Saturday, July 27, 2019

Week 8: Computer Worm

We are going to discuss Computer Worms and some different computer worms types and steps to prevent our systems from those worms.

Computer worms
Computer worms are malicious code that self replicates itself in the system or network and spreads across different computer systems. Computer worms are often invisible to the user and identified only when there is computer slowdowns or blocks opening up of the other tasks. It usually gets through the security vulnerabilities of the OS or the software.

Different Computer worms
Email Worms: Email worms are the most worms where it spreads through a link or attachments, and when it clicked or downloaded, it will infect the systems. After installing the worm, it will pick up the host email address from system user without the user's knowledge and sends email to the other host.

Internet worms: Internet worms use the internet of the infected system to scan any open vulnerabilities available on the connected local machines. It usually happens when there are security vulnerabilities exists in the OS and device using the OS needs patch or upgrades.

Instant message worms: These worms are more similar to the email worms. The infected worms will use the user's instant messaging contacts or chat room contacts and sends the malicious link to all the contacts without the user's knowledge.

Steps for preventing those worms:
1. Avoid clicking on the malicious email link or attachments. Verify the sender and scan the email attachments with antivirus.
2. Always update the system or OC with latest versions and keep patches updates to-date, as vulnerabilities are the most route for worms to spread.
3. Monitor the system performance and memory space, and run the system scanning for virus scanning periodically as the worms slowdowns the system.

References:
Kirk Reem(n.d). Different Types of Computer Worms. Retrieved from https://www.techwalla.com/articles/how-to-remove-a-script-virus

 What is a computer worm, and how does it work?. Retrieved from https://us.norton.com/internetsecurity-malware-what-is-a-computer-worm.html

Sunday, July 21, 2019

Week 7: Spyware

This week we are going to discuss the Spyware and conventional spyware methods and how to prevent our systems from those attacks.

Spyware:
Spyware is a malicious code or software that gets installed in the system without user's knowledge and transfers the sensitive information of the user to the attackers or sometimes used to track our internet usage and personal details without our knowledge and sells that info to the advertisers. Its a most common threat where most of the internet users get affected unknowingly.

Let's see some common types of spyware

Adware:  Adware is most common among the spyware which comes in the sidebar when you visit any websites. It displays the advertisement related to the search you recently used but figuring out which is the trusted one or malicious is not that easy for the internet users.

Trojans: Trojan is the malicious software where it acts as legitimate software and makes a user to download it in their system. Later on, slowly it harvests the sensitive information of the user such as banking passwords or social security number without user knowledge.

Keyloggers: Keyloggers are the system monitors where it captures all the information the user performs in the system such as search history, website visited, chat room discussion, and emails. They sometimes even capture the printed documents and transfers those details to the attackers.

Tracking Cookies: Using browser cookies, attackers will able to gain access to the user's browser usage's and sensitive information and histories of the page visited.

Techniques to prevent spyware:
1. Install an antivirus and have updated patches and schedule auto-scanning at least once in a week.
2. Add ad-blockers in the browser to avoid unwanted ads from getting displayed in the page visited.
3. Don't download any freeware from untrusted parties on the internet.
4. Don't click or download attachments from the suspected email links.

References:
What is spyware? And how to remove it. Retrieved from https://us.norton.com/internetsecurity-how-to-catch-spyware-before-it-snags-you.html

Spyware. Retrieved from https://www.malwarebytes.com/spyware/

Sunday, July 14, 2019

Week 6: Distributed Denial of Service

We are going to discuss Distributed Denial of Service(DDOS) this week and some frequent DDOS attacks performed by the hackers and techniques on how to tackle them.

Distributed denial of service
Distributed denial of service(DDOS) is a method to disturb and block the traffic of the site or network by over flooding with unwanted traffic signal from the multiple compromised systems. It makes it worse by bringing down the entire server. In recent days, due to the security vulnerability of the IoT devices where its comes with default password are very to prone to use as the comprosied device for the DDOS attack. DDOS attacked are performed for financial gain by competitors, or to reduce the reputation of the company.

Common types of DDOS attack

UDP Flood: User data protocol flood is an attack that immerses the targeted server with multiple UDP packets. The targeted server thinks that they are a legitimate request, so it checks and responds to the UDP packets, and by the time it blocks the service of the real user.

Ping (ICMP) flood: Ping flood is similar to UDP flood wherein Ping (ICMP) flood the attacker uses the Internet Control Message Protocol(ICMP) packages for the targeted server. In this type of the attack, the server responding have a bandwidth of both incoming and outgoing request, and Ping(ICMP) flood won't give time for the server to respond for both requests and making it unavailable for the actual users.

HTTP flood: HTTP flood is the typical technique used by hackers as most of the internet sites are operated on mainly on the HTTP get or HTTP post. Also, it's more complex to mitigate as compare to the other attacks as its very difficult to identify which one is a legitimate request

Methods to mitigate the DDOS attacks:
Eliminating the DDOS attack is not entirely possible, but reducing the DDOS attack and running back the server to normal mode is possible.

1) Have an updated antivirus software on the computer- Because it will prevent the individual system from becoming bot for the attacker.

2) Have a captcha technique for login or account creation services, as it reduces the attack of network traffic from infected IOT devices.

3) Change the default passwords of the IoT devices installed in your organizations.

References:
What is a DDoS Attack?.  Retrieved from https://www.cloudflare.com/learning/ddos/what-is-a-ddos-attack/.

DDoS Attacks. Retrieved from https://www.imperva.com/learn/application-security/ddos-attacks/







Thursday, July 4, 2019

Week 5: Social Engineering

This week we are going to discuss the social engineering attack and some standard methods and techniques used and how to safeguards ourselves from those attacks.

Social Engineering: Social engineering is a technique to trick someone emotionally to gain access to the confidentiality of the information or gaining access to the office building. A most common example would be calling the customer care by posing as the spouse of the account holder and gets confidential information by tricking care agents that they got into some kind of emergencies and need the password to unlock the account immediately. It's the most legacy technique that exists for a very long time and still used to be a successful trick for many attackers without much investment.

Let's see some common social engineering technique.

1. Vishing: Voice over phishing is called vishing. Its most frequently used social engineering method where the attackers call like trusted companies and attempts to gain confidential information or intention to earn some money from the customer.  For example, I used to get call often that my car warranty is about to expire and would I like to extend it or not although I brought a new car and its just two months old. I rejected several times and asked to remove my name from caller list but still, I'm getting calls at least four times in a week.

2. Social Networking sites: After the boom of social networking sites like facebook, linked-in, twitter, anyone can get personal and professional information about the persons and trick them in gaining confidential by knowing their likes or emotional weakness.

3. Email Hacking: Getting an email from hacked friend's email account with downloadable attachments that is malicious to our computer systems.

How do we prevent those attacks?

Self-awareness- Before opening up an email or responding to any calls, and providing confidential information, analyze the source and trust of it.

Limit uploading all the information to the social networking sites and have them protected instead of making it as public and available for everyone.

Have updated and latest antivirus installed in your system. It helps in identifying malicious attachment and downloads on the internet.

References:
George V. Hulme and Joan Goodchild ( 2017, August 17).What is social engineering? How criminals exploit human behavior. Retrieved from https://www.csoonline.com/article/2124681/what-is-social-engineering.html


Sunday, June 30, 2019

Week 4: Malware

This week we are going to discuss the Malware, some common types of malware and how to detect and prevent it.

Malware - Malware is a short form for malicious software. Its program or a file or software that cause damage to the system.
According to the Norton security, the malware initially started as a prank to the computer, and later on, it got developed as the extorting making, stealing sensitive data or destroying the targeted systems.

How do we prevent it- Most of the malware gets spread through the emails or adware or banner that displays on the unsecured sites. Before downloading any attachments from the emails, verify the trust of the email sender and also add antivirus scan within the email service as well. Also before clicking on any banner, hover over the link and see if whether the ad is pointing to the right site or not.

Let's see some common types of malware

1. Adware: It's the most common malware that most of us could have encountered in our life where a click on the banner or advertisement takes us to the malicious website that affects our system performance or browser crashes.

2. Computer Virus: Virus is another most common type where we have seen in detail in our previous weeks. Its malicious program where it affects or deletes the records in the system or steals the data from the system. Installing antivirus and scanning system regularly will avoid and eradicate the virus ultimately from the system.

3. Trojans: Trojans is a malware where it poses like legitimate software but performs actions that are not intended or described by it. The most type of Trojans is where the browser gets a message stating your system is infected and installing antivirus will terminate the virus.

4. Worms: Worms are old legacy malware available for a very long time. It's most dangerous as, without any influence, it can quickly spread and make the entire system or records to collapse entirely within a few hours.

References:

Roger A. Grimes ( 2019, May 1). 9 types of malware and how to recognize them. Retrieved from https://www.csoonline.com/article/2615925/security-your-quick-guide-to-malware-types.html

Malware. Retrieved from https://us.norton.com/internetsecurity-malware.html


Sunday, June 23, 2019

Week 3: Ransomware

This week we are going to discuss the ransomware and some common types of ransomware used in recent years and how to prevent those attacks. Ransomware: Ransomware is a malicious code or software where it locks the user system or mobile and unlocks only after paying the ransom to the attacker. Ransomware caused mainly through Phishing and spam emails. In most cases, ransomware demands timing where money has to paid on time or else data will be lost forever. There are some occurrences where victims, even after paying the cash, they didn't receive the decryption key back from the attackers. Ransomware gets popularity after the emergences of the cryptocurrency like bitcoin. How do we prevent those attacks? Prevention is better than cure. Avoid opening the malicious email, and having secure email transfers in the organization will prevent ransomware. Regular updates of the antivirus in the system and mobile antivirus are some ways in avoiding the ransomware. Avoid clicking unwanted banner or links that display on the side of the site. Common types of Ransomware:
Crypto locker: It's one of the old forms of ransomware where it locks the computer with powerful encryption and its very difficult to decrypt until a ransom is paid by the victim. Wannacry: Wannacry is another ransomware in 2017 where it locked almost close to 300000 computers across the globe. And it happened due to security loophole in the old Microsoft window operating system. Although a patch was released long back by Microsoft even before the attacks, many organization missed updating the security patches. Bad Rabbit: Its another kind of ransomware where it spread through a fake update of Adobe Flash updates. It affected mainly Russia and Ukraine media companies. Notpetya: Notpetya is one of the famous ransomware just like the wannacry where it locked the master boot record of the windows operating system. Several reports suggested that even after paying the ransom victims were unable to unlock the operating system.

References

Josh Fruhlinger(2018, August 8).What is WannaCry ransomware, how does it infect, and who was responsible?. Retrieved from https://www.csoonline.com/article/3227906/what-is-wannacry-ransomware-how-does-it-infect-and-who-was-responsible.html

Ransomware is big business. Retrieved from https://www.proofpoint.com/us/threat-reference/ransomware

Different Types of Ransomware. Retrieved from https://enterprise.comodo.com/different-types-of-ransomware.php





Sunday, June 16, 2019

Week 2: Computer Virus

This week we are going to discuss the most famous common threat to information
security Computer Virus.

Computer Virus: It's just like a human flu virus which affects the human body where
computer virus is a malicious code or malicious software that affects the data of your
computer either by deleting or corrupting or stealing the personal information from your
system.

How does it affect your system? Computer Virus might come while viewing the
unsecured websites or click on the malicious link that comes through an email,
downloading the file that comes from suspicious phishing emails.

How to prevent it? By installing the antivirus software in the system and regular
periodic scanning and having updates up to dates on the antivirus. Avoid opening
suspicious or spam emails. Avoid downloading the attachment or clicking the link on
the phishing emails.

Common types of Virus:

Browser Hijacker: Its common kind of virus where when you click on anywhere
in the home page of the website, it will take you the different site for the advertisement
without your knowledge.

Web Scripting Virus: Its common virus in video streaming sites like youtube and
social networking sites facebook where hackers would leave a comment with a link below
the video where on the click it will try to extort the personal information from your computer.

Resident virus: Resident virus are the problematic one where it resides in the memory of
the system even after deletion by antivirus. So, it will load whenever we restart our system,
it boots and loads the virus back into the system.

File infector: File inspector virus loads or save as .exe in the system where it confuses
the user to look like exe file, but on click or execution, it will create harm or hinders the
performance of the computer.

References:

Margaret Rouse(2016, December). virus (computer virus). Retrieved from

Admin(2016, April 14). 9 Types Of Computer Viruses That You Should Know About
– And How To Avoid Them. Retrieved from