Tuesday, December 2, 2014

6.6 Cyberattacks & Malware


•Networks and computer systems are susceptible to attacks by all kinds of malware.

•Some common cyberthreats are denial-of-service attacks; viruses; worms; Trojan horses; rootkits and backdoors; blended threats; zombies; ransomware; and time, logic, and email bombs.

Cyberthreats:
>Denial of Service Attack
-Consists of making repeated requests of a computer or network device, thereby overloading it and denying access to legitimate users.
-Used to target particular companies or individuals.
>Virus
-Deviant program that hides in a file or a program on a disk, flash memory drive, in an e-mail, or in a web link and that causes unexpected effects such as destroying or corrupting data.
-Usually attached to an executable file that you must run or open (to activate the virus).
>Worms
-A program that copies itself repeatedly into a computer’s memory or disk drive.
-May copy itself so much it crashes the infected computer.
>Trojan Horses  
-Programs that pretend to be a useful program such as a free game or a screensaver but that carry viruses or malicious instructions that damage your computer or install a backdoor or spyware.
-Backdoors and spyware allow others to access your computer without your knowledge.



>Rootkits
-In many computer operating systems, the “root” is an account for system administration. A “kit” is the malware secretly introduced into the computer. A rootkit gives an attacker “super powers” over computers—for example, the ability to steal sensitive personal information.


>Blended Threats
-A blended threat is a more sophisticated attack that bundles some of the worst aspects of viruses, worms, Trojan horses, and other malware into one single threat. Blended threats can use server and Internet vulnerabilities to initiate, then transmit and also spread an attack. Blended threats are designed to use multiple modes of transport—email, flash drives, networks, and so on.
>Zombies & Bots
-A botmaster uses malware to hijack hundreds to many thousands of computers and is able to remotely control them all, including the ability to update the malware and to introduce other programs such as spyware. Hijacked computers are called zombies.
-A botnet (robot network) is a network of computers in which each computer has been implanted with instructions to wait for commands from the person controlling the botnet.
>Ransomeware
-A botnet may be used to install ransomeware, which holds the data on a computer or the use of the computer hostage until a payment is made. Ransomware encrypts the target’s files, and the attacker tells the victim to make a payment of a specified amount to a special account to receive the decryption key.

Time, Logic, & Email Bombs : A time bomb is malware programmed to “go off” at a particular time or date. A logic bomb is “detonated” when a specific event occurs—for example, all personnel records are erased when an electronic notation is made that a particular person was fired. Email bombs overwhelm a person’s email account by surreptitiously subscribing it to dozens or even hundreds of mailing lists.

Phone Malware : Worms and viruses and other malware are attacking smartphones. The most common type of cellphone infection occurs when a cellphone downloads an infected file from a PC or the Internet, but phone-to-phone viruses are also on the rise.
-Infected files usually show up disguised as applications such as games, security patches, add-on functionalities, and free stuff. Future possibilities include cellphone spyware—so someone can see every number you call and listen to your conversations—and viruses that steal financial information, which will become more serious as smartphones are used as common payment devices.

Cyberthreats (continued) :
>Cellphone Malware
-Spread via Internet downloads, MMS attachments, and Bluetooth transfers
-Usually show up disguised as applications such as games, security patches, add-on functionalities, erotica, and free programs
-Protect your phone:
      1. Turn off Bluetooth discoverable mode
      2. Check security updates to learn about filenames to watch out for
      3. Install security software

#How they spread
-Via e-mail attachments
-By infected disks and flash drives
-By clicking on infiltrated websites
-By downloading infected files from websites
-Through infiltrated Wi-Fi hotspots
-From one infected PC on a LAN to another



#What can you do about it?
-Install antivirus and firewall and subscribe to the manufacturer’s automatic
antivirus update service.







Online Safety
-Use antivirus software, and keep it current
-Install a firewall to monitor network traffic and filter out undesirable types of traffic and undesirable sites
-Don’t use the same password for multiple sites
-Don’t give out any password information
-Use robust passwords:
     1. Minimum 8 characters with letters, numbers, characters
     2. 4cats is not a good password; f0UrK@tTz  is safer
     3. Use biometric identification
     4. Use encryption
-Install antispyware software
-Encrypt financial and personal records so only you can read them
-Back up your data, so if your PC is attacked and must be reformatted, you can restore your data
-Never download from a website you don’t trust
-Consider biometric authentication
-Encryption : Process of altering readable data into unreadable form to prevent unauthorized access
    1. Uses powerful mathematical ciphers to create coded messages that are difficult to break
    2. Unencrypted messages are known as plain text
    3. Encrypted text is known as cybertext
    4. You use an encryption key to encrypt and decrypt codded messages