Internet Security

Computer Security and Threats

Computer security threats are potential threats to your computer’s

efficient operation and performance.

A threat in a computer system is a potential danger that could

jeopardize your data security. At times, the damage is irreversible.

Types of Threats:

- Malware:

“Malicious software” is a type of computer program that

infiltrates and damages systems without users’ knowledge.

Where can a malwarebe found:

- Attached to emails.
- Embedded in fraudulent links.
- Hidden in online ads.
- On various websites that a user might visit.

Malware programs are designed for automatically creating:

- Viruses, worms, or trojans.

- For conducting DoS (Denial of Service) attacks on remote
servers.
- For hacking computers etc.
Types of Malwares:
- Adware: Adware is also called “spam”.

It is unwanted malicious advertising installed on a device

connected to the Internet.

If a user clicks on malicious ads, more harmful types of

malwares can get downloaded.

- Viruses:

A virus is a malicious program that can infect other

programs and can spread to other systems.

A virus is attached to a file and is executed once the file is

launched.

“Creeper” was the world’s first computer virus. It was

developed by Bob Thomas.

- Worms:

Like a virus, a worm can duplicate itself in other devices or

systems.

Worms do not need human action to spread once they are

in a network or system.

Worms often attack a computer’s memory or hard drive.

Firewalls and email filtering technology can help prevent

against worms.
- Trojans:

A Trojan is a type of malware which pretends to be

harmless but is malicious.

A Trojan cannot spread by itself like a virus or worm.

Trojans spread through social engineering tactics such as
phishing.

Hackers use Trojans to secretly gain remote access to

devices or download additional malware without the
knowledge of users.

“Emotet” is a Trojan which is called the “King of Malware”.

It appeared for the first time in 2014.

- Ransomware:

Ransomware locks up a victim’s devices or data and

demands a ransom payment to unlock them.

The Ransomware-as-a-Service (RaaS) model is a method

used by threat actors/cybercriminals to conduct
ransomware attacks.

A Managed Detection and Response (MDR) can be used for

monitoring in case of an immediate threat.

- Spyware:

Spyware is used by cybercriminals to track the activities of

users.

Spyware often leads to credential theft, which in turn can

lead to a devastating data breach.

Spyware often originates in corrupt files, or through

downloading suspicious files.

Spyware includes adware, rootkits, keyloggers, Trojans etc.

 Spyware is used to track cookies and monitoring internet
activity of users, monitor system usage or steal targeted
information like messaging apps.

Identity and Access Management (IAM) techniques, like

MFA, can prevent the reconnaissance and data theft that
often happens with spyware.

- Rootkits:

A rootkit allows a user to maintain privileged access within

a system without being detected.

Rootkits are often the first stage in a breach, and after

employing one, a threat actor can install more malware.

Rootkits can also install and hide keyloggers.

- Keyloggers:

Keyloggers are a common kind of spyware that monitors

and records users’ keystrokes.

Once this type of malware is installed onto an endpoint,

hackers can monitor and record every single keystroke a
user makes, giving them full access to a user’s movements
in a system and online.

Malicious keyloggers are used to gain information and

steal credentials.

An attacker using keyloggers can get the access to any

and all credentials that may be entered into a system
through typing.
- Wiper Malware:

Wiper malware is used for deletion.

HermeticWiper, identified in February of 2022, impacted

Ukranian organisations in the aviation, defense, financial,
and IT services.

- Cryptojacking:

Cryptojacking is used by threat actors to take control of

and use an infected endpoint’s computing power to mine
cryptocurrency like bitcoin.

The goal of using cryptojacking is to mine as much

cryptocurrency as possible from as may endpoints as a
threat actor can infect.

- Phishing:

Phishing attacks are the practice of sending fraudulent

communications that appear to come from a reputable
source. It is usually done through email.

The goal is to steal sensitive data like credit card and login
credentials, or to install malware on the victim’s machine.

Phishing can also be done by creating fake websites or

login pages to collect sensitive data.

- Software Piracy

Software piracy is the act of illegally using, copying,

modifying, distributing, sharing, or selling computer
software protected by copyright laws.
- Hacking (Cyber Hacking)

Hacking is the process of gaining illegal access to a

computer system, or a group of computer systems.

It is the use of unconventional or illicit means to gain

unauthorized access to a digital device, computer system
or computer network.

Hackers try to gain unauthorized access to digital devices

(like computers) in order to steal, alter, or delete data,
generally by installing malicious software without your
knowledge or agreement.

Hacking is not always done with a malicious intent.

Types of Hackers:

i- Black Hat Hackers:

- Black hat hackers are also known as crackers.

- Black hat hackers gain illegal access to computer(s) with a
malicious motive.

ii- White Hat Hackers/Ethical Hackers:

- White hat hackers are also known as ethical hackers.

- White hat hackers use their technical expertise to defend
against malicious cyber attacks.
- White hat hackers are employed by businesses,
government agencies as data security analysts,
researchers, security specialists etc.

iii- Gray Hat Hackers:

- Gray hat hackers might gain illegal access to digital

devices (like computers) without any malicious intent.
- Their goal for hacking might be to expose a system’s
weaknesses.
- Gray hat hackers may operate to obtain reputation in the
cyber security industry, which helps them further their
careers as security experts in the long run.

iv- Red Hat Hackers

- Red hat hackers use technical expertise to stop unethical

attacks like ethical hackers, but they may use illegal means
to do so.

Hacking Tools:

i- Specialized Operating Systems:

While a hacker can use any OS to operate, many

hackers use customized Operating Systems.

Kali Linux is popular among ethical hackers.

ii- Credential-cracking Tools:

These programs can uncover passwords by breaking

encryptions or launching brute-force attacks.

A brute force attack uses bots or scripts to

automatically generate and test passwords repeatedly
until the correct password is found. It is a trial and
error based method.

iii- Port Scanners:

Port scanners remotely test devices for open and

available ports, which hackers can use to gain access
to a network.

iv- Vulnerability Scanners:

Vulnerability Scanners search systems for known

vulnerabilities, allowing hackers to quickly find
entryways into a target.
 v- Packet Analyzers:

These tools analyze network traffic to determine

where it is coming from, where it is going, and what
data it contains (in some cases).

vi- Malware:

Malwares (mentioned above in this document) can

also be used by hackers to launch cyber attacks.

- Cracking:

Cracking is the term used to describe the process of

obtaining a password or code.

Types:

i- Password Cracking: Methods

- Brute Force Cracking:

A brute force attack uses bots or scripts to automatically

generate and test passwords repeatedly until the correct
password is found. It is a trial and error based method.

- Dictionary Cracking:

This is similar to brute-force cracking, but instead of using

random sequences of characters, the hacker uses a list of
known or commonly used passwords.

- Rainbow Table Cracking:

 Rainbow table cracking method is used to determine the
encryption used to hash a password. Rainbow table
leverages previously computed hashed values.

ii- Software Cracking: It is the process of modifying

software to completely or partially eliminate one or
more of the software’s functions.

Tools used:

- Keygen

Keygen is short for “key generator”. It is a programme that

a cracker creates to produce legitimate serial numbers for
software products.

- Patch:

Patches are compact pieces of code used for altering the

way a software functions.

Developers produce patches to fix software.

Crackers produce patches to corrupt software’s

functioning.

- Loader:

A loader is a type of malware that is used to block or

modify the start-up process of a program.

iii- Network Cracking: It is the act of infiltrating a local

area network (LAN).

Network cracking is also referred to as web cracking

or wired equivalent privacy (WEP) cracking.
 A wireless network can be cracked considerably more
easily than a cable one since the cracker only has to
be in close proximity to the wireless signal.

- SCRIPT KIDDIES

i- They have limited knowledge of hacking.

ii- They are also called amateur hackers.
iii- They use powerful hacking tools with limited
understanding of how they work or their consequences.
iv- While security professionals tend to craft their own
tools, script kiddies pick up off the shelf scripts, and
tools to attack a target.
v- Script kiddies rely on software or scripts written by
others and don’t possess the knowledge to modify or
produce their own software.
vi- Script kiddies find the easiest routes to hacking a
system and do not invest much energy into performing
an attack.
vii- Script kiddies are attracted to high-profile targets to give
them a sense of accomplishment or fame among their
peers.

viii- A script kiddie has a variety of motivations. Many of

them are motivated by a desire for attention, recognition,
and power.

a- Financial Gain – Script kiddies may take personal

information or credit card data in order to sell them on the
black market.
b- Political or Ideological Motives – Script Kiddies may attack
groups or persons they believe have opposing beliefs.
c- Senses of Adventure – Some Script Kiddies enjoy the
challenge of breaking into systems and the adrenaline rush
that comes with it.