tad bit extreme. You know, attacker somehow manages to get a device on a subnet on your network past the IPS/IDS, Cisco ASA and is able to sniff packets that are going to the file servers and launch a DoS attack. My question is how likely is this stuff happening or are the instructor just using worst case scenario?

kohr-ah

All it takes is one internal disgruntled IT employee with the right access to do this on your corporate network.

I have yet to see it but wouldn't discredit it to some extent.

OfWolfAndMan

On your home network? I doubt it. Unless you're a millionaire in disguise (And they found out). Or if you're Batman. Then you could probably take care of em yourself (Just make sure you don't use Christian Bale's Batman voice).

In a corporate network, as kohr-ah said, there could be a former employee holding a grudge, an undercover spy trying to steal all of your secrets, a curious script kiddy noob, or an unknown entity that's after your sensitive data. It's real. Not in the small networks maybe, but in the enterprise, absolutely. I think I read somewhere awhile back as of recently about half of internet traffic is made up by bots. Who knew?

Balantine

I see it all the time with malware, weak passwords and other low-hanging fruit.

In context, a PCI breach can cost a company millions of dollars and involve the FBI/DHS and other law enforcement. Cryptolocker is a great example. Last I checked, the average cost of a data breach was in the neighborhood of 250K.

There are several meta-reports about this, especially the Verizon Data Breach Reports: Verizon Data Breach Investigations Report | Verizon Enterprise Solutions

Here is Fire Eye's Real-World Assessment of Defense in Depth Report: http://www2.fireeye.com/rs/fireye/images/fireeye-real-world-assessment.pdf