Professional Documents
Culture Documents
THREAT
S
WHAT IS THREAT?
◼ A computer security threat refers to any possible malicious attack that seeks to unlawfully access data, disrupt
digital operations or damage information.
◼ Cyber attackers can use an individual’s or a company’s sensitive data to steal information or gain access to their
financial accounts.
◼ Computer security threats are potential threats to computer’s efficient operation and performance.
THE TYPES OF COMPUTER SECURITY THREATS
◼ Threat is a possible security violation that might exploit the vulnerability of a system or asset. The origin of the threat
may be accidental, environmental (natural disaster), human negligence, or human failure. Difference types of security
threats are an interruption, interception, fabrication, and modification.
◼ The following are the types of computer security threats:
◼ Physical Threats
◼ A physical danger to computer systems is a potential cause of an occurrence/event that could result in data loss or
physical damage.
◼ It can be classified as:
◼ Internal: Short circuit, fire, non-stable supply of power, hardware failure due to excess humidity, etc.
◼ External: Disasters such as floods, earthquakes, landslide, etc.
◼ Human: Destroying of infrastructure and/or hardware, thefts, disruption, and unintentional/intentional errors.
NON-PHYSICAL THREATS
◼ Trojan ◼ Emotet
◼ Password attacks
MALWARE
◼ Spyware is a type of computer program that tracks, records, and reports a user’s activity (offline and online)
without their permission for the purpose of profit or data theft.
◼ Spyware can be acquired from a variety of sources, including websites, instant chats, and emails.
◼ A user may also unwittingly obtain spyware by adopting a software program’s End User License Agreement.
◼ Adware is a sort of spyware that is primarily utilized by advertising.
◼ When go online, it keeps track of web browsing patterns in order to compile data on the types of websites visit.
RANSOMWARE
A Virus is a “program that is loaded onto your computer without your knowledge and runs against your wishes
◼ It is a program that replicates itself and infects computer’s files and programs, rendering them inoperable.
◼ It is a type of malware that spreads by inserting a copy of itself into and becoming part of another program.
◼ It spreads with the help of software or documents.
◼ They are embedded with software and documents and then transferred from one computer to another using the
network, a disk, file sharing, or infected e-mail.
◼ They usually appear as an executable file.
HOW DOES A COMPUTER GET A VIRUS?
◼ Even if you’re careful, you can pick up computer viruses through normal Web activities like:
▪ Computer worms are similar to viruses in that they replicate themselves and can inflict similar damage.
▪ Unlike viruses, which spread by infecting a host file, worms are freestanding programs that do not require a host
program or human assistance to proliferate.
▪ Worms don’t change programs, instead, they replicate themselves over and over.
▪ They just eat resources to make the system down.
HOW DO COMPUTER WORMS WORK?
▪ Worms can be transmitted via software vulnerabilities. Or computer worms could arrive as attachments in spam
emails or instant messages (IMs). Once opened, these files could provide a link to a malicious website or
automatically download the computer worm. Once it’s installed, the worm silently goes to work and infects the
machine without the user’s knowledge.
▪ Worms can modify and delete files, and they can even inject additional malicious software onto a computer.
Sometimes a computer worm’s purpose is only to make copies of itself over and over — depleting system
resources, such as hard drive space or bandwidth, by overloading a shared network.
TROJAN
▪ A Trojan Horse Virus is a type of malware that downloads onto a computer disguised as a legitimate program
▪ A Trojan horse is malicious software that is disguised as a useful host program.
▪ A Trojan horse, often known as a Trojan, is malicious malware or software that appears to be legal yet has the
ability to take control of your computer.
▪ A Trojan is a computer program that is designed to disrupt, steal, or otherwise harm your data or network.
▪ When the host program is run, the Trojan performs a harmful/unwanted action.
DENIAL OF SERVICE (DOS)
▪ A Denial of Service attack is one in which an attacker tries to prohibit legitimate users from obtaining
information or services.
▪ An attacker tries to make a system or network resource unavailable to its intended users in this
attack.
▪ The web servers of large organizations such as banking, commerce, trading organizations, etc. are the
victims.
◼ Victims of DoS attacks often target web servers of high-profile organizations such as banking,
commerce, and media companies, or government and trade organizations. Though DoS attacks do not
typically result in the theft or loss of significant information or other assets, they can cost the victim a
great deal of time and money to handle.
◼ There are two general methods of DoS attacks: flooding services or crashing services. Flood attacks
occur when the system receives too much traffic for the server to buffer, causing them to slow down
and eventually stop.
MAN IN THE MIDDLE
◼ The modified query will return all items where either the category is Gifts, or 1 is equal to 1. Since 1=1 is always
true, the query will return all items.
PHISHING
◼ A hardware-based keylogger is a small device that serves as a connector between the keyboard and the
computer.
◼ A keylogging software program does not require physical access to the user's computer for installation. It
can be purposefully downloaded by someone who wants to monitor activity on a particular computer, or it can
be malware downloaded unwittingly and executed as part of a rootkit or remote administration Trojan (RAT)
CRYPTOJACKING
◼ Cryptojacking is a type of cybercrime that involves the unauthorized use of people's devices (computers,
smartphones, tablets, or even servers) by cybercriminals to mine for cryptocurrency. Like many forms of
cybercrime, the motive is profit, but unlike other threats, it is designed to stay completely hidden from the
victim.
◼ Attackers deploy software on a victim’s device, and begin using their computing resources to generate
cryptocurrency, without their knowledge.
◼ Affected systems can become slow and cryptojacking kits can affect system stability.
ROOTKITS
◼ A rootkit is a type of malware designed to give hackers access to and control over a target device. Although
most rootkits affect the software and the operating system, some can also infect your computer’s hardware and
firmware. Rootkits are adept at concealing their presence, but while they remain hidden, they are active.
◼ A rootkit is a program or a collection of malicious software tools that give a threat actor remote access to and
control over a computer or other system. Although this type of software has some legitimate uses, such as
providing remote end-user support, most rootkits open a backdoor on victims' systems to introduce malicious
software -- including viruses, ransomware, keylogger programs or other types of malware -- or to use the system
for further network security attacks.
◼ Rootkits, which can be purchased on the dark web, can be installed during phishing attacks or employed as
a social engineering tactic to trick users into giving the rootkits permission to be installed on their systems, often
giving remote cybercriminals administrator access to the system. Once installed, a rootkit gives the remote actor
access to and control over almost every aspect of the operating system (OS).
Hackers install rootkits on target machines in a number of ways:
1.The most common is through phishing or another type of social engineering
attack. Victims unknowingly download and install malware that hides within
other processes running on their machines and give the hackers control of
almost all aspects of the operating system.
2.Another way is through exploiting a vulnerability – i.e., a weakness in
software or an operating system that has not been updated – and forcing the
rootkit onto the computer.
3.Malware can also be bundled with other files, such as infected PDFs, pirated
media, or apps obtained from suspicious third-party stores.
EMOTET
◼ Emotet is a computer malware program that was originally developed in the form of a banking Trojan. The goal
was to access foreign devices and spy on sensitive private data. Emotet has been known to deceive basic antivirus
programs and hide from them. Once infected, the malware spreads like a computer worm and attempts to
infiltrate other computers in the network.
◼ Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via
malicious script, macro-enabled document files, or malicious link. Emotet emails may contain familiar branding
designed to look like a legitimate email. Emotet may try to persuade users to click the malicious files by using
tempting language about “Your Invoice,” “Payment Details,” or possibly an upcoming shipment from well-known
parcel companies.
◼ Emotet continues to be among the most costly and destructive malware.
PASSWORD ATTACKS
◼ With the right password, a cyber attacker has access to a wealth of information.
◼ Cyber attackers that relies heavily on human interaction and often involves tricking people into breaking standard
security practices.
◼ Other types of password attacks include accessing a password database or outright guessing.
HOW TO MAKE YOUR SYSTEM SECURE?
Ans) In order to keep your system data secure and safe, you should take the following measures:
1. Always keep a backup of your data.
2. Install firewall software and keep it updated every time.
3. Make use of strong and difficult to crack passwords (having capital & small alphabets, numbers, and special characters).
4. Install antivirus/ anti-spyware and keep it updated every time.
5. Timely scan your complete system.
6. Before installing any program, check whether it is safe to install it (using Antivirus Software).
7. Take extra caution when reading emails that contain attachments.
8. Always keep your system updated.