Security + Course Notes

Threats, Attacks & Vulnerabilities

Malware

• Malicious software; Broad term; there are many kinds of malware.
• Viruses
• Cyrpto-malware
• Ransomware
• Worms
• Trojan Horse
• Rootkits
• Keyloggers
• Adware/Spyware
• Botnets

How do you get malware?

• These all work together.
• A worm takes advantage of a vulnerability. Or, installs malware that includes a remote-access backdoor. Bot may be installed later.
• Your computer must run a program.
  • Email link–Don’t Click Links!
  • Web page pop-ups
  • Drive-by download
  • Worm
• Your computer is vulnerable
• Operating System–keep updated! OS & applications.

Viruses & Worms

Viruses–malware that can reproduce itself; it doesn’t need you to click anything; it needs you to execute a program; Just simply running a program can spread a virus; Some viruses are invisible, some are annoying.

• May or may not cause problems.
• Anti-virus is very common.
  • Thousands of new viruses every week.
  • Is your signature file updated?
• Program Viruses
  • part of the application
• Boot sector Viruses
  • No OS needed.
• Script Viruses
  • operating system & browser based.
• Macro Viruses
  • Common in MS Office

Worms–malware that self-replicates; Doesn’t need the user to do anything. Uses the network as a transmission medium.

• Worms self-propogate and spread quickly.
• Can take over systems quickly!
• Firewalls & IDS/IPS can mitigate many worm infestations.
  • (But doesn’t help much once the worm gets inside.)

Ransomware & Crypto-Malware

• The most important computer asset is DATA!!!
• Data is held hostage until a ransom is paid.

Crypto-Malware

• the new generation of ransomware;
• encrypts everything except the O.S.
• User must pay for the decryption key
• User untraceable payment systems.
• An unfortunate use of public key cryptography.
• Always have an offline, separate backup; keep OS’s, applications, & anti-virus & anti-malware signatures up-to-date. (New attacks every hour!)