Threats On The Internet
The Internet is an unlimited world of information that offers vast opportunities for communication, learning, organization of work, and leisure time. It is a massive database that is expanded every day and contains interesting information about users for intruders. There are two main types of threats that users can remain exposed to technical and social engineering.
Among the main technical threats against users are malware, botnets, and DoS and DDoS attacks.
The goal of malware is to damage your computer, server, or computer network. For example, they can corrupt, steal or erase the data stored on your computer, slow down or stop your device altogether. Malware often lurks in emails and messages with tempting offers from unknown people or companies, on pages of news sites, or other popular resources that contain vulnerabilities. When users access these sites, the malware enters the computer without being detected.
Malware also spreads via email, removable media, or files downloaded from the Internet. Emailed files or links can expose your device to infection.
Malware can also disguise itself as an audio or graphic message. For example, a lovely screensaver, which the user is often fond of, may turn out to be a Trojan (see below to find out what it is). Links that appear in pop-ups and advertisements on different websites may also contain viruses.
Malware Remains Made Up Of Viruses, Worms, And Trojans:
A virus is a computer program whose distinctive characteristic is the ability to reproduce (self-replicate) and infiltrate files, disk boot sectors, and inadvertently document to the user. The name of viruses concerning computer programs comes from biology precisely because of their ability to reproduce. Any virus found on the disk as an infected file is not dangerous until opened or run. It only takes effect when activated by the user. Viruses remain designed to replicate themselves, infecting computers and generally destroying files.
Worms are a type of virus. They live up to their name, as they spread by “crawling” from one device to another. Like viruses, they are self-replicating programs, and however, unlike viruses, worms do not require user assistance to spread. Find a loophole for yourself.
Trojans are malicious programs that stand deliberately implanted by cybercriminals to collect information, destroy or modify it, interrupt the computer’s performance, or use its resources for malicious purposes. This look like legitimate software and are not suspicious. In contrast to viruses, they remain designed to perform their functions. It is what cybercriminals count on: their goal is to create a program that users dare to run and use.
Attackers can infect a computer to become part of a botnet – a network of infected devices located around the world. In large botnets, there may be tens or hundreds of thousands of computers. Users are often unaware that their computers are infected with malware and are existence used by attackers. Botnets are created by distributing malicious programs in various ways. The infected machines then receive periodic commands from the botnet administrator so that coordinated actions by botnet computers can remain organized to attack other devices and means.
DoS And DDoS Attacks
The essence of a DoS attack is that an intruder tries to make a specific server temporarily unavailable, overloading the network, overloading the processor, or overflowing the disk. The purpose of the attack is to put the computer out of service, not get information, and seize all the victim computer’s resources so that other users do not have access to them. Resources include memory, processor time, disk space, network resources, etc.
A Dos Attack Can Be Carried Out In Two Ways.
In the first method, a DoS attack exploits the software installed on the attacked computer. The vulnerability allows causing an inevitable critical error, which will lead to a malfunction of the system.
In the second method, the attack is carried out by simultaneously sending many information packets to the attacked computer, causing the network to saturate.
If such an attack is carried out simultaneously from many computers, it is said to be a DDoS attack.
Attackers use a botnet, an exceptional network of computers infected with a particular type of virus, to organize DDoS attacks. The attacker can control each laptop remotely without the owner knowing. Using a virus or cleverly disguised legitimate program, malicious program code remain installed on the victim’s computer, undetected by antivirus software, and runs in the background. At the appropriate moment, at the command of the botnet owner, this program remains activated. It begins to send requests to the attacked server, filling the communication channel between the attacked service and the Internet service provider and making the server stop working.
Many attackers rely not only on technology but also on human weaknesses using social engineering. This complex term refers to obtaining the desired information, not through technical skills but simple deception, cunning. Social engineers use psychological techniques to influence people through email, social media, and instant messaging. Users voluntarily give up their data as a result of their skillful work, always not realizing they have remained misled.
In most cases, the fraudulent messages contain threats, such as the closure of users’ bank accounts, promises of huge profits with little or no effort, and requests for voluntary donations on behalf of charities. For example, a message from an attacker may say: “His account has remained blocked. To regain access to it, you will have to confirm the following information: phone number, email, and password. Send them to the email address”. Frequently, attackers do not leave the user time to think. For example, they ask to remain paid the same day the message remain received.
Phishing is the most popular means of attacking users and a social engineering technique. It is a specific type of deception on the Internet. Phishing aims to access sensitive data such as addresses, phone numbers, credit card numbers, user names, and passwords using fake web pages.
A phishing attack remains usually carried out in the following way: an email remains sent to the user requesting that they connect to Internet banking on behalf of an alleged bank employee. The email contains a link to a fake site that is difficult to distinguish from a real one. The user enters personal data on the affected area, and the intruder intercepts it. After obtaining personal data, you can, for example, obtain a loan in the user’s name. Withdraw money from your account and pay with your credit cards, withdraw money from your accounts or create a copy of a plastic card and use it to withdraw cash anywhere in the world.
[different kinds of online threats class 10]
[online threats examples]
[online threats and prevention from them]
[computer security threats and solutions]
[what is security threats and its types?]
[computer security threats and solutions pdf]
[internet threats ppt]
[internet threats pdf]