These may include social engineering and phishing threats; viruses, worms and Trojan horses; and denial of service system attacks.
Social engineering is defined as a process whereby con artists try to get users to inadvertently reveal data that can then be used on networks or systems. This might be by getting the user to respond to a spammy advertisement promising what it could never deliver, or by inducing you to click on an email attachment which then could spam to everyone in your email address book. Other attacks along this line include “shoulder surfing”, which involves peering over the user’s shoulder in an attempt to discover useful data such as login ID’s and passwords, or bank account credentials.
Phishing is along the same line, but the hackers attempt to trick the user into turning over sensitive personal financial data such as website login credentials or other confidential information.
A common ploy is an email supposedly from an online shopping service such as EBay, PayPal or Amazon that attempt to get the user to go to a “lookalike” page and enter their user credentials. This has the possibility of allowing fraudulent purchases or financial transfers.
A Trojan horse looks innocent, but contains malicious code which can often create an entry into the infected machine. This infected machine then might be used to spread viruses, which are pieces of malicious code which are written to damage the host machine in some way. This could be an action as simple as displaying the contents of a file such as “All your base are belong to us”, corrupting or deleting system files or user data, or to turn the machine into a “zombie” which can then infect other machines or be used as mail replay points to send out massive amounts of spam. Worms are similar in intent to viruses, but while viruses require the user to activate them, worms are self-replicating and require no user action once placed on the host system. Worms can also be used to exhaust system resources.
A denial of service attack (DoS) is an attack that causes a system to not be available for its intended users. This usually involves a loss of connectivity due to consuming all available bandwidth or by consuming all the resources of a web server. A distributed denial of service attack (DDoS) is organized by “zombie” home computers caused by a computer worm which opened an exploit in the affected computers. These legions of harnessed zombie machines can then be used to deny services on even the largest websites across the internet.
No comments:
Post a Comment