Living in the Information Technology Era Gutierrez, Jhamil G.

Common Security Threats & Best Practices Educational Handout

COMMON SECURITY THREATS

Hackers and Attackers are related terms for individuals who have the skills to gain access to computer
systems through unauthorized or unapproved means.

A hacker is an individual who uses computer, networking, or other skills to overcome a technical problem.
The term also may refer to anyone who uses their abilities to gain unauthorized access to systems or
networks in order to commit crimes. A hacker may, for example, steal information to hurt people via
identity theft or bring down a system and, often, hold it hostage in order to collect a ransom.
Attacker is a term that always represents a malicious system intruder.
White Hat - These types of hackers are purely Ethical hacker, who discovers and exposes security flaws in
applications and operating systems so that manufacturers can fix them before they become widespread
problems. It is sometimes called an ethical hack.
Black Hat - hacker who discovers and exposes security vulnerabilities for financial gain or for some
malicious purpose.
Grey Hat Hacker - They are some in between white hat hacker and black hat hacker. They gains
unauthorized access to computers and target weakness of a computer for fun. Their intent is to bring the
weakness to the attention of the owners and getting appreciation or a little bounty from the owners.
Basically, hacking is to identify the weakness in computer systems, different networks or finding loopholes
in website coding and exploit its weakness to gain excess.

Although, there are some Miscellaneous hackers like Blue Hat Hacker, Green Hat Hacker, Red Hat
Hacker.

How does Hacking Work?

Hackers use technical skills to exploit cybersecurity defenses. Ethical hackers test for cybersecurity
vulnerabilities and may take up hacking as a profession -- for example, a penetration tester (pen tester) -- or
as a hobby. The end goal is often to gain unauthorized access to computers, networks, computing systems,
mobile devices, or internet of things systems. Many professional hackers use their skills to determine
security holes in enterprise systems and then advise where companies should boost their security defenses to
keep threat actors out.
1
Page

Disclaimer: This is an unofficial handout document made purely for educational purposes and may only be used for personal uses. Content may not
properly cite sources from respective authors and publishers. By accessing, you acknowledge its purpose, origin, and unprofessional structure.
Living in the Information Technology Era Gutierrez, Jhamil G.
Common Security Threats & Best Practices Educational Handout

Malware
Any unwanted software that has the potential to damage a system, impede performance, or create a
nuisance condition.

Malware Type Description

Virus A piece of code that spreads from one computer to another by attaching itself to other
files. The code in a virus executes when the file it is attached to is opened.
Frequently, viruses are intended to enable further attacks, send data back to the
attacker, or even corrupt or destroy data.

Worm A piece of code that spreads from one computer to another on its own, not by
attaching itself to another file. Like a virus, a worm can enable further attacks,
transmit data, corrupt, or erase files.

Trojan Horse An insidious type of malware that is itself a software attack and can pave the way for
a number of other types of attacks. There is a social engineering component to a
Trojan horse attack since the user has to be fooled into executing it.

Logic Bomb A piece of code that sits dormant on a target computer until it is triggered by a
specific event, such as a specific date. Once the code is triggered, the logic bomb
detonates, and performs whatever actions it was programed to do. Often, this
includes erasing and corrupting data on the target system.

Spyware Surreptitiously installed malicious software that is intended to track and report the
usage of a target system, or to collect other data the author wishes to obtain. Data
collected can include web browsing history; personal information; banking and other
financial information; as well as usernames and passwords.

Adware Software that automatically displays or downloads advertisements when it is used.

Although not all adware is malicious, many adware programs have been associated
with spyware and other types of malicious software. Also, it can reduce user
productivity by slowing down systems and simply by creating annoyances.

Rootkit Code that is intended to take full or partial control of a system at the lowest levels.
Rootkits often attempt to hide themselves from monitoring or detection and modify
low-level system files when integrating themselves into a system. Rootkits can be
used for non-malicious purposes such as virtualization; however, most rootkit
infections install backdoors, spyware, or other malicious code once they have control
of the target system.

SPAM Spam is an email-based threat that presents various advertising materials,

promotional content, or get rich-quick schemes to users. The messages can quickly
fill a user’s inbox and cause storage issues. Spam can also carry malicious code and
other types of malwares.

Ransomware Ransomware is malicious software that prevents you from using your computer. It
usually displays a message stating that you must pay a fee or face some other
penalty before you can access your files and computer again. Paying the ransom
doesn’t necessarily mean that you will regain access to your files or computer.
2
Page

Disclaimer: This is an unofficial handout document made purely for educational purposes and may only be used for personal uses. Content may not
properly cite sources from respective authors and publishers. By accessing, you acknowledge its purpose, origin, and unprofessional structure.
Living in the Information Technology Era Gutierrez, Jhamil G.
Common Security Threats & Best Practices Educational Handout

Social Engineering
Social engineering attacks are a type of cybercrime wherein the attacker fools the target through
impersonation.

• They rely on the fact that humans can be manipulated.

• They often target sensitive information like login credentials, bank details, or personal information.
• They can involve sending messages, phone calls, emails, or other forms of personal communication
to entice the target to click a malicious link, download infected files, or reveal information.
• The attacker usually investigates the intended victim to gather necessary background information
before the attack.

Type of attack that uses deception and trickery to convince unsuspecting users to provide sensitive data or
to violate security guidelines. It is often a precursor to another type of attack.

Shoulder Surfing - This is a human-based attack where the goal is to look over the shoulder of an
individual as he or she enters password information or a PIN.

Spoofing - This is a human-based or software-based attack where the goal is to pretend to be someone else
for the purpose of identity concealment.

Impersonation - This is a human-based attack where an attacker pretends to be someone he is not.

Hoax - This is an email-based or web-based attack that is intended to trick the user into performing
undesired actions, such as deleting important system files in an attempt to remove a virus.

Phishing - This is a common type of email-based social engineering attack. In a phishing attack, the
attacker sends an email that seems to come from a respected bank or other financial institution.

Vishing - This is a human-based attack where the goal is to extract personal, financial, or confidential
information from the victim by using services such as the telephone system and IP-based voice messaging
services (Voice over Internet Protocol [VoIP]) as the communication medium. This is also called voice
phishing.

Whaling - This is a form of phishing that targets individuals who are known to possess a good deal of
wealth. It is also known as spear phishing.

Spam and Spim - Spam is an email-based threat that presents various advertising materials, promotional
content, or get-rich-quick schemes to users. Spim is an Internet messaging (IM)-based attack similar to spam
that is propagated through IM instead of through email.

Password cracking
Any type of attack in which the attacker attempts to obtain and make use of passwords illegitimately.

Types of password attacks

Guessing - simplest type of password attack and involves an individual making repeated attempts to guess
3

a password by entering different common password values, such as the user’s name, a spouse’s name, or a
Page

significant date.
Disclaimer: This is an unofficial handout document made purely for educational purposes and may only be used for personal uses. Content may not
properly cite sources from respective authors and publishers. By accessing, you acknowledge its purpose, origin, and unprofessional structure.
Living in the Information Technology Era Gutierrez, Jhamil G.
Common Security Threats & Best Practices Educational Handout

Stealing - Passwords can be stolen by various means, including sniffing network communications, reading
handwritten password notes or observing a user in the act of entering the password.

Dictionary Attack - automates password guessing by comparing encrypted passwords against a

predetermined list of possible password values.

Brute Force Attack - the attacker uses password-cracking software to attempt every possible alphanumeric
password combination.

Hybrid Password Attack - utilizes multiple attack vectors including dictionary, brute-force, and other
attack methodologies when trying to crack a password.

Physical Security Issues

Internal - It is important to always consider what is happening inside an organization, especially when
physical security is concerned.

External - It is impossible for any organization to fully control external security threats.

Natural - Although natural threats are easy to overlook, they can pose a significant risk to the physical
security of a facility.

Man-made - Whether intentional or accidental, people can cause a number of physical threats. Man-made
threats can be internal or external.

Environmental threats and vulnerabilities

Fire - it can destroy hardware and therefore the data contained in it.

Hurricane and Tornadoes - major network security threats due to the magnitude of the damage they can
cause to hardware and data.

Flood - another major network security threat that can cause as much damage as fire can.

Extreme Temperature - Extreme temperatures, especially heat, can cause some sensitive hardware
components to melt and degrade, resulting in data loss.

Extreme Humidity - Extreme humidity can cause computer components, data storage media, and other
devices to rust, deteriorate, and degrade, resulting in data loss.

Theft
You must find a way to prevent theft of both data and hardware. The items most often stolen are portable
devices such as laptops, tablets, and smartphones. These pieces of hardware often have highly valuable data
on them. You can physically secure laptops and tablets by using a cable but determined thieves will cut
through a cable.

Another type of theft is theft of software and licensing. Most software has a software license agreement that
allows the user to install and use the software on a single computer.
4
Page

Disclaimer: This is an unofficial handout document made purely for educational purposes and may only be used for personal uses. Content may not
properly cite sources from respective authors and publishers. By accessing, you acknowledge its purpose, origin, and unprofessional structure.
Living in the Information Technology Era Gutierrez, Jhamil G.
Common Security Threats & Best Practices Educational Handout

Apply Security Best Practices

Types of user accounts
• Administrator
• Standard User
• Guest

Authentication
User authentication is a network security measure in which a computer user or some other network
component proves its identity in order to gain access to network resources. There are many possible
authentication methods; one of the most common is a combination of a username and a password.

Password Management Best Practices

A password is your access to your computer, and it should be protected so that the information on your
computer is safe and inaccessible to others.

To create a strong password:

• Use at least seven characters.
• Use a combination of uppercase letters, lowercase letters, numbers, and symbols.
• If you are replacing a previously created password, make sure that your new password is
significantly different from the last one.
• Do not use common words, your name, your username, or other words that people might associate
with you, such as a pet’s name.

Wireless Networking and Security

Whenever possible, use a secured wireless network rather than an open wireless network. Open wireless
networks are a major security risk when accessed directly.

Email Best Practices

▪ If there are noticeable changes to an email account, such as an excess amount of spam or you find that
there have been emails sent from the account that the email account owner was unaware of, then the
computer’s security has been jeopardized.

▪ Avoid selecting links in emails whenever possible. Sometimes an email message looks like it came from a
legitimate source with the correct logos but look for misspellings and bad grammar. This is a good
indication that the message is not actually from specified source.

▪ If you don’t know the sender, do not open any attachments to the email message. Even if you do know the
sender, be careful of opening attachments that you weren’t expecting to receive.

▪ If you discover that your email account has been compromised, the first thing to do is change your
password and alert the network administrator. You should also perform a complete scan of your system with
antivirus software to locate and remove any malware that might have been introduced onto your system.
5
Page

Disclaimer: This is an unofficial handout document made purely for educational purposes and may only be used for personal uses. Content may not
properly cite sources from respective authors and publishers. By accessing, you acknowledge its purpose, origin, and unprofessional structure.
Living in the Information Technology Era Gutierrez, Jhamil G.
Common Security Threats & Best Practices Educational Handout

Cloud Storage Best Practices

Cloud storage has become a very popular method for backing up data and for sharing data. Many providers
offer cloud storage. Some of the most popular include Microsoft’s OneDrive, Google’s Google Drive,
Apple’s iCloud, and Dropbox. There are other providers as well.

▪ As with any other service that has usernames and passwords, make sure not to share your credentials.

Secure Web Browsing

Many people spend a good portion of their day online. You need to be aware of the risks when browsing the
web and use common sense and available tools to make it as secure as possible. To protect your own
information and your organization’s information, be sure to follow these guidelines:

• Make sure your browser is up to date.

• Disable cookies and clear the browser cache and history of saved data whenever possible.

• When installing plug-ins and browser extensions, install only the ones required for your browsing. Disable
any plug-ins, toolbars, and extensions that you are not using.

• If you access a site with an invalid certificate, be sure to close the page unless you are 100 percent positive
that the page can be trusted.

• Avoid selecting suspicious links or banner ads. These are often the preferred method of attackers to gain
access to your computer and data.

• Be aware of spoofed web pages that appear to be the web page of another company. The page’s most likely
to be spoofed are sites such as PayPal or financial institutions.

• If your browser has been infected with adware, be sure to clear the cache and cookies, reset passwords, and
use your antivirus software to try to eradicate the infection. You might need to download additional software
to deal with the adware infection.

• Be careful to protect your personally identifiable information including your: Social Security number,
driver’s license number, financial account numbers, and log in credentials.

• If you are using a public workstation be sure to remove all traces of your activity when you are done using
the workstation.
6
Page

Disclaimer: This is an unofficial handout document made purely for educational purposes and may only be used for personal uses. Content may not
properly cite sources from respective authors and publishers. By accessing, you acknowledge its purpose, origin, and unprofessional structure.