SlideShare a Scribd company logo

SECURITY THREATS.pptx SECURITY THREATS.pptx

Download as PPTX, PDF
A
anovalexter

The document outlines various computer security threats, categorizing them into physical and non-physical threats, and defines types of malware, including adware, spyware, ransomware, trojans, worms, viruses, and keyloggers. It describes how these threats can compromise data security and impact business operations, as well as how malware spreads through methods such as email, physical media, and exploiting software vulnerabilities. Additionally, the document highlights signs of potential malware infections that users should be aware of.

Education
1 of 39
Download to read offline
1
2
3
4
5
6
Most read
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
SECURITY THREATS
SECURITY THREATS • Computer security threats are potential threats to your computer’s efficient operation and performance. These could be harmless adware or dangerous trojan infection. As the world becomes more digital, computer security concerns are always developing. A threat in a computer system is a potential danger that could jeopardize your data security. At times, the damage is irreversible.
TYPES OF THREATS •A security threat is a threat that has the potential to harm computer systems and organizations. The cause could be physical, such as a computer containing sensitive information being stolen. It’s also possible that the cause isn’t physical, such as a viral attack.
TYPES OF THREATS 1. Physical Threats - cause damage to computer systems hardware and infrastructure. Examples include theft, vandalism through to natural disasters.
TYPES OF THREATS 2. Non-physical threats: A non-physical threat is a potential source of an incident that could result in: • Hampering of the business operations that depend on computer systems. • Sensitive – data or information loss • Keeping track of other’s computer system activities illegally. • Hacking id & passwords of the users, etc.
TYPES OF THREATS The non-physical threads can be commonly caused by: 1. Malware 2. Virus 3. Spyware 4. Worms 5. Trojan 6. Phishing 7. Key-loggers 8. Ransomware
MALWARE Malware is intrusive software that is intentionally designed to cause damage to computers and computer systems. By contrast, software that causes unintentional damage is usually referred to as a software bug.
TYPES OF MALWARE 1. Adware - a contraction of ‘advertising- supported software’, displays unwanted and sometimes malicious advertising on a computer screen or mobile device, redirects search results to advertising websites, and captures user data that can be sold to advertisers without the user's consent. Not all adware is malware, some is legitimate and safe to use.
ADWARE Adware examples: • Fireball – Fireball hit the headlines in 2017 when an Israeli software company discovered that 250 million computers and one-fifth of the corporate networks worldwide were infected with it. When Fireball affects your computer, it takes over your browser. It changes your homepage to a fake search engine – Trotus – and inserts obtrusive ads into any webpage you visit. It also prevents you from modifying your browser settings.
ADWARE Adware examples: • Appearch – Appearch is another common adware program that acts as a browser hijacker. Usually bundled with other free software, it inserts so many ads into the browser that web browsing becomes very difficult. When you attempt to visit a website, you're taken to Appearch.info instead. If you manage to open a web page, Appearch converts random blocks of text into links, so when you select the text, a pop-up invites you to download software updates.
TYPES OF MALWARE 2. Spyware is a form of malware that hides on your device, monitors activity, and steals sensitive information like financial data, account information, logins, and more. Spyware can spread by exploiting software vulnerabilities or else be bundled with legitimate software or in Trojans.
SPYWARE Spyware examples: •CoolWebSearch – This program took advantage of the security vulnerabilities in Internet Explorer to hijack the browser, change the settings, and send browsing data to its author.
SPYWARE Spyware examples: •Gator – Usually bundled with file-sharing software like Kazaa, this program monitors the victim’s web surfing habits and uses the information to serve them with specific ads.
TYPES OF MALWARE RANSOMWARE AND CRYTO-MALWARE 3. Ransomware is malware designed to lock users out of their system or deny access to data until a ransom is paid. Crypto-malware is a type of ransomware that encrypts user files and requires payment by a specific deadline and often through a digital currency such as Bitcoin. Ransomware has been a persistent threat for organizations across industries for many years now. As more businesses embrace digital transformation, the likelihood of being targeted in a ransomware attack has grown considerably.
RANSOMWARE AND CRYTO-MALWARE Ransomware examples: • CryptoLocker is a form of malware prevalent in 2013 and 2014 which cyber criminals used to gain access to and encrypt files on a system. Cybercriminals used social engineering tactics to trick employees into downloading the ransomware onto their computers, infecting the network. Once downloaded, CryptoLocker would display a ransom message offering to decrypt the data if a cash or Bitcoin payment was made by the stated deadline. While the CryptoLocker ransomware has since been taken down, it is believed that its operators extorted around three million dollars from unsuspecting organizations.
RANSOMWARE AND CRYTO-MALWARE Ransomware examples: •Phobos malware – a form of ransomware that appeared in 2019. This strain of ransomware is based on the previously known Dharma (aka CrySis) family of ransomware.
TYPES OF MALWARE 4. Trojan (or Trojan Horse) disguises itself as legitimate software to trick you into executing malicious software on your computer. Because it looks trustworthy, users download it, inadvertently allowing malware onto their device. Trojans themselves are a doorway. Unlike a worm, they need a host to work. Once a Trojan is installed on a device, hackers can use it to delete, modify or capture data, harvest your device as part of a botnet, spy on your device, or gain access to your network.
TROJAN Trojan examples: •Qbot malware, also known as 'Qakbot' or 'Pinkslipbot', is a banking Trojan active since 2007 focused on stealing user data and banking credentials. The malware has evolved to include new delivery mechanisms, command and control techniques, and anti-analysis features.
TROJAN Trojan examples: •TrickBot malware —first identified in 2016—is a Trojan developed and operated by sophisticated cybercrime actors. Originally designed as a banking Trojan to steal financial data, TrickBot has evolved into modular, multi-stage malware that provides its operators with a full suite of tools to carry out numerous illegal cyber activities.
TYPES OF MALWARE 5. WORMS, spread over computer networks by exploiting operating system vulnerabilities. A WORM is a standalone program that replicates itself to infect other computers without requiring action from anyone. Since they can spread fast, worms are often used to execute a payload—a piece of code created to damage a system. Payloads can delete files on a host system, encrypt data for a ransomware attack, steal information, delete files, and create botnets.
WORM Worm example: • SQL Slammer was a well-known computer worm that did not use traditional distribution methods. Instead, it generated random IP addresses and sent itself out to them, looking for those not protected by antivirus software. Soon after it hit in 2003, the result was more than 75,000 infected computers unknowingly involved in DDoS attacks on several major websites. Though the relevant security patch has been available for many years now, SQL Slammer nevertheless experienced a resurgence in 2016 and 2017.
TYPES OF MALWARE 6. VIRUS is a piece of code that inserts itself into an application and executes when the app is run. Once inside a network, a virus may be used to steal sensitive data, launch DDoS attacks, or conduct ransomware attacks. Usually spread via infected websites, file sharing, or email attachment downloads, a virus will lie dormant until the infected host file or program is activated. Once that happens, the virus can replicate itself and spread through your systems.
VIRUS Virus example: • Stuxnet – Stuxnet appeared in 2010 and was widely believed to have been developed by the US and Israeli governments to disrupt Iran’s nuclear program. Spread via a USB thumb drive, it targeted Siemens industrial control systems, causing centrifuges to fail and self- destroy at a record rate. It’s believed that Stuxnet infected over 20,000 computers and ruined one-fifth of Iran's nuclear centrifuges – setting its program back years.
TYPES OF MALWARE 7. Keyloggers A keylogger is a type of spyware that monitors user activity. Keyloggers can be used for legitimate purposes – for example, families who use them to keep track of their children's online activity or organizations which use them to monitor employee activity. However, when installed for malicious purposes, keyloggers can be used to steal password data, banking information, and other sensitive information. Keyloggers can be inserted into a system through phishing, social engineering, or malicious downloads.
KEYLOGGER Keylogger example: •In 2017, a University of Iowa student was arrested after installing keyloggers on staff computers to steal login credentials to modify and change grades. The student was found guilty and sentenced to four months i n prison .
BOTS AND BOTNETS Bots and botnets • A bot is a computer that has been infected with malware so it can be controlled remotely by a hacker. The bot – sometimes called a zombie computer – can then be used to launch more attacks or become part of a collection of bots called a botnet. Botnets can include millions of devices as they spread undetected. Botnets help hackers with numerous malicious activities, including DDoS attacks, sending spam and phishing messages, and spreading other types of malware.
BOTS AND BOTNETS Botnet examples: • Andromeda malware – The Andromeda botnet was associated with 80 different malware families. It grew so large that it was at one point infecting a million new machines a month, distributing itself via social media, instant messaging, spam emails, exploit kits, and more. The operation was taken down by the FBI, Europol's European Cybercrime centre, and others in 2017 – but many PCs continued to be infected.
BOTS AND BOTNETS Botnet examples: • Mirai – In 2016, a massive DDoS attack left much of the US East Coast without internet access. The attack, which authorities initially feared was the work of a hostile nation- state, was caused by the Mirai botnet. Mirai is a type of malware that automatically finds Internet of Things (IoT) devices to infect and conscripts them into a botnet. From there, this IoT army can be used to mount DDoS attacks in which a firehose of junk traffic floods a target's servers with malicious traffic. Mirai continues to cause trouble today.
OTHER TYPES OF MALWARE
TYPES OF MALWARE PUPs – which stands for ‘potentially unwanted programs’ – are programs that may include advertising, toolbars, and pop- ups that are unrelated to the software you downloaded. Strictly speaking, PUPs are not always malware – PUP developers point out that their programs are downloaded with their users’ consent, unlike malware.
PUPs PUPs – which stands for ‘potentially unwanted programs’ – are programs that may include advertising, toolbars, and pop-ups that are unrelated to the software you downloaded. Strictly speaking, PUPs are not always malware – PUP developers point out that their programs are downloaded with their users’ consent, unlike malware.
PUPs PUP malware example: •Mindspark malware – this was an easily installable PUP which ended up on users’ machines without them noticing the download. Mindspark can change settings and trigger behavior on the device without the user’s knowledge. It is notoriously difficult to eliminate.
HYBRID Hybrid malware example: • In 2001, a malware developer calling himself ‘Lion’ released a hybrid malware — a worm/rootkit combination. Rootkits allow hackers to manipulate operating system files, while worms are powerful vectors for rapidly spreading code pieces. This malicious combination caused havoc: it inflicted damage on more than 10,000 Linux systems. Worm/rootkit combination malware was explicitly designed to exploit the vulnerabilities in Linux systems.
Fileless malware examples: •Frodo, Number of the Beast, and The Dark Avenger were all early examples of this type of malware.
Logic bombs • Logic bombs are a type of malware that will only activate when triggered, such as on a specific date and time or on the 20th log-on to an account. Viruses and worms often contain logic bombs to deliver their payload (i.e., malicious code) at a pre-defined time or when another condition is met. The damage caused by logic bombs varies from changing bytes of data to making hard drives unreadable.
LOGIC BOMBS Logic bomb example: •In 2016, a programmer caused spreadsheets to malfunction at a branch of the Siemens corporation every few years, so that they had to keep hiring him back to fix the problem. In this case, nobody suspected anything until a coincidence forced the malicious code out into the open.
How does malware spread? The most common ways in which malware threats can spread include: • Email: If your email has been hacked, malware can force your computer to send emails with infected attachments or links to malicious websites. When a recipient opens the attachment or clicks the link, the malware is installed on their computer, and the cycle repeats. • Physical media: Hackers can load malware onto USB flash drives and wait for unsuspecting victims to plug them into their computers. This technique is often used in corporate espionage. • Pop-up alerts: This includes fake security alerts which trick you into downloading bogus security software, which in some cases can be additional malware.
How does malware spread? • Vulnerabilities: A security defect in software can allow malware to gain unauthorized access to the computer, hardware, or network. • Backdoors: An intended or unintended opening in software, hardware, networks, or system security. • Drive-by downloads: Unintended download of software with or without knowledge of the end-user. • Privilege escalation: A situation where an attacker obtains escalated access to a computer or network and then uses it to launch an attack.
Signs of a malware infection If you’ve noticed any of the following, you may have malware on your device: • A slow, crashing, or freezing computer • The infamous ‘blue screen of death’ • Programs opening and closing automatically or altering themselves • Lack of storage space • Increased pop-ups, toolbars, and other unwanted programs • Emails and messages being sent without you initiating them

More Related Content

PPTX
Lecture 2-1.pptx Lec 04 Risk Management.pptxLec 04 Risk Management.pptxLec 04...
1230200206
 
PPTX
Computer virus
sajeena81
 
DOCX
Types of Malware.docx
SarahReese14
 
PPTX
Malware part 1
ShouaQureshi
 
PPTX
lecture-11-30052022-103626am.pptx
Zarwashgulrez
 
PPTX
Malware ppt final.pptx
LakshayNRReddy
 
PPTX
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
 
PPTX
MALWARE
Anupam Das
 
Lecture 2-1.pptx Lec 04 Risk Management.pptxLec 04 Risk Management.pptxLec 04...
1230200206
 
Computer virus
sajeena81
 
Types of Malware.docx
SarahReese14
 
Malware part 1
ShouaQureshi
 
lecture-11-30052022-103626am.pptx
Zarwashgulrez
 
Malware ppt final.pptx
LakshayNRReddy
 
Security threats and attacks in cyber security
Shri ramswaroop college of engineering and management
 
MALWARE
Anupam Das
 

Similar to SECURITY THREATS.pptx SECURITY THREATS.pptx (20)

PPT
list of Deception as well as detection techniques for maleware
AJAY VISHKARMA
 
PPTX
NS 2.pptx
ChSheraz3
 
PPTX
MALWARES.pptx
jeffautor15
 
PPTX
Computer-software (1).pptx
JohnRebenRequinto1
 
PPTX
Types of Malwares, Information security.
NandanaV18
 
PDF
CS111-PART 7 (MALWARE).pdf
Kakai Catalan
 
PPTX
Malware
Anoushka Srivastava
 
DOCX
External threats to information system: Malicious software and computer crimes
Souman Guha
 
PPTX
Computer viruses
Dark Side
 
PPTX
NETWORK SECURITY THREATS - POWERPOINT PRESENTATION
abdumujeeb2007
 
PPTX
Malware Applications Development.pptx
FullstackSRM
 
PPTX
Malware part 2
ShouaQureshi
 
PDF
Module 5.pdf
Sitamarhi Institute of Technology
 
PDF
Module 5.Malware
Sitamarhi Institute of Technology
 
PPTX
Lect 3 INFORMATION SYSTEMS SECURITY THREATS.pptx
PapillonHonoxVejeh
 
DOC
Chapter 2- Computer Threat.docChapter 2- Computer Threat.doc
WabiTiki
 
PPT
Malwares
Ishaq Ticklye
 
PDF
Common Malware Types Vulnerability Management
Muhammad FAHAD
 
PPTX
MALWARE / VIRUS AND WORMS CHARACTERISTICS
nascramaprabhacs1
 
PPTX
MALWARE UNIT II PPT .pptx ..The unit covers about virus and worms and its fu...
nascramaprabhacs1
 
list of Deception as well as detection techniques for maleware
AJAY VISHKARMA
 
NS 2.pptx
ChSheraz3
 
MALWARES.pptx
jeffautor15
 
Computer-software (1).pptx
JohnRebenRequinto1
 
Types of Malwares, Information security.
NandanaV18
 
CS111-PART 7 (MALWARE).pdf
Kakai Catalan
 
Malware
Anoushka Srivastava
 
External threats to information system: Malicious software and computer crimes
Souman Guha
 
Computer viruses
Dark Side
 
NETWORK SECURITY THREATS - POWERPOINT PRESENTATION
abdumujeeb2007
 
Malware Applications Development.pptx
FullstackSRM
 
Malware part 2
ShouaQureshi
 
Module 5.pdf
Sitamarhi Institute of Technology
 
Module 5.Malware
Sitamarhi Institute of Technology
 
Lect 3 INFORMATION SYSTEMS SECURITY THREATS.pptx
PapillonHonoxVejeh
 
Chapter 2- Computer Threat.docChapter 2- Computer Threat.doc
WabiTiki
 
Malwares
Ishaq Ticklye
 
Common Malware Types Vulnerability Management
Muhammad FAHAD
 
MALWARE / VIRUS AND WORMS CHARACTERISTICS
nascramaprabhacs1
 
MALWARE UNIT II PPT .pptx ..The unit covers about virus and worms and its fu...
nascramaprabhacs1
 
Ad

More from anovalexter (20)

PPTX
SAFETY, SECURITY AND ETHICS.ppttttttxxxx
anovalexter
 
PPTX
C5 L1 ON BECOING A GLOBAL TEACHER.pptxxx
anovalexter
 
PPTX
C5 L2 A closer Look at the Teachers and the Teaching Profession in the ASEAN ...
anovalexter
 
PPTX
C5 L3 THE CHANGING GLOBAL LANDSCAPE FOR THE 21ST CENTURY TEACHERS.pptx
anovalexter
 
PPTX
WORKING WITH DATA.pptx WORKING WITH DATA.pptx
anovalexter
 
PPTX
EDITING FIELDS AND THEIR PROPERTIES.pptx
anovalexter
 
PPTX
C2 L2 The Demands of Society from the Teacher as.pptx
anovalexter
 
PPTX
MANMADE SYSTEMS.pptx MANMADE SYSTEMS.pptxMANMADE SYSTEMS.pptx
anovalexter
 
PPTX
Installers Preparation and OS.pptx pptxx
anovalexter
 
PPTX
Protect Your Computer From Viruses, Hackers,.pptx
anovalexter
 
PPTX
APPLICATION.pptx APPLICATION.pptx APPLICATION.pptx
anovalexter
 
PPTX
DATA BREACHES.pptx DATA BREACHES.pptx DATA BREACHES.pptx
anovalexter
 
PPTX
SAFETY AND SECURITY.pptx SAFETY AND SECURITY.pptx
anovalexter
 
PPTX
teachingprofession-191218072030.pptxpptx
anovalexter
 
PPTX
THE-TEACHING-PROFESSION.pptx PROFESSION.
anovalexter
 
PPT
550567370-Work-Purposes.ppt Purposes.ppt
anovalexter
 
PDF
art appreciation.pdf art appreciation.pdf
anovalexter
 
PPTX
C2 L1 The Demands of Society from the Teacher as.pptx
anovalexter
 
PPTX
INFORMATION SYSTEMS, INFORMATION TECHNOLOGY AND COMPUTER SCIENCE.pptx
anovalexter
 
PPTX
INTERNET.pptx INTERNET.pptx INTERNET.ppt
anovalexter
 
SAFETY, SECURITY AND ETHICS.ppttttttxxxx
anovalexter
 
C5 L1 ON BECOING A GLOBAL TEACHER.pptxxx
anovalexter
 
C5 L2 A closer Look at the Teachers and the Teaching Profession in the ASEAN ...
anovalexter
 
C5 L3 THE CHANGING GLOBAL LANDSCAPE FOR THE 21ST CENTURY TEACHERS.pptx
anovalexter
 
WORKING WITH DATA.pptx WORKING WITH DATA.pptx
anovalexter
 
EDITING FIELDS AND THEIR PROPERTIES.pptx
anovalexter
 
C2 L2 The Demands of Society from the Teacher as.pptx
anovalexter
 
MANMADE SYSTEMS.pptx MANMADE SYSTEMS.pptxMANMADE SYSTEMS.pptx
anovalexter
 
Installers Preparation and OS.pptx pptxx
anovalexter
 
Protect Your Computer From Viruses, Hackers,.pptx
anovalexter
 
APPLICATION.pptx APPLICATION.pptx APPLICATION.pptx
anovalexter
 
DATA BREACHES.pptx DATA BREACHES.pptx DATA BREACHES.pptx
anovalexter
 
SAFETY AND SECURITY.pptx SAFETY AND SECURITY.pptx
anovalexter
 
teachingprofession-191218072030.pptxpptx
anovalexter
 
THE-TEACHING-PROFESSION.pptx PROFESSION.
anovalexter
 
550567370-Work-Purposes.ppt Purposes.ppt
anovalexter
 
art appreciation.pdf art appreciation.pdf
anovalexter
 
C2 L1 The Demands of Society from the Teacher as.pptx
anovalexter
 
INFORMATION SYSTEMS, INFORMATION TECHNOLOGY AND COMPUTER SCIENCE.pptx
anovalexter
 
INTERNET.pptx INTERNET.pptx INTERNET.ppt
anovalexter
 
Ad

Recently uploaded (20)

PPTX
Odoo 18 Sales_ Managing Quotation Validity
Celine George
 
PDF
BÀI TẬP TEST BỔ TRỢ THEO TỪNG CHỦ ĐỀ CỦA TỪNG UNIT KÈM BÀI TẬP NGHE - TIẾNG A...
Nguyen Thanh Tu Collection
 
PDF
Virat Kohli- the Pride of Indian cricket
kushpar147
 
PPTX
Measures_of_location_-_Averages_and__percentiles_by_DR SURYA K.pptx
Surya Ganesh
 
PPTX
Tips Management in Odoo 18 POS - Odoo Slides
Celine George
 
PPTX
Kanban Cards _ Mass Action in Odoo 18.2 - Odoo Slides
Celine George
 
PDF
Review of Related Literature & Studies.pdf
Thelma Villaflores
 
PDF
Sunset Boulevard Student Revision Booklet
jpinnuck
 
PDF
The Minister of Tourism, Culture and Creative Arts, Abla Dzifa Gomashie has e...
nservice241
 
PDF
1.Natural-Resources-and-Their-Use.ppt pdf /8th class social science Exploring...
Sandeep Swamy
 
PPTX
Five Point Someone – Chetan Bhagat | Book Summary & Analysis by Bhupesh Kushwaha
Bhupesh Kushwaha
 
PPTX
Trends in pediatric nursing .pptx
AneetaSharma15
 
PDF
The-Invisible-Living-World-Beyond-Our-Naked-Eye chapter 2.pdf/8th science cur...
Sandeep Swamy
 
PDF
Antianginal agents, Definition, Classification, MOA.pdf
Prerana Jadhav
 
PDF
Types of Literary Text: Poetry and Prose
kaelandreabibit
 
PPTX
Python-Application-in-Drug-Design by R D Jawarkar.pptx
Rahul Jawarkar
 
PPTX
Information Texts_Infographic on Forgetting Curve.pptx
Tata Sevilla
 
PPTX
How to Manage Leads in Odoo 18 CRM - Odoo Slides
Celine George
 
PPTX
PPTs-The Rise of Empiresghhhhhhhh (1).pptx
academysrusti114
 
PDF
RA 12028_ARAL_Orientation_Day-2-Sessions_v2.pdf
Seven De Los Reyes
 
Odoo 18 Sales_ Managing Quotation Validity
Celine George
 
BÀI TẬP TEST BỔ TRỢ THEO TỪNG CHỦ ĐỀ CỦA TỪNG UNIT KÈM BÀI TẬP NGHE - TIẾNG A...
Nguyen Thanh Tu Collection
 
Virat Kohli- the Pride of Indian cricket
kushpar147
 
Measures_of_location_-_Averages_and__percentiles_by_DR SURYA K.pptx
Surya Ganesh
 
Tips Management in Odoo 18 POS - Odoo Slides
Celine George
 
Kanban Cards _ Mass Action in Odoo 18.2 - Odoo Slides
Celine George
 
Review of Related Literature & Studies.pdf
Thelma Villaflores
 
Sunset Boulevard Student Revision Booklet
jpinnuck
 
The Minister of Tourism, Culture and Creative Arts, Abla Dzifa Gomashie has e...
nservice241
 
1.Natural-Resources-and-Their-Use.ppt pdf /8th class social science Exploring...
Sandeep Swamy
 
Five Point Someone – Chetan Bhagat | Book Summary & Analysis by Bhupesh Kushwaha
Bhupesh Kushwaha
 
Trends in pediatric nursing .pptx
AneetaSharma15
 
The-Invisible-Living-World-Beyond-Our-Naked-Eye chapter 2.pdf/8th science cur...
Sandeep Swamy
 
Antianginal agents, Definition, Classification, MOA.pdf
Prerana Jadhav
 
Types of Literary Text: Poetry and Prose
kaelandreabibit
 
Python-Application-in-Drug-Design by R D Jawarkar.pptx
Rahul Jawarkar
 
Information Texts_Infographic on Forgetting Curve.pptx
Tata Sevilla
 
How to Manage Leads in Odoo 18 CRM - Odoo Slides
Celine George
 
PPTs-The Rise of Empiresghhhhhhhh (1).pptx
academysrusti114
 
RA 12028_ARAL_Orientation_Day-2-Sessions_v2.pdf
Seven De Los Reyes
 

SECURITY THREATS.pptx SECURITY THREATS.pptx

  • 2. SECURITY THREATS • Computer security threats are potential threats to your computer’s efficient operation and performance. These could be harmless adware or dangerous trojan infection. As the world becomes more digital, computer security concerns are always developing. A threat in a computer system is a potential danger that could jeopardize your data security. At times, the damage is irreversible.
  • 3. TYPES OF THREATS •A security threat is a threat that has the potential to harm computer systems and organizations. The cause could be physical, such as a computer containing sensitive information being stolen. It’s also possible that the cause isn’t physical, such as a viral attack.
  • 4. TYPES OF THREATS 1. Physical Threats - cause damage to computer systems hardware and infrastructure. Examples include theft, vandalism through to natural disasters.
  • 5. TYPES OF THREATS 2. Non-physical threats: A non-physical threat is a potential source of an incident that could result in: • Hampering of the business operations that depend on computer systems. • Sensitive – data or information loss • Keeping track of other’s computer system activities illegally. • Hacking id & passwords of the users, etc.
  • 6. TYPES OF THREATS The non-physical threads can be commonly caused by: 1. Malware 2. Virus 3. Spyware 4. Worms 5. Trojan 6. Phishing 7. Key-loggers 8. Ransomware
  • 7. MALWARE Malware is intrusive software that is intentionally designed to cause damage to computers and computer systems. By contrast, software that causes unintentional damage is usually referred to as a software bug.
  • 8. TYPES OF MALWARE 1. Adware - a contraction of ‘advertising- supported software’, displays unwanted and sometimes malicious advertising on a computer screen or mobile device, redirects search results to advertising websites, and captures user data that can be sold to advertisers without the user's consent. Not all adware is malware, some is legitimate and safe to use.
  • 9. ADWARE Adware examples: • Fireball – Fireball hit the headlines in 2017 when an Israeli software company discovered that 250 million computers and one-fifth of the corporate networks worldwide were infected with it. When Fireball affects your computer, it takes over your browser. It changes your homepage to a fake search engine – Trotus – and inserts obtrusive ads into any webpage you visit. It also prevents you from modifying your browser settings.
  • 10. ADWARE Adware examples: • Appearch – Appearch is another common adware program that acts as a browser hijacker. Usually bundled with other free software, it inserts so many ads into the browser that web browsing becomes very difficult. When you attempt to visit a website, you're taken to Appearch.info instead. If you manage to open a web page, Appearch converts random blocks of text into links, so when you select the text, a pop-up invites you to download software updates.
  • 11. TYPES OF MALWARE 2. Spyware is a form of malware that hides on your device, monitors activity, and steals sensitive information like financial data, account information, logins, and more. Spyware can spread by exploiting software vulnerabilities or else be bundled with legitimate software or in Trojans.
  • 12. SPYWARE Spyware examples: •CoolWebSearch – This program took advantage of the security vulnerabilities in Internet Explorer to hijack the browser, change the settings, and send browsing data to its author.
  • 13. SPYWARE Spyware examples: •Gator – Usually bundled with file-sharing software like Kazaa, this program monitors the victim’s web surfing habits and uses the information to serve them with specific ads.
  • 14. TYPES OF MALWARE RANSOMWARE AND CRYTO-MALWARE 3. Ransomware is malware designed to lock users out of their system or deny access to data until a ransom is paid. Crypto-malware is a type of ransomware that encrypts user files and requires payment by a specific deadline and often through a digital currency such as Bitcoin. Ransomware has been a persistent threat for organizations across industries for many years now. As more businesses embrace digital transformation, the likelihood of being targeted in a ransomware attack has grown considerably.
  • 15. RANSOMWARE AND CRYTO-MALWARE Ransomware examples: • CryptoLocker is a form of malware prevalent in 2013 and 2014 which cyber criminals used to gain access to and encrypt files on a system. Cybercriminals used social engineering tactics to trick employees into downloading the ransomware onto their computers, infecting the network. Once downloaded, CryptoLocker would display a ransom message offering to decrypt the data if a cash or Bitcoin payment was made by the stated deadline. While the CryptoLocker ransomware has since been taken down, it is believed that its operators extorted around three million dollars from unsuspecting organizations.
  • 16. RANSOMWARE AND CRYTO-MALWARE Ransomware examples: •Phobos malware – a form of ransomware that appeared in 2019. This strain of ransomware is based on the previously known Dharma (aka CrySis) family of ransomware.
  • 17. TYPES OF MALWARE 4. Trojan (or Trojan Horse) disguises itself as legitimate software to trick you into executing malicious software on your computer. Because it looks trustworthy, users download it, inadvertently allowing malware onto their device. Trojans themselves are a doorway. Unlike a worm, they need a host to work. Once a Trojan is installed on a device, hackers can use it to delete, modify or capture data, harvest your device as part of a botnet, spy on your device, or gain access to your network.
  • 18. TROJAN Trojan examples: •Qbot malware, also known as 'Qakbot' or 'Pinkslipbot', is a banking Trojan active since 2007 focused on stealing user data and banking credentials. The malware has evolved to include new delivery mechanisms, command and control techniques, and anti-analysis features.
  • 19. TROJAN Trojan examples: •TrickBot malware —first identified in 2016—is a Trojan developed and operated by sophisticated cybercrime actors. Originally designed as a banking Trojan to steal financial data, TrickBot has evolved into modular, multi-stage malware that provides its operators with a full suite of tools to carry out numerous illegal cyber activities.
  • 20. TYPES OF MALWARE 5. WORMS, spread over computer networks by exploiting operating system vulnerabilities. A WORM is a standalone program that replicates itself to infect other computers without requiring action from anyone. Since they can spread fast, worms are often used to execute a payload—a piece of code created to damage a system. Payloads can delete files on a host system, encrypt data for a ransomware attack, steal information, delete files, and create botnets.
  • 21. WORM Worm example: • SQL Slammer was a well-known computer worm that did not use traditional distribution methods. Instead, it generated random IP addresses and sent itself out to them, looking for those not protected by antivirus software. Soon after it hit in 2003, the result was more than 75,000 infected computers unknowingly involved in DDoS attacks on several major websites. Though the relevant security patch has been available for many years now, SQL Slammer nevertheless experienced a resurgence in 2016 and 2017.
  • 22. TYPES OF MALWARE 6. VIRUS is a piece of code that inserts itself into an application and executes when the app is run. Once inside a network, a virus may be used to steal sensitive data, launch DDoS attacks, or conduct ransomware attacks. Usually spread via infected websites, file sharing, or email attachment downloads, a virus will lie dormant until the infected host file or program is activated. Once that happens, the virus can replicate itself and spread through your systems.
  • 23. VIRUS Virus example: • Stuxnet – Stuxnet appeared in 2010 and was widely believed to have been developed by the US and Israeli governments to disrupt Iran’s nuclear program. Spread via a USB thumb drive, it targeted Siemens industrial control systems, causing centrifuges to fail and self- destroy at a record rate. It’s believed that Stuxnet infected over 20,000 computers and ruined one-fifth of Iran's nuclear centrifuges – setting its program back years.
  • 24. TYPES OF MALWARE 7. Keyloggers A keylogger is a type of spyware that monitors user activity. Keyloggers can be used for legitimate purposes – for example, families who use them to keep track of their children's online activity or organizations which use them to monitor employee activity. However, when installed for malicious purposes, keyloggers can be used to steal password data, banking information, and other sensitive information. Keyloggers can be inserted into a system through phishing, social engineering, or malicious downloads.
  • 25. KEYLOGGER Keylogger example: •In 2017, a University of Iowa student was arrested after installing keyloggers on staff computers to steal login credentials to modify and change grades. The student was found guilty and sentenced to four months i n prison .
  • 26. BOTS AND BOTNETS Bots and botnets • A bot is a computer that has been infected with malware so it can be controlled remotely by a hacker. The bot – sometimes called a zombie computer – can then be used to launch more attacks or become part of a collection of bots called a botnet. Botnets can include millions of devices as they spread undetected. Botnets help hackers with numerous malicious activities, including DDoS attacks, sending spam and phishing messages, and spreading other types of malware.
  • 27. BOTS AND BOTNETS Botnet examples: • Andromeda malware – The Andromeda botnet was associated with 80 different malware families. It grew so large that it was at one point infecting a million new machines a month, distributing itself via social media, instant messaging, spam emails, exploit kits, and more. The operation was taken down by the FBI, Europol's European Cybercrime centre, and others in 2017 – but many PCs continued to be infected.
  • 28. BOTS AND BOTNETS Botnet examples: • Mirai – In 2016, a massive DDoS attack left much of the US East Coast without internet access. The attack, which authorities initially feared was the work of a hostile nation- state, was caused by the Mirai botnet. Mirai is a type of malware that automatically finds Internet of Things (IoT) devices to infect and conscripts them into a botnet. From there, this IoT army can be used to mount DDoS attacks in which a firehose of junk traffic floods a target's servers with malicious traffic. Mirai continues to cause trouble today.
  • 30. TYPES OF MALWARE PUPs – which stands for ‘potentially unwanted programs’ – are programs that may include advertising, toolbars, and pop- ups that are unrelated to the software you downloaded. Strictly speaking, PUPs are not always malware – PUP developers point out that their programs are downloaded with their users’ consent, unlike malware.
  • 31. PUPs PUPs – which stands for ‘potentially unwanted programs’ – are programs that may include advertising, toolbars, and pop-ups that are unrelated to the software you downloaded. Strictly speaking, PUPs are not always malware – PUP developers point out that their programs are downloaded with their users’ consent, unlike malware.
  • 32. PUPs PUP malware example: •Mindspark malware – this was an easily installable PUP which ended up on users’ machines without them noticing the download. Mindspark can change settings and trigger behavior on the device without the user’s knowledge. It is notoriously difficult to eliminate.
  • 33. HYBRID Hybrid malware example: • In 2001, a malware developer calling himself ‘Lion’ released a hybrid malware — a worm/rootkit combination. Rootkits allow hackers to manipulate operating system files, while worms are powerful vectors for rapidly spreading code pieces. This malicious combination caused havoc: it inflicted damage on more than 10,000 Linux systems. Worm/rootkit combination malware was explicitly designed to exploit the vulnerabilities in Linux systems.
  • 34. Fileless malware examples: •Frodo, Number of the Beast, and The Dark Avenger were all early examples of this type of malware.
  • 35. Logic bombs • Logic bombs are a type of malware that will only activate when triggered, such as on a specific date and time or on the 20th log-on to an account. Viruses and worms often contain logic bombs to deliver their payload (i.e., malicious code) at a pre-defined time or when another condition is met. The damage caused by logic bombs varies from changing bytes of data to making hard drives unreadable.
  • 36. LOGIC BOMBS Logic bomb example: •In 2016, a programmer caused spreadsheets to malfunction at a branch of the Siemens corporation every few years, so that they had to keep hiring him back to fix the problem. In this case, nobody suspected anything until a coincidence forced the malicious code out into the open.
  • 37. How does malware spread? The most common ways in which malware threats can spread include: • Email: If your email has been hacked, malware can force your computer to send emails with infected attachments or links to malicious websites. When a recipient opens the attachment or clicks the link, the malware is installed on their computer, and the cycle repeats. • Physical media: Hackers can load malware onto USB flash drives and wait for unsuspecting victims to plug them into their computers. This technique is often used in corporate espionage. • Pop-up alerts: This includes fake security alerts which trick you into downloading bogus security software, which in some cases can be additional malware.
  • 38. How does malware spread? • Vulnerabilities: A security defect in software can allow malware to gain unauthorized access to the computer, hardware, or network. • Backdoors: An intended or unintended opening in software, hardware, networks, or system security. • Drive-by downloads: Unintended download of software with or without knowledge of the end-user. • Privilege escalation: A situation where an attacker obtains escalated access to a computer or network and then uses it to launch an attack.
  • 39. Signs of a malware infection If you’ve noticed any of the following, you may have malware on your device: • A slow, crashing, or freezing computer • The infamous ‘blue screen of death’ • Programs opening and closing automatically or altering themselves • Lack of storage space • Increased pop-ups, toolbars, and other unwanted programs • Emails and messages being sent without you initiating them

Editor's Notes

  • #2: JEOPARDIZE - into a situation in which there is a danger of loss, harm, or failure.
  • #5:  HAMPERING - to slow down, disrupt, or obstruct its operation or progress. For example, an outdated computer system can hamper a company's productivity.
  • #14: Bitcoin is a digital currency -- also called cryptocurrency -- that can be traded for goods or services with vendors that accept Bitcoin as payment.
  • #20: One of the most common types of malware
  • #33: Today, most malware is a combination of different types of malicious software, often including parts of Trojans and worms and occasionally a virus. Usually, the malware program appears to the end-user as a Trojan, but once executed, it attacks other victims over the network like a worm.