Chapter 4: Cyber-Attacks & Malwares
- As opposed to hackers, who do break-ins for
Computer Security Risk
- It is any event or action that could cause a
loss or damage to computer hardware,
software, data, information, or processing
capability.
- While some breaches to computer security
are accidental, many are intentional.
An intentional breach of computer security often
involves a deliberate act that is against the law.
Any illegal act involving a computer generally is
referred to as a computer crime. The term
cybercrime refers to online or Internet-based illegal
acts. Today, cybercrime is one of the FBI’s top three
priorities.
CYBER INTRUDERS
HACKERS
- As computer enthusiasts, people who enjoy
learning programming languages and
computer systems.
- As people who gain unauthorized access to
computers or networks, often just for the
challenge of it.
Two types of hackers who break into computers for
relatively benign reason:
A. Thrill-seeker hackers: Hackers who illegally
access computer systems simply for the challenge
of it. Although they penetrate computers and
networks illegally, they don’t do any damage or
steal anything; their reward is the achievement of
breaking in.
B. White-hat hackers: They are usually computer
professionals who break into computer systems and
networks with the knowledge of their owners to
expose security flaws that can then be fixed.
Kevin Mitnick (“The World’s Most Famous
Hacker”), for instance, became a tech security
consultant after serving five years in prison for
breaking into corporate computer systems in the
mid-1990s.
CRACKERS
more or less positive reasons.
- Crackers are malicious hackers, people who
break into computers for malicious purposes
- to obtain information for financial gain,
shut down hardware, pirate software, steal
people’s credit information, or alter or
destroy data.
FOUR CLASSES OF CRACKERS:
A. SCRIPT KIDDIES
- Mostly teenagers without much technical
expertise who use downloadable software or
source code to perform malicious break-ins.
- Also called as “script bunnies” use
published source code to construct viruses.
B. HACKTIVISTS
- They are are “hacker activists. ” People
who break into a computer system for a
politically or socially motivated purpose.
C. BLACK-HAT HACKERS
- Those who break into computer systems to
steal or destroy information or to use it for
illegal profit.
- The people behind the increase in
cyberattacks on corporate networks.
D. CYBERTERRORISTS
- Cyberterrorism, according to the FBI, is
any “premeditated, politically motivated
attack against information, computer
systems, computer programs, and data
which results in violence against
noncombatant targets by sub-national
groups or clandestine agents. ”
TROLLS
According to the Digital Freedom Network, an
internet troll is one who posts controversial
opinions with the intention to incite anger from
others in order to distract people from the real
controversies.
 - Support a certain candidate and undermine
opposing candidates.
- They may also tag certain groups to support
opposing political groups. Usually, they
would set up a fake social media account in
order to retain their anonymity and escape
prosecution.
THIEVES
- Thieves work is simply by gathering as
much personal data about a person as they
can. To some extent, it is impossible to
avoid personal data about you being made
public. For example, court records are
public records and many courts now have
records available online.
- They tend to be target-rich environments for
personal information. There are a few things
you can do to decrease the chances of an
identity thief getting personal information
about you via a social-networking site: Keep
most of your information private and share
it only with friends.
CORPORATE SPIES
- have excellent computer and networking
skills and are hired to break into a specific
computer and steal its proprietary data and
information. Unscrupulous companies hire
corporate spies, a practice known as
corporate espionage, to gain a competitive
advantage.
UNETHICAL EMPLOYEES
- break into their employers’ computers for a
variety of reasons. Some simply want to
exploit a security weakness. Others seek
financial gains from selling confidential
information. Disgruntled employees may
want revenge.
CYBEREXTORTIONIST
- Some who uses E-mail as a vehicle for
extortion. These perpetrators send an
organization a threatening E-mail message
indicating they will expose confidential
information, exploit a security flaw, or
launch an attack that will compromise the
organization’s network - if they are not paid
a sum of money.
MALWARE (Malicious Software)
- A program that acts without a user’s
knowledge and deliberately alters the
computer’s operations.
- A generic term for any software that affects,
or attempts to effect, some malicious
purpose.
CELLPHONE MALWARE
- A cellphone virus is basically the same thing
as a computer virus: an unwanted executable
file that “infects” a device and then copies
itself to other devices.
- But whereas a computer virus or worm
spreads through email attachments and
internet downloads, a cellphone virus or
worm spreads via internet downloads, MMS
attachments, and Bluetooth transfers.
- The most common type of cellphone
infection right now occurs when a cellphone
downloads an infected file from a PC or the
internet, but phone- to- phone viruses are on
the rise.
HOW MALWARE IS SPREAD?
Worms, viruses, and Trojan horses are passed in the
following ways:
● By infected floppies or CDs: The first way
is via an infected floppy disk or CD, perhaps
from a friend or a repair person.
● By opening unknown email attachments:
The second way is from an email
attachment.
● By clicking on infiltrated websites: Some
crackers “seed” web pages with contagious
malware that enables them to steal personal
data, so that by simply clicking on a website
you can unwittingly compromise your PC.
 ● Through infiltrated Wi-Fi hot spots: As
mentioned earlier, if you’re a user of Wi-Fi
wireless access points, or hot spots, you
have to be aware that your laptop or PDA
could be exposed to wireless transmitted
diseases from illegal users.
KINDS OF MALWARE
1. DENIAL-of-SERVICE ATTACKS
- A denial-of-service (DoS) attack, or
distributed denial-of-service (DDoS) attack,
consists of making repeated requests of a
computer system or network, thereby
overloading it and denying legitimate users
access to it.
2. WORMS
- A worm is a program that copies itself
repeatedly into a computer’s memory or
onto a disk drive.
- A worm known as Conficker or
Downadup, spread through a Microsoft
Windows vulnerability that allowed
guessing of network passwords and by
people hand-carrying such gadgets as USB
keys, infected millions of computers.
3. VIRUS
- A virus is a “deviant program, stored on a
computer floppy disk, hard drive, or cd, that
can cause unexpected and often undesirable
effects, such as destroying or corrupting
data.
- The most well-known malware is the virus.
Technically speaking, a virus is any
software that self-replicates.
4. TROJAN HORSES
- A Trojan horse is a program that pretends to
be a useful program, usually free, such as a
game or screen saver, but carries viruses, or
destructive instructions, that perpetrate
mischief without your knowledge. One
particularly malicious feature is that a
Trojan horse may allow so-called backdoor
programs to be installed.
Backdoor Program
- is an illegal program that allows illegitimate
users to take control of your computer
without your knowledge.
5. LOGIC BOMB
- A logic bomb is a program that lies dormant
until a specific logical criterion is met. That
criterion could be a certain date, a certain
user logging onto the system, or a certain
threshold being reached (a certain number of
files or number of users being reached). A
logic bomb could also be programmed to
wait for a certain message from the
perpetrator.
6. ROOTKIT
- A rootkit will usually attempt to gain root or
administrator access. But the name has
come to mean any program that works to
hide the fact that the infected machine has
been infected. That means any virus, worm,
logic bomb, or Trojan horse that hides its
presence and covers its tracks could be
considered a rootkit.
7. SPYWARE
- Spyware is software that monitors a
user'scomputer activity surreptitiously,
collecting various types of information,
including keystrokes, passwords, browsing
history, and more. This software can be used
for legitimate purposes, such as parental
monitoring or employee oversight, but it is
also commonly associated with malicious
activities, posing a significant threat to user
privacy and security. Spyware may be
installed on a computer without the user's
knowledge and can transmit gathered data to
external parties, making it a potent tool for
unauthorized data collection and potential
harm.
FORMS OF SPYWARE:
a. ADWARE OR POP-UP GENERATORS
- A kind of spyware that tracks web surfing or
online buying so that marketers can send
you targeted and unsolicited pop-up and
 other ads. This is the most common, and
benign, type of spyware.
b. BROWSER HIJACKERS & SEARCH
HIJACKERS
- More damaging kinds of spyware are
browser hijackers, which change settings in
your browser without your knowledge, often
changing your browser’s home page and
replacing it with another web page, and
search hijackers, which intercept your
legitimate search requests made to real
search engines and return results from
phony search services designed to send you
to sites they run.
- Before using any removable media, scan the
media for malware. Follow this procedure
even for shrink-wrapped software from
major developers. Some commercial
software has been infected and distributed to
unsuspecting users.
- Install a personal firewall program.
- Stay informed about new virus alerts and
virus hoaxes.

c. KEY LOGGERS
- They can record each character you type and
transmit that information to someone else on
the internet, making it possible for strangers
to learn your passwords and other
information.

Tips for Preventing Viruses and Other

Malware

- Never start a computer with removable

media inserted in the drives or plugged in
the ports, unless the media are uninfected.

- Never open an e-mail attachment unless you

are expecting it and it is from a trusted
source.

- Set the macro security in programs so that

you can enable or disable macros. Enable
macros only if the document is from a
trusted source and you are expecting it.

- Install an antivirus program on all of your

computers. Update the software and the
virus signature files regularly.

- Scan all downloaded programs for viruses

and other malware.

- If the antivirus program flags an e-mail

attachment as infected, delete or quarantine
the attachment immediately.