Wednesday, 9 November 2011

Computer Security Threats


This page provides basic information on computer security threats. The computer security threats covered here are:

Viruses
Macro Viruses
Trojan Horses
Worms
Zombies
Phishing
Internet Based Attacks
Viral Web Sites
Spyware, Adware and Advertising Trojans
Virus Hoaxes
Unsecured Wireless Access Point
Bluesnarfing
Social Engineering
Microsoft Office Document Metadata

Viruses

A software virus is a parasitic program written intentionally to alter the way your computer operates without your permission or knowledge.
A virus attaches copies of itself to other files such as program files or documents and is inactive until you run an infected program or open an infected document. When activated, a virus may damage or delete files, cause erratic system behaviour, display messages or even erase your hard disk.
A virus may spread through email and instant messenger attachments, through infected files on floppy disks or CD-ROMs, or by exploiting a security flaw in Microsoft Windows.

Macro Viruses

Macros are simple programs that can be written to automate repetitive tasks in a document or make calculations in a spreadsheet. Macros can be written in documents created by Microsoft Word, in spreadsheets created by Microsoft Excel and in many other kinds of documents.
Macro viruses are malicious macro programs that are designed to replicate themselves from file to file and can cause damage to the files on your computer. They spread whenever you open an infected file.

Trojan Horses

Trojan horses are programs that appear to serve some useful purpose or provide entertainment, which encourages you to run them. But these programs also serve a covert purpose, which may be to damage files, to place a virus on your computer or to allow a hacker to gain access to your machine. More commonly these days, you can be enticed into running a Trojan by clicking a link on a viral web site or in an email.
Trojans that allow a hacker to gain access to your machine, called Remote Access Trojans (RATs), are particularly prevalent at the moment. Over 50% of all spam (unsolicited email) is sent from home or work computers that have been compromised by RATs.
A Trojan horse is not a virus because it does not replicate and spread like a virus.

Worms

Worms are programs that replicate and spread, often opening a back door to allow hackers to gain access to the computers that they infect.
Worms can spread over the Internet by expoiting security flaws in the software of computers that are connected to the Internet. Worms can also spread by copying themselves from disk to disk or by email.

Zombies

A Zombie is a dormant program that lies inactive on a computer. It can be activated remotely to aid a collective attack on another computer. Zombies don’t normally damage the computer on which they reside but can damage other computers.
Zombies often arrive as email attachments and when the attachment is opened they install themselves secretly and then wait to be activated.

Phishing

A Phishing attack is when you are are sent an email that asks you to click on a link and re-enter your bank or credit card details. These emails can pretend to be from banks, Internet service providers, on-line stores and so on, and both the email and the web site it links to appear genuine. When you enter your bank or credit card details they are then used fraudulently.

Internet Based Attacks

While your computer is connected to the Internet it can be subject to attack through your network communications. Some of the most common attacks include:
  • Bonk – An attack on the Microsoft TCP/IP stack that can crash the attacked computer.
  • RDS_Shell – A method of exploiting the Remote Data Services component of the Microsoft Data Access Components that lets a remote attacker run commands with system privileges.
  • WinNuke – An exploit that can use NetBIOS to crash older Windows computers.

Viral Web Sites

Users can be enticed, often by email messages, to visit web sites that contain viruses or Trojans. These sites are known as viral web sites and are often made to look like well known web sites and can have similar web addresses to the sites they are imitating.
Users who visit these sites often inadvertently download and run a virus or Trojan and can then become infected or the subject of hacker attacks.

Spyware, Adware and Advertising Trojans

Spyware, Adware and Advertising Trojans are often installed with other programs, usually without your knowledge. They record your behaviour on the Internet, display targeted ads to you and can even download other malicious software on to your computer. They are often included within programs that you can download free from the Internet or that are on CDs given away free by magazines.
Spyware doesn’t usually carry viruses but it can use your system resources and slow down your Internet connection with the display of ads. If the Spyware contains bugs (faults) it can make your computer unstable but the main concern is your privacy. These programs record every step that you take on the Internet and forward it to an Ad Management Centre which reviews your searches and downloads to determine your shopping preferences. The Ad Management Centre will build up a detailed profile of you, without your knowledge, and can pass this on to third parties, again without your knowledge. Some Spyware can download more serious threats on to your computer, such as Trojan Horses.

Virus Hoaxes

Virus hoaxes are messages, usually sent by email, that amount to little more than chain letters. They pretend to alert you to the latest "undetectable" virus and simply waste your time and Internet bandwidth. The best course of action is to delete these hoaxes - they can cause genuine fear and alarm in the disabled, elderly and other vulnerable groups.

Unsecured Wireless Access Points

If a wireless access point, e.g. an ADSL (Broadband) Router, hasn't been secured then anyone with a wireless device (laptop, PDA, etc) will be able to connect to it and thereby access the Internet and all the other computers on the wireless network.

Bluesnarfing

The act of stealing personal data, specifically calendar and contact information, from a Bluetooth enabled device.

Social Engineering

Tricking computer users into revealing computer security or private information, e.g. passwords, email addresses, etc, by exploiting the natural tendency of a person to trust and/or by exploiting a person's emotional response.
Example 1: Spammers send out an email about victims of child abuse and provide a link to click in the email for further information or to help the victims. When the link is clicked the spammers know the email address is "live" and add it to their live list which they then use to target their spam.
Example 2: A company computer user is tricked into revealing the network password by someone on the telephone who is impersonating the voice of an employee in authority and who has a story of distress.

Microsoft Office Document Metadata

The average Microsoft Word, Excel, etc document includes hidden metadata with details of who created it, who has worked on it, when it has been amended and quite possibly the text of all those changes as well. Viewing a Word document in a text editor can reveal the metadata in plain text at the start and finish of the document.

No comments:

Post a Comment