| |
Types of Threats:
There
are essentially two types of threats: behavioral
and software. Often, they are used in combination.
Behavioral threats, more commonly known as social engineering, are
designed to get you to install malicious software (malware), or to
reveal personal information. Malware generally provides
unauthorized access to and use of your computer. Revealing personal
information such as account numbers or your social security number can
lead to fraud and identity theft. Listed below are brief
descriptions of common social engineering techniques and different
types of malware. For more detailed information, click the icon.
Phishing
Phishing is typically carried out by email or instant messaging where
recipients are instructed to click on a link that takes them to a
counterfeit web site that requests their personal information.
Bots:
'Bot' is the common term used to
describe a computer that can be remotely accessed and controlled in
conjunction with thousands of other computers that have been
compromised in the same fashion. Bots are created with malware that
allows an individual unauthorized, remote access to a networked
computer. This type of malware is known as a backdoor.
Hackers:
The term 'hacker' can be used to
describe enthusiasm for a game or sport, or, more recently, one's
computer proficiency. More commonly, however, the term is used to describe a skilled computer user who uses this knowledge to gain an
advantage over people who are less familiar with computing
technology. Often times, a hacker's efforts are used to facilitate or
perpetrate cyber crime.
Malware:
Malware is a generic term used to refer to any computer program
(software) that runs without the full knowledge and consent of the
system owner. There are many different types of malware. Common
examples include bots, back doors, rootkits, and spyware. Malware often
causes computers to operate more slowly, and may damage files.
Password Cracking:
Passwords are the most common method
of authentication used to control access to digital resources. They are
also the easiest way to gain unauthorized access to these resources.
Armed with password cracking software, an intruder can discover a
dictionary word password, or simple variation, in a matter of seconds.
When you consider how much information is protected solely by
passwords, it quickly becomes clear that good passwords are vital to
preserving confidentiality.
Social Engineering
In the spring of 2006, an information security company in Europe
conducted a survey just outside Victoria Station in London, asking
people about their Easter candy giving habits. They stopped
people at random and lured them into participating in the survey
with the promise of winning up to 60 pounds of chocolate.
Eighty-one percent of commuters they spoke with were willing to
part with all the personal information needed to steal their identity
for the chance to win the imaginary sweets. In Botswana, people are even more valnurable to social engineering tactics.
Spyware
Spyware and adware are both forms of
malware. While not normally a risk to your computer files or programs,
they pose a great threat to your privacy. Also, unlike most forms of
malware, spyware and adware are sometimes created by legitimate
corporations and used legally, albeit without knowledgeable consent on
the part of the user.
Computer Viruses / Worms / Trojans:
Computer viruses are actually rare in true virus form. The
term refers to a malicious program that inserts itself into
another program and runs when that program executes. A virus usually
has a destructive payload designed to attack data or system files.
Because most malware today is designed to provide remote access to a
networked system for financial gain, true viruses are not as common as
they once were. The intent of today's malware is not to destroy the
target, but to expropriate it without the owner's knowledge.
|
|
