Security Threats
Security Threats
During the 90’s when the Internet/internet grew into what
has become a major part of everyone's lives. Unfortunately it
also has been vulnerable to attacks from outside/inside sources, and today Internet
Security soon became a big part of IT management.
Major Threats
Viruses/WormsAttacking Individuals
HackingDenial-of-Service (DoS)
Type of Attacker
Viruses & Worms
Viruses• Are pieces of a code that attach to other programs• Are executed when infected programs are activated• It can infect other programs on your
computer/machine• Spread to other computers via e-mail attachments,
IM’s, peer-to-peer file transfer, etc.
Worms• Is a stand alone program and it does not need to
attach itself to other programs• Like a Virus it can spread via e-mail, file transfers,
IM’s, etc. • Unlike a virus, worms will need help, they need a
user to open an e-mail or attachment but this is unreliable and slow
• Vulnerability-enabled worms don’t need human intervention, these worms look for weak spots in the programs, so they spread faster
Payloads
After they infect your computer and other machines the viruses/worms execute their payloads.
• Hard disk can be erased• Install a Trojan Horse• Misdirect you to other sites like pornography• Can turn your computer into a spam generator
Trojan HorseThis is a program that can be installed on the user’s computer, and once installed it will continue to cause damage.
• Relies on worms/viruses/hackers/unknowingly installing it
• Trojan name as it is called, explains why it hides itself as a file in your system which may seem legitimate but is not
• Major problem of this program is spyware
Spyware
• It does what it say’s, it spyies• Web surfing details• Passwords• Personal Identification• Data mining, searches for information on your
computer• This information can be sent back to its source
Attacks to Individuals
• Social engineering• Spam
Social Engineering
This is when the attacker convinces another person to give up any personal information
• Selling a fake or non-existing product• Wining a contest, that never existed• Service that does not exist or is never done• In Social sites like Facebook, MySpace, chat
rooms, etc.
Spam
• Phishing, real-looking e-mail’s or real-looking websites
• ID theft• Fraud• Web-Links or Surfing habits
Hacking
It is the unauthorized use of a computer or to exceed how much you are allowed to use and see.
• Scanning, is when the attacker begins the attack by scanning the network– Nmap, hacker-tool kit to scan (sending probe
packets) for open ports in the network• Breaking In, taking advantage of
vulnerabilities.
Nmap Scanning Program
Once Inside• Downloads Hacker Tools, are a collection of
programs that will automate tasks that will be done as soon as the attacker is in
• Deleting Log Files, another tool that erases log in files so the real owner does not know that they have been compromised, what was done, and how it was done
• Backdoor, using the toolkit the hacker will create a backdoor and even if the vulnerability has been fixed. The backdoor can be disguised.
Once inside (continued)• Downloading Trojan Horses, to keep attaking
even after the hacker has been long gone.• Manual work, even with the toolkits the
hacker may chose to do other damage, whether to delete files, change names or file locations.
Denial-of-Service (DoS)
• Does not involve hacking into a computer• No Viruses or Worms• Main purpose of DoS, is to make the computer
unavailable to its user(s)• Bots, are general purpose exploitation
programs
Traditional Attackers
• Hackers• Disgruntled Employee or Ex-Employee• Virus Writers• Criminal Attackers, which are mostly motivated
by money• Cyber-terrorist and National Governments,
cyber-terror which are attacks by extremist, & cyber-war are attacks by other national governments