It is a dangerous world out there in the World Wide Web. Just as our mother tells never talk to strangers,the same advice holds true for the virtual world also. We must know to be alert and watchful of giving strangers our business bank account details and other very important information. Can we be sure the website we are logging into is that of our bank and not a forgery created by a cyber criminal? Cyber criminals use many different methods to lure us into parting with our confidential personal or business information. As a small company doing business on the web,we need to be aware of these methods so that we can be extra careful and guarded when online. Cyber crime is now big business and criminals are looking to steal information such as financial details,credit card information,personal details or any other information which they can sell or trade. These criminals are becoming more and more sophisticated and employ many different methods of attacking our computer networks.
2015 is expected to continue the 2014 trend of increasing size,scope,and concentration of security attacks on computer networks nationwide.The volume of attacks from international sources will continue to increase,as will the sophistication of application level attacks.These will be directed towards high traffic websites(news sites or social networking sites)that when compromised will install malware to a large numbers of users. Bandwidth consumption will percolate higher in the list of IT challenges for organizations of all sizes as more and more users download HD video and graphics rich content. I am listing what I believe are the top threats available in internet and which affects and disrupts the normal functioning of our life. By identifying this threats we can limit our exposure to them.
MALWARE: Malware is short for ”malicious software”. It is a term used to mean a “variety of forms of hostile,intrusive or annoying software or program code.” Malware could be computer viruses,worms,trojan horses,dishonest spyware and malicious rootkit. Malware is a steady threat effecting us.
COMPUTER VIRUS: A computer virus is a small piece of software that can spread from one infected computer to another.The virus could corrupt,steal or delete data on our computer-even erasing everything on our hard drive.A virus could also use other programs like our email program to spread itself to other computers.
ROGUE SECURITY SOFTWARE: Have you ever seen a pop-up window that advertises a security update or alert?it appears legitimate and ask us to click on a link to install the “update”or “remove” unwanted malicious software that it has apparently detected.This could be Rogue Security Software designed to lure the people into clicking and downloading malicious software.Microsoft has a useful web-page that describes Rogue Security Software and how we can protect our self.
TROJAN HORSE: Users can infect their computers with Trojan Horse software simply by downloading an application they thought was legitimate but was in fact harmful.Once inside our computer,a Trojan Horse can do anything from record our passwords by logging keystrokes,which is an application or software which is known as a Keystroke Logger to hijack our web-cam to watch and record our every move.One of study reports that well funded cyber criminals executed a full-scale assault on authentication,leverage widespread infection of end-user computers with breaking Trojans to sneak into online banking accounts completely undetected.
MALICIOUS SPYWARE: Malicious Spyware is used to describe the trojan application that was created by cyber criminals to spy on their victims.An example would be Keylogger Software that records a victim’s every key stroke on his or her keyboard.The recorded information periodically send back to the originating cyber criminal over the internet.Key Logging Software is widely available and is marketed to parents or businesses that want to monitor their kids’ or employees’ internet usage.
COMPUTER WORM: A computer worm is a software program that can copy itself from one computer to another,without human interaction.Worms can replicate in great volume and with great speed.For example,a worm can send copies of itself to every contact in our email address books.Because of their speed of infection,worm often gain notoriety overnight infecting computers across the globe as quickly as victims around the world switch them on and open their email.This happened with the conficker worm(also known as Downadup),which,in just four days,had more than tripled the number of computers it infected to 8.9 million.
BOTNET: A botnet is a group of computers connected to the Internet that have been compromised by a hacker using a computer virus or Trojan horse.An individual computer in the group is known as a”zombie”computer.The botnet is under the command of a”bot herder”or a”bot master”,usually to perform criminal activities.This could include distributing spam to the email contact addresses on each zombie computer,for example.If the botnet is sufficiently big in number,it could be used to access a targeted websites simultaneously in what’s known as adenial-of-service (DoS) attack.
SPAM: Spam in the security context is primarily used to describe email spam-unwanted messages in our email inbox. Spam or electronic junk mail is a nuisance as it can clutter our mailbox as well as potentially take up space in our email server.Unwanted junk mail advertising items we don’t care for is harmless,relatively speaking.However,Spam messages can contain links that when clicked on would go to a website that installs harmful software onto our computer.
PHISHING: Phishing scams are fraudulent attempts by cyber criminals to obtain private information.Phishing scams often appears in the guise of email messages designed to appear as though they are from legitimate sources.For example,the message would try to lure us into giving our personal information by pretending that our bank or email service provider is updating its website and that we must click on the link in the email to verify our account information and password details.
ROOTKIT: According to the TechTarget,a rootkit is a collection of tools that are used to obtain administrator-level access to a computer or a network of computers.A rootkit could be installed on our computer by a cyber criminal exploiting a vulnerability or security hole in a legitimate application on our PC and may contain spyware that monitors and records keystrokes.Rootkits gained notoriety when,in 2005,a security blogger discovered that a copy-protection tool inside music CDs from Sony BMG Music Entertainment was secretly installing a rootkit when users copied the CD onto their computers.At the time,security expert Bruce Schneier warned that the rootkit could allow a hacker to gain and maintain access to our system and we could not know it.
These are perhaps the most common security terms we will come across to describe the different methods cyber criminals use.