Information transmitted over networks has a higher degree of security risk than information kept in organization’s premise. In an organization, network administrators usually take measures to protect a network from security risks. On the Internet, where no central administrator is present, the security risk is greater. Internet and network attacks that jeopardize security include malware, botnets, denial of service attacks, back doors and spoofing.
Malware
Malware stands
short for malicious software, consists of programs that act without a user’s
knowledge and intentionally alters the operations of computers and mobile
devices.
Common Types of Malware:
A potentially damaging program that affects, or infects, a
computer or mobile device negatively by altering the way the computer or device
works without user’s permission or knowledge.
A program that copies itself repeatedly, for example in a
memory or on a network, using up resources and possibly shutting down the computer,
device or network.
It is a program that hides within or looks like a legitimate
program. Unlike a virus or worm, a trojan horse does not replicate itself to
other computers or devices.
A program that hides in a computer or mobile device without
the user’s knowledge that secretly collects information about the user and then
communicates the information it collects to some outside source while the user
is online.
Some malware contains characteristic in two or more classes.
For example, a single threat can contain elements of a virus, Trojan horse and
worm.
Malware can deliver its destructing event or prank, on a
computer or mobile devices in a variety of ways, such as when a user opens an
infected file, runs an infected program, connects an unprotected computer or
mobile device to a network, or when a certain event or condition occurs, such
as the computer’s clock changing to a specific date.
Botnets
A botnet, also known as zombie army, is a group of
compromised computers or mobile devices connected to a network such as the
Internet that that are used to attack other networks, usually for ill purposes.
A compromised computer or device, known as zombie, is one whose owner is unaware
that the computer or device is being controlled remotely by an outsider.
A bot is a program that performs a repetitive task on a network.
Cyber criminals install bots on unprotected computers and devices to create a
botnet. The perpetrator then uses the botnet to send spam via email, spread
viruses, other malware etc.
Denial of Service Attacks
A denial of service attack(DoS attack) is an assault whose
purpose is to disrupt computer or device access to an Internet service such as
the web or email. Perpetrators carry out a Dos attack in a variety of ways. For
example, they may use an unsuspecting computer or device to send an influx of
useless traffic such as confusing data messages to a network computer or
server. The victim computer network slows down considerably and eventually
become unresponsive or unavailable, blocking legitimate users from accessing
the network.
A more advanced and devastating type of DoS attack is the
distributed DoS attack (DDoS attack) in which an army of zombie is used to
attack computers or computer networks. DDoS attack have been able to stop
operation temporarily numerous websites, including powerhouses such as Yahoo!,
eBay, Amazon.com etc.
The damage done by a DoS or DDoS attack usually is
extensive. During the outage, the retailers lose sales from customers, news websites
and search engine lose revenue from advertisers and time-sensitive information
may be delayed. Repeated attacks could tarnish reputations, causing even
greater losses.
Back Doors
A back door is a program or set of instructions in a program
that allow users to bypass security controls when accessing a program, computer
or network. Once perpetrators gain access to unsecure computers, they often
install a backdoor or modify an existing program to include a back door, which
allows them to continue to access the computer remotely without the user’s
knowledge. A rootkit can be a back door. Some worm leave back doors, which have
been used to spread other worms or to distribute spam from other unsuspecting
victim computers.
Programmers often build back doors into programs during
system development. These back doors save development time because the
programmers can bypass security controls while writing and testing programs.
Similarly, a computer repair technician may install a back door while troubleshooting
on a computer. If a programmer or computer repair technician fails to remove a
back door, a perpetrator could use the back door to gain entry to a computer or
network.
Spoofing
Spoofing attack is a technique which intruders use to make their
network or Internet transmission appear legitimate to a victim computer or
network. Two common types of spoofing schemes are:
Email spoofing:
Email spoofing occurs
when the sender’s address or other components of an email header are altered so
that it appears that the email message originated from a different sender.
Email spoofing often used in virus hoaxes, spam and phishing scams.
IP Spoofing:
IP spoofing occurs
when an intruder computer fools a network into believing its IP address is
associated with a trusted source. Perpetrators of IP spoofing trick their victims
into interacting with the suspicious website. For example, the victim may
provide confidential information or download files containing viruses, worms or
other malware.
Thank you for giving polite and prudent comments. Admin will not be responsible for any comments on this blog. All comments are personal views and opinions of individuals who leave a comment. ConversionConversion EmoticonEmoticon