Technology in Action Chapter 9 PDF

Cybercrime is any criminal action perpetrated primarily through the use of a computer. Cybercriminals are individuals who use computers, networks, and the Internet to perpetrate crime. Four common categories of complaints received were FBI-related scams, identity theft, nonauction/non-delivery of merchandise, and advance fee fraud. Although the top four complaints all relate to some type of fraud, other complaints received involved equally serious matters such as computer intrusions—hacking—child pornography, and blackmail. 2 Identity theft occurs when a thief steals personal information and poses as you. It is the most financially damaging cybercrime for individuals. Types of scams include: Counterfeiting credit and debit cards Requesting changes of address Opening new credit cards Obtaining medical services Buying a home in your name and then reselling the house 3 A hacker is most commonly defined as anyone who unlawfully breaks into a computer system. There are numerous types of hackers: White-hat hackers break into systems for nonmalicious reasons such as to test system security vulnerabilities or to expose undisclosed weaknesses. Black-hat hackers break into systems to destroy information or for illegal gain. Grey-hat hackers illegally break into systems to flaunt their expertise or to attempt to sell their services in repairing security breaches. A packet analyzer (sniffer) is a program deployed by hackers that looks at (or sniffs) each packet as it travels on the Internet. A keylogger is a program that captures all keystrokes made on a computer. 4 A Trojan horse is a program that appears to be something useful or desirable but does something malicious in the background without your knowledge. Backdoor programs and rootkits are programs that allow hackers to gain access to your computer and take almost complete control of it without your knowledge. 5 A computer that a hacker controls is referred to as a zombie. Zombies are often used to launch denial-of-service attacks on other computers. In a denial-of-service attack, legitimate users are denied access to a system because a hacker is repeatedly making requests of that system through a computer the hacker has taken over as a zombie. A computer can handle only a certain number of requests for information at one time. When it is flooded with requests, it shuts down and refuses to answer any requests for information, even if the requests are from a legitimate user. A distributed denial-of-service (DDoS) attack launches DoS attacks from more than one zombie at the same time. A botnet is a large group of software running on zombie computers. 6 Exploit kits are software programs that run on servers searching for vulnerabilities. Logical ports are virtual, not physical, communications paths. 7 A virus is a program that attaches to a computer program to spread to other computers. Its main purpose is to replicate itself and copy its code into as many other host files as possible. Secondary objectives range from displaying annoying messages on the computer screen to destroying files or the contents of entire hard drives. Viruses can be destructive. Smartphones and tablets can be infected with viruses. 8 Viruses can come in many types: Boot-sector viruses replicates themselves onto a hard drive’s master boot record. A logic bomb is a virus that is triggered when certain logical conditions are met, such as opening a file or starting a program a certain number of times. A time bomb is a virus that is triggered by the passage of time or on a certain date. Worms work independently of host file execution and are much more active in spreading themselves. Script and macro viruses are a series of commands that are executed without one’s knowledge. E-mail viruses use the address book in the victim’s e-mail system to distribute themselves. When encryption or ransomware viruses infect a computer, they run a program that searches for types of data files and compresses them. You then receive a message that asks you to send payment to an account if you want to receive the program to decrypt your files. 9 Viruses can be classified by the methods they take to avoid detection: A polymorphic virus changes its code to avoid detection. Most polymorphic viruses infect a particular type of file. A multipartite virus is designed to infect multiple file types in an effort to fool the antivirus software that is looking for it. Stealth viruses temporarily erase their code from the files where they reside and hide in the active memory of the computer. 10 Malware is software that has a malicious intent. Adware displays unsponsored advertisements. Spyware is an unwanted program that downloads with other software from the Internet and runs in the background. Spyware transmits information about you. Many spyware programs use tracking cookies. A keystroke logger program monitors keystrokes. 11 Spam is unwanted or junk e-mail. A spam filter is an option you can select in your e-mail account that places known or suspected spam messages into a special folder. 12 Cookies are small text files that some websites automatically store on your hard drive when you visit them. Companies use this information to determine the traffic flowing through their website and the effectiveness of their marketing strategy. Cookies do not go through your hard drive in search of personal information. The main concern is that advertisers will use this information indiscriminately, thus invading your privacy. Cookies pose no security threat because it is virtually impossible to hide a virus or malicious software program in a cookie. 13 Social engineering is any technique using social skills to generate human interaction with the purpose of luring individuals to reveal sensitive information. Pretexting involves creating a scenario that sounds legitimate. 14 Phishing lures Internet users to reveal personal information. Pharming occurs when malicious code is planted on your computer. These guidelines help to avoid such schemes: Never reply directly to any e-mail asking for personal information. Don’t click on a link in an e-mail. Check with the company asking for information. Never give personal information over the Internet unless you know the site is secure. Use phishing filters. Use Internet security software that’s constantly being updated. 15 Scareware is a type of malware that downloads onto your computer and tries to convince you that your computer is infected with a virus or other type of malware. You’re then directed to a website where you can buy fake removal or antivirus tools that provide little or no value. Scareware is a social engineering technique because it uses people’s fear of computer viruses to convince them to part with their money. 16 A firewall is a software program or hardware device designed to protect computers from hackers. Both Windows and macOS include reliable firewalls. Windows Firewall displays the status of a firewall. 17 Antivirus protection is included in comprehensive Internet security packages such as Norton Security Suite or Trend Micro Internet Security. 18 Firewalls can be configured so that they filter out packets sent to specific logical ports in a process known as packet filtering. Firewalls can also be configured to completely refuse requests from the Internet asking for access to specific ports in a process known as logical port blocking. Firewalls use a process called network address translation to assign internal IP addresses on a network. 19 Antivirus software is specifically designed to detect viruses and protect your computer and files from harm. Symantec, Trend Micro, and Avast are among the companies that offer highly rated antivirus software packages. 20 A virus signature is a portion of the virus code that’s unique to a particular computer virus. Quarantining involves placing virus in a secure area so it won’t spread to other files. During inoculation, key attributes about your computer files are recorded and keep stats in secure place. 21 Many viruses exploit weaknesses in operating systems. This type of attack, known as a drive-by download, affects almost 1 in 1,000 web pages. To combat these threats, make sure your OS is up to date and contains the latest security patches. 22 You should create strong passwords—ones that are difficult for hackers to guess. Typically they should be at least eight characters and use uppercase, lowercase, numeric, and symbol characters. 23 A biometric authentication device is a device that reads a unique personal characteristic such as a fingerprint or the iris pattern in your eye and converts it to a digital code. Because no two people have the same biometric characteristics, these devices provide a high level of security. Other biometric devices, including voice authentication and facial recognition systems, are now widely offered in notebook computers, tablets, and smartphones. This figure shows Windows Hello, which brings facial recognition for login to laptops and mobile devices that have an integrated camera. 24

Technology in Action Chapter 9 PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue