Download presentation
Presentation is loading. Please wait.
Published byCorey Parsons Modified over 9 years ago
1
CHAPTER 2 KNOW YOUR VILLAINS
2
Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes and manner of communication Why do the write it: Challenge To become famous Steal intellectual property from corporations Destroy corporate data Promote fraudulent activity Spy on other countries Create networks of corporate systems Steal identities Steal money
3
Virus – A piece of code that makes copies of itself. A single computer infected with a virus can infect hundreds of thousands of other computer Your machine can be infected if you: Share infected CDs Download and run infected software from the Internet Open infected e-mail attachments Open infected files on a USB drive Over 200 new viruses, Trojans and other threats appear ever day.
4
Signature – A unique pattern of bits that antivirus sofware uses to identify a virus. Payload – A subset of instructions that usually does something nasty to your computer system. Can destroy or change your data Change system settings Send out your confidential information Initiate a denial of service (DoS) attack
5
Worm – A standalone malware program that copies itself across networks. A worm transmits itself between machines across a network. A virus attaches itself to files. How do you get a worm? From the Internet through a security flaw Some require no action by the user, you may just surf a website that is infected Worms are extremely fast Once a security flaw is found they can be released before a patch can be released
6
Script kiddie – A low-talent hacker (often a teenager) who uses easy, well-known techniques to exploit Internet security vulnerabilities. In the hacker community, being called a script kiddie is a major insult. Write and release variants of worms Don’t have the same skill or creativity needed to actually create a worm or virus. Variant – A mutated form of a virus or worm.
7
Trojan Horses – Camouflages itself as something harmless or desirable. Once in your computer opens a “back door” and lets attackers in. Back door allows someone else to control your computer system and/or access your files without your permission or knowledge Allows the attackers to return later and steal confidential information or to use your machine to steal others’ information Zero Day attack – An attack that takes advantage of a security hole for which there is no current patch.
8
Blended threat – A form of malware that includes more than just one attack. It could include a virus, worm and Trojan horse. Causes more damage than just one piece of malware alone. Zombie or Bot – A computer that’s been compromised by a piece of code that allows it to be controlled remotely without the computer owner’s knowledge.
9
Bot network – A collection of remotely controlled bots. Hackers use bot networks to launch attacks against other computers. Used to launch DoS attacks DoS – A denial of service attack. In a DoS attack, the victim is flooded with so much Internet traffic that legitimate users can’t get through. How to stop it? Apply current patches Make sure anti-virus software is up to date Must have anti-spyware and anti-adware software also Use a well defined firewall
10
Social engineering – Using general knowledge of human behavior to trick users into breaking their own security rules. Email that appears to come from someone you know Email may be a joke Curiosity
11
Install a top-rated antivirus package and keep it updated using the automatic updat option Install patches to ALL software you use including your browsers, plug-ins and utility programs Download software only from first-party websites (the publishers) Be very careful about free downloads Be very careful of e-mail from people you don’t know. Never open attachments to emails of unknown origin. Be careful of e-mail from people you do know. Some attacks appear to come from people you know. Some worms resend themselves to every person in a victims address book. Don’t open attachments you weren’t expecting no matter who it’s from.
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.