Technical Description So as discussed earlier I will make couple of scenarios that will help us to identifying different types of malware attack vectors. So Covering this type of topics I will make couple of practices like Creating two machine with in the same network configuration and then start attack through the first machine to second once through out the network vulnerabilities like smb enumeration attack to perform ransomware attack and then force the user to pay for it. This is all in controlled environment and no one may harm from it. Secondly I will perform the practical of Fileless malware. A fileless attack is not caught by antivirus software — and because these attacks are stealthy, they are up to ten times more successful than traditional malware attacks. After this I will make practical of spying on a specific Computer to detect or grep the useful information through the spywares. After this I will make a practical on the user data stealing through the process of Trojan horses without the knowledge of the user. After this I will perform a social engineering attack through the user mind-hijacking to get the root/admin level permission and maintaining admin level permission by installing to forced them crack software (Remote administration tools). Creating worm like malware that Stuxnet (that was probably developed by the US and Israeli intelligence forces with the intent of setting back Iran’s nuclear program) to getting force attack on the victim machine. Then creating Rootkits. Rootkits can be injected into applications, kernels, hypervisors, or firmware. They spread through phishing, malicious attachments, malicious downloads, and compromised shared drives. Rootkits can also be used to conceal other malware, such as key loggers. At the end I will configure the wazuh and configure a victim computer to the wazuh client, then I Configure the client to wazuh client for check real time each logs of operating system and after this I configure each point of security level in wazuh to monitor end – to – end point detection or Like NDR (Network Detection Responder) to get the attack scheme and check how when why or through attack is perform in my network or attack will run on my client/victim machine. Then is used this to collect, aggregate, index and analyze security data, helping organizations detect intrusions, threats and behavioral anomalies. As cyber
Malware Threats to the Energy Sector threats are becoming more sophisticated, real-time monitoring and security analysis are needed for fast threat detection and remediation.