Computer Security

Introduction

Computers are susceptible to all sorts of attacks by hackers who want your information. This could be personal information like credit card numbers, social security numbers, names, addresses, or anything else that you could have typed in using your computer. Do not think that people cannot get what you typed into a web page (ex: you type your credit card number into an online retailer and a hacker could spy on what you inputted into that page). Sometimes its not just to steal your identity. Hackers can just infultrate your computer to corrupt your computer and destroy all your files and programs. Even worse, hackers could infultrate your computer with a virus that uses your computer as a base for launching other attacks on other computers making you look like a bad guy.

There are lots of ways to protect your computer. The key is to understand what protection you need and to stay up-to-date with your scans and tools. We will cover in this lesson all the different forms of attacks as well as the many different programs you can use to keep yourself safe.

Types of Vulnerabilities

Viruses

A virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus is a very popular form of infultrating your computer. It can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable drive. Viruses can also spread to other computers by infecting files on a network file system or a file system that is accessed by another computer.

Viruses are thought of to be much like worms and trojan horses which are slightly different ways of attacking computers. A worm does not need to be transfered as part of a host in order to affect other computers. A trojan horse is also different in that it appears harmless even though it does the same damage as a virus.

While Windows is the most popular OS for viruses to run on, any OS that allows third-party programs to run can theoretically run viruses. Unix-basied OS's only allow their users to run executables within their protected space in their own directories which makes them more secure than Windows.

Spyware

Spyware is computer software that is installed onto a computer that takes partial control over the user's interaction with the computer without the user knowing. Spyware programs can collect various types of personal information, such as Internet surfing habit and sites that have been visited. It can also interfere with user control of the computer in other ways, such as installing additional software, redirecting web browser activity, accessing websites blindly that will cause more harmful viruses, or diverting advertising revenue to a third party. It can even change computer settings, making your connection speeds slower, changing your home pages, and possibly losing Internet or other programs.

Unlike viruses and worms, spyware does not usually self-replicate. Like many recent viruses; howevere, spyware exploits infected computers for commercial gain. Typical tactics furthering this goal include delivery of unsolicited pop-up advertisements, theft of personal information, monitoring of web-browsing activity for marketing purposes, or routing of websites to advertising sites.

Drive-by Downloads

A drive-by download is a form of spyware, virus, or any other kind of malware that is downloaded onto a users computer without any knowledge of the user. Specifically, this usually happens when a user visits a website, opens an email, or clicks on a pop-up which initiates the download. The provider claims that by going to that website, or by click on that email, or by clicking on that pop-up the user has consented to the download when in fact the user had no idea what was going to happen when they did that action. These types of attacks are extremely dangerous. They are disguised by all sorts of advertisements.

The best way to prevent against this kind of attack is to be CAREFUL. Do not open any email that you know is just junk and could contain something malicious. Use your pop-up blocker to prevent those pop-ups from even coming up in the first place. You really didn't win that free iPod your computer keeps trying to tell you that you did.

Rootkits

A rootkit is a program designed to take fundamental control of a computer system, without authorization by the system's owners and legitimate managers. Rootkits are intended to seize control of the OS rather than the hardware. Typically, rootkits act to obscure their presence on the system through subversion or evasion of standard OS security machanisms. They are generally also trojans which means they fool users into believing they are safe to run on their systems. Rootkits use techniques such as concealing running processes from monitor programs, or hiding files or system data from the OS. Rootkits are on of those attacks that exist on all different OSs. They often modify parts of the OS or install themselves as drivers or kernel modules.

Phishing

Phishing is a fraud where a person presents false infomation in order to get credit card numbers, Social Security numbers, or bank information. The most popular way of phishing is by sending out an email by acting as a legitimate party. You maybe wondering why people respond to these emails, but there are some that look exactly like the real thing. the crminals may also call you and ask for the infomation, acting like a bank.

Although all forms of phishing may not all be avoidable, there are some things you can do to minimize it. as you know, the most common way scammers do phishing is by sending out emails. the first thing to protect yourself is to never respond to an email asking for your passwords and account numbers. Banks and credit cards will never ask for that type of infomation. if you receive an email and it tells you to click on a link, never click on this link. the link could be a virus or try to lead you to a phishing site. even though it may look like a real site, don't fill anything out. another thing to do is to type out the URL to the secure sites you want to go on. You should always type it out manually because it is the best protection in trying to go to the site that you want. Never go to a site by a link because it could be altered to look like a secure site.

Security Programs

Antivirus

Antivirus software are computer programs that attempt to identify, neutralize or eliminate malicious software. Antivirus is so named because the earliest examples were designed exclusively to combat computer viruses; however most modern antivirus software is now designed to combat a wide range of threats, including worms, phising attacks, rootkits, trojan horses and other malware.

Antivirus software typically uses two different approaches to secure your computer of the threats mentioned above. It examines files to look for known viruses matching definitions in a virus dictionary. It also identifies suspicious behavior from a computer program which might indicate it is infected.

Anti-Spyware

In response to the emergence of spyware, a small industry has sprung up dealing in anti-spyware software. Running anti-spyware software has become a widely recognized element of computer security best practices. A number of techniques have emerged to counteract the threat. These include programs designed to remove or to block spyware, as well as various user practices which reduce the chance of getting spyware on a system. When a lot of spyware has infected a Windows computer, the only remedy may involve backing up user data, and fully reinstalling the OS.

Exercises

Worksheets

• Worksheet: Define Key Terms

Labs

• Research Protection Programs

References

• Wikipedia - Computer Insecurity
• Wikipedia - Computer Virus
• Wikipedia - Spyware
• Wikipedia - Drive-by download
• Wikipedia - Antivirus software
• Wikipedia - Phishing
• Wikipedia - Rootkit

Written By: Will Brady