Skip to main content

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks

Know Your Enemy: From Adware to Worms, the Whats and Hows of Common Cyber Attacks Cyber crime is no longer the province of the computer super-geek. In fact, it can almost be said to have gone mainstream with exploit lists, downloadable network tools and scripts – even hacking IT supportall available online at bargain prices.
As with any threat to our homes and businesses, knowing the nature of the threat we face helps us to minimize the danger.
Unless you are working for a big company or organization, it is unlikely that you will face a concerted cyber-attack, but there are enough nasties out there to cause damage and loss to your sensitive data if you don’t take the right precautions.

Six types of malware and how they work

The term ‘malware’ simply stands for ‘malicious software’ and is an umbrella term for all the harmful pieces of computer code designed to steal data, cause disruption or take control of devices.

1. Adware

Adware is simply software that contains integrated advertising materials often in the form of pop-ups or other visually prominent material. Adware can be a gray area as it is often legitimately included as part of a bundle to allow a service to be used free of charge or at a reduced price.
However, if you are tricked into downloading adware, if it is designed to be difficult or impossible to remove or if it downloads itself through browser vulnerabilities, it can rightly be thought of as malware.

2. Ransomware

Ransomware is a popular form of malware that is characterized by two things: it locks away or threatens to delete data as it asks for money – usually in a cryptocurrency like Bitcoins – to save or unlock it. Ransomware can take the form of a Trojan horse, virus, worm, or blended attack. (See below.) The May 2017 WannaCry attack was an example of a ransomware worm.

3. Spyware

Spyware often comes packaged with adware. Its purpose is to covertly collect data and pass it back to the author of the code.

4. Trojan Horse

Adware, ransomware and spyware are defined by what they do whereas trojan horses, viruses and worms are defined by how they work. A trojan horse is a malicious program that is designed to mimic another type of program (e.g. an anti-virus, screensaver, etc.) in order to avoid detection.
Unlike viruses and worms, trojan horses are rarely able to replicate themselves but are often used to steal data, alter or damage files, or create a ‘back door’ to facilitate remote control. Remote controlled devices are often recruited as part of a ‘botnet’ for launching attacks on other devices or networks.

5. Virus

A virus is a piece of code with the ability to replicate itself. It is introduced into another program and runs when that program is executed. Since most viruses reside on an executable file, they need to be activated by the recipient before they can do their damage. However, there is a subset of viruses that need no human assistance to spread.

6. Worm

Unlike its namesake, a computer worm is actually a type of self-sending virus that uses a system’s inbuilt transport features to infect further devices before replicating itself. A worm’s main method of attack is via system vulnerabilities, but authors may use social engineering tactics (see below) to initially introduce the malware into an unsuspecting victim’s device.
A blended attack uses one or more of the above methods and can be extremely potent once installed.

 Attack Strategies

There are two main attack vectors through which malware gains access to devices and networks:

1. Drive-by download/install

Drive-by attacks generally target vulnerabilities in browsers or insecure third-party API calls. The malware is introduced simply by browsing an infected website and may be encrypted to foil anti-virus programs. Most drive-by downloads can be thwarted by ensuring operating systems have been updated with the latest security patches.

2. Social engineering (phishing and pharming)

Whereas drive-by attacks can be triggered automatically or with minimal human input, social engineering attacks rely on human behavior to bypass safeguards. Phishing is the most widely mentioned tactic for targeting computer users. This is the practice of hiding malware behind emails or websites designed to look like legitimate organizations (banks, tax collection services, social media sites, shopping sites, etc.).
The strategy offers either a reward (prize, free gift, voucher, etc.) or a warning (stolen data, compromised password, etc.) in the hope that the recipient will drop their guard and click a link, download a file, or execute a similar action. Avoiding phishing attacks is best achieved through security education.
Pharming is an even more insidious tactic in that it poisons the host computer’s DNS cache or even an ISP’s DNS server so that a browser is redirected to a fake version of an intended website.
If you are concerned about any aspect of cyber security, you may wish to consider investing in high-quality IT consulting for tailored advice on creating an action plan for your business.

Comments

Popular posts from this blog

Hidden Wiki

Welcome to The Hidden WikiNew hidden wiki url 2015 http://zqktlwi4fecvo6ri.onion Add it to bookmarks and spread it!!!
Editor's picks Bored? Pick a random page from the article index and replace one of these slots with it.
The Matrix - Very nice to read. How to Exit the Matrix - Learn how to Protect yourself and your rights, online and off. Verifying PGP signatures - A short and simple how-to guide. In Praise Of Hawala - Anonymous informal value transfer system. Volunteer Here are five different things that you can help us out with.
Plunder other hidden service lists for links and place them here! File the SnapBBSIndex links wherever they go. Set external links to HTTPS where available, good certificate, and same content. Care to start recording onionland's history? Check out Onionland's Museum Perform Dead Services Duties. Introduction PointsAhmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database). DuckDuckGo - A Hidden S…

Explainer: The nico-teen brain

Explainer: The nico-teen brain The adolescent brain is especially vulnerable to the addictive effects of nicotine BY  TERESA SHIPLEY FELDHAUSEN 7:00AM, AUGUST 19, 2015 Nicotine (black triangle towards center left) tricks the nerve cell (neuron) into sending a message to release more dopamine (yellow dots). Those molecules enter the space (synapse) between one nerve cell and the next. When they get picked up by neighboring cells, this gives users a feel-good high. It also creates the risk of addiction and other health problems.  EMail Print Twitter Facebook Reddit Google+ NATIONAL INSTITUTE ON DRUG ABUSE, ADAPTED BY J. HIRSHFELD Nicotine is the addictive chemical in tobacco smoke and e-cigarette vapors. And doctors say the teenage brain is no place for it to end up. Nicotine can reach the brain within seven seconds of puffing on a cigar, hookah, cigarette or electronic cigarette.
The area of the brain responsible for emotions and controlling our wild impulses is known as the prefrontal c…

fix idm integration on chrome

Chrome Browser IntegrationI do not see IDM extension in Chrome extensions list. How can I install it? 
How to configure IDM extension for Chrome?Please note that all IDM extensions that can be found in Google Store are fake and should not be used. You need to install IDM extension manually from IDM installation folder. Read in step 2 how to do it.

1. Please update IDM to the latest version by using "IDM Help->Check for updates..." menu item

2. I don't see "IDM Integration module" extension in the list of extensions in Chrome. How can I install it?

Press on Chrome menu (arrow 1 on the image), select "Settings" menu item (arrow 2 on the image) and then select "Extensions" tab (arrow 3 on the image). After this open IDM installation folder ("C:\Program Files (x86)\Internet Download Manager" by default, arrow 4 on the image) and drag and drop "IDMGCExt.crx" (arrow 5 on the image) file into "Extensions" page opened in…