Data Security Lecture 3 - PDF

Document Details

SensitiveMeter793

Uploaded by SensitiveMeter793

Dr. Soha Ahmed

Tags

data security cybersecurity malware computer security

Summary

This document is a lecture on data security, covering various cyberattacks. It details security hazards, including phishing, denial of service attacks, man-in-the-middle attacks and malware. The lecture discusses the different forms of malware including viruses, worms, Trojans, ransomware, spyware, and adware.

Full Transcript

# Data Security Lec - 3 ## Agenda * Security Hazards (Attacks) ## Security Hazards (Attacks) Security attacks are a harmful and intentional attempt made by a person or an organization to gain access to another person's or organization's information system. ### Phishing Attack #### What is Phis...

# Data Security Lec - 3 ## Agenda * Security Hazards (Attacks) ## Security Hazards (Attacks) Security attacks are a harmful and intentional attempt made by a person or an organization to gain access to another person's or organization's information system. ### Phishing Attack #### What is Phishing? Phishing is common type of cyberattack that targets individuals through email, text messages, phone calls, and other forms of communication. A phishing attack aims to trick the recipient into falling for the attacker's desired action, such as revealing financial information, system login credentials, or other sensitive information. As a popular form of social engineering, phishing involves psychological manipulation and deception whereby threat actors masquerade as reputable entities to mislead users into performing specific actions. These actions often involve clicking malicious links to fake websites, downloading and installing malicious files, and divulging private information like bank account numbers or credit card information. - Examine the emails you get carefully. Most phishing emails contain serious issues including spelling faults and style differences from emails from reliable sources. - Use a toolbar that detects phishing attempts. - Regularly change your passwords. ### Denial of Service (DOS) Attack A DOS (Denial of Service) attack is a cyberattack that makes a computer or other device unavailable to its intended users. This is usually accomplished by overwhelming the targeted machine with requests until normal traffic can no longer be processed. With a DOS attack, a single computer launches the attack. This differs from a DDoS (distributed denial-of-service) attack in which multiple systems simultaneously overwhelm a targeted system. **DoS attack** - Attack from single system **DDoS attack** - Multiple attacks from multiple systems in distributed locations - Analyze the traffic to find malicious traffic. Recognize the warning signals, such as network lag and periodic website crashes. In such situations, the organization needs to act right away. - Make sure your team and data center are prepared to manage a DDoS attack by creating an incident response strategy, keeping a checklist, and more. - Make Contract with cloud-based service providers to to prevent DDoS. ### Man in the Middle (MITM) Attack An eavesdropping attack is often referred to as a man in the middle attack (MITM). In this attack, the attacker hijacks the session between a client and host by interfering with two-party communication. Hackers steal and modify data in this way. - An attacker installs a packet sniffer to detect any insecure network traffic. - Once the user logs into the insecure website, the attacker sends them to a fake website. - The fake website mimics the original website and collect all the users' data that the attacker can use it in the original website. **Types of MITM Attacks** - IP Spoofing - DNS Spoofing - HTTP Spoofing - Email Hijacking - WiFi eavesdropping #### Spoofing Spoofing involves faking one's identity and can be used for various attacks and spread malwares. ### SQL Injection Attack When a hacker modifies a typical SQL query on a database-driven website, it results in a structured query language (SQL) injection attack. It is spread by inserting malicious code into a search box on a vulnerable website, forcing the server to release vital information. This gives the attacker access to read, modify, and remove databases' tables. Through this, attackers may also get administrative powers. ### Malware Attacks #### What is Malware? This is one of the most common types of cyberattacks. "Malware" refers to malicious software. Malicious software damages or disables computer systems. It gives the attacker limited or full control of the system. #### Ways a malware gets into a system - Instant Messages - Browser & email software bugs - Removable Devices - Fake Programs #### Malware Distributing Techniques - Social Engineered click-jacking - Malvertising - Drive-by Downloads - Compromised Legitimate Websites #### Malware Attacks - VIRUSES A computer virus is a type of malware that attaches to another program (like a document), which can replicate and spread after a person first runs it on their system. For instance, you could receive an email with a malicious attachment. Open the file unknowingly, and then the computer virus runs on your computer. Viruses are harmful and can destroy data, slow down system resources, and log keystrokes. #### Virus Characteristics - Encrypt itself - Transform itself - Corrupt Files - Infect other programs - Alters Data #### Stages of Virus Life - Design - Replication - Launch - Detection - Incorporation - Elimination #### Virus Infection Phase - In the infection phase, the virus replicates itself and attaches to an .exe file in the system. #### Virus Attack Phase - Trigger events to activate and corrupt systems. - Infect each time they are run based on a predefined condition: time, or particular event. #### Indications of Virus Attack - Error loading operating system - Unable to load OS - Drive label changes - Computer beeps with no display - Computer slows down - Anti-virus alerts - Browser window freezes #### How computer gets infected by Viruses - Infected email attachments - Pirated software - Infected plug-ins - No anti-virus app #### Virus Hoaxes and Fake Antiviruses - False warnings about computer viruses that don't exist. - Disguise malwares as an antivirus to damage target systems. #### Malware Attacks - WORMS A worm is a stand-alone program that will scan a network for hosts that might have a specific vulnerability. Payload, typically malware, is dropped on the target. - If the computer has the vulnerability, the worm will deliver explicit code to the machine, exercising the vulnerability and allowing a "payload" to be executed on the target. - The worm will also have code to replicate itself and attempt to infect other machines on the local network or jump back to the internet in search of more targets. #### Examples of Malware: Worm - Malicious programs that, replicate, execute, and spread across the network without human interaction. - Consume computing resources, consume network bandwidth, damage the host system. - Attackers use worm payload to install backdoors. Infected computers turns into zombies (botnet) for further attacks. #### Worm vs. Virus - Replicates itself on its own - Doesn't require human interaction - Spreads through the infected network automatically - Transmitted via downloads, drives, or emails. - Can't be spread without human interaction. #### Malware Attacks - TROJAN HORSES A Trojan Horse (Trojan) is a type of malware that *masquerades itself* as legitimate code or software. Once inside the network, attackers can carry out any action that a legitimate user could perform, such as exporting files, modifying data, deleting files, or otherwise altering the contents of the device. Trojans may be packaged in downloads for games, tools, apps, or even software patches. #### How to Infect the System with a Trojan - Create a trojan using a trojan horse construction kit. - Create a dropper to install the malicious code. - Create a wrapper to install the trojan on victim's system. - Propagate the trojan. - Execute the dropper. - Execute the damage routine. #### How Hackers Use Trojans - Use victim's PC as a botnet. - Record screenshots, video of victim's PC - Create a backdoor. - Disable the firewall and antivirus. - Delete or disable files - Generate fake traffic for DoS attack #### Malware Attacks - RANSOMWARE Ransomware is a type of malware that *prevents or limits* users from accessing their system, either by *locking the* system's screen *or* by locking the users' files *until a ransom* is paid. #### Malware Attacks - SPYWARE Spyware is defined as malicious software designed to enter your computer device, gather data about you, and forward it to a third-party without your knowledge. Spyware can also refer to legitimate software that monitors your data for commercial purposes like advertising. However, malicious spyware is explicitly used to profit from stolen data. Whether legitimate or based in fraud, spyware's surveillance activity leaves you open to data breaches and misuse of your private data. Spyware also affects network and device performance, slowing down daily user activities. #### Malware Attacks - ADWARE Adware is software that displays unwanted advertisements on a user's computer. While not always malicious in nature, some forms of adware can track users' activities and collect personal information without consent. #### Malware Attacks - BOTNET A botnet refers to a group of computers which have been infected by malware and have come under the control of a malicious actor. The term botnet is from the words "robot and "network"; each infected device is called a bot. Botnets are networks of compromised computers, often controlled by a central command-and-control server. These networks can be used for various malicious purposes, such as launching distributed denial-of-service (DDoS) attacks or sending spam emails. ## Reasons - Downloading - Visiting suspicious websites - Using public Wi-Fi - Clicking unverified links ## How to protect yourself - Install operating system updates and software patches. - Use firewalls to protect systems from malicious software. - Use antivirus software to prevent malicious software from running. - Never click on attachments or links in emails or other messaging applications that might expose systems to malicious software. - Never click on the pop-up weird advertisements. - Make a cloud backup for your data. - Use VPN (FOR ENCRYPTED DATA TRANSMISSION) - Use SECURE HTTP (HTTPS) # Thank you

Use Quizgecko on...
Browser
Browser