A malicious attack is any attempt to take advantage of a computer or network through viruses or social engineering. In terms of computing, it is an electronic or physical action taken with the intent of acquiring, destroying or accessing the user’s information without authorization.
There are various types of malicious attacks which include; viruses, worms, Trojan horses, logic bombs, and phishing. Hereunder is a discussion of the above in greater details.
Firstly, viruses refer to programs that are capable of replicating themselves. These viruses spread from one computer to the other affecting the computer operation. They can also spread through internet downloads. The viruses corrupt or erase data on your computer. The second item in our discussion is computer worms. They are the type of viruses that do not need human aid to spread. Security failure on the target device leads to access by the worms since they do not have to attach to an existing program. Worms have an added advantage in that they do not affect the systems they pass through, thus making them hard to detect.
Use your promo and get a custom paper on
"Malicious Attacks And Viruses".
The other type of malicious attack is the Trojan horse, which causes loss and possible system harm. They often employ a form of social engineering, presenting themselves as genuine so as to persuade and entice computer users. They too are not easy to detect although the computer may appear to run slower. A computer may host a Trojan via a malicious program. Most of them spread through online services such as games and free applications. Following this are the logic bombs which exist in software that is originally malicious. The triggering of logic bombs occurs on occasions such as launching applications, specific dates or when a user fails to respond to a certain command.
Trap doors are also a common malware which provides a secret method of accessing an application, an operating system or an online service. Although they can serve debugging purposes and testing of programs, they become a threat when in use to gain access to computers or online services without permission. They do this bypassing normal authentication.
Lastly, phishing is also a malicious attack which directs a user to enter personal information at a counterfeit website which resembles an original one. It is common in social media for instance Twitter. Nevertheless, to curb the above attacks one can install an antivirus program and update it occasionally. Also, one should avoid downloading suspicious content or opening email links or attachments that are unknown.
Risks And Vulnerabilities
Risks are the potential consequences of unaddressed vulnerabilities while vulnerability is a weak spot in your network that might be taken advantage of by a security threat. Taking a case of failing to do Windows Updates on your Web server is vulnerability. Some of the risks that come along with vulnerability include loss of data and the prolonged time it takes to rebuild a server. Some examples of vulnerabilities include; USB Thumb drive, wireless access points, and email vulnerability.
USB thumb drive is a common way of interfering with a network from within a firewall. The ubiquity of the thumb drive has driven hackers to create malware for example Conficker worm which can execute automatically upon connection with a live USB port. Changing the computer`s default auto-run policies can be the solution to this.
Wireless access point- Wireless attacks by ward drivers are common and cause considerable damage. They are insecure irrespective of encryption. Use of strong passwords and frequently changing them is of the essence in minimizing this.
Lastly, Email injection is a security vulnerability which occurs in internal applications which sends email messages. It displays spam email with the user’s name in the subject line and a short message. It asks the user to follow the link given in which the link carries the virus and Trojan which will help the attacker to obtain sensitive personal information.
THREATS
In computer security, threat is a possible danger that the exploits weakens the security and cause possible harm while threat action is an assault on system security. These threats find a way to steals, harm, and annoy. One of them is spyware that spies on the victim`s computer and sends a report to the host. Mostly the work of it is to monitor the daily activities of the user, for example, your browser.
The other one is hacking which refers to an action undertaken to acquire access without authorization. It finds weaknesses in the computer`s security and provides a backdoor for hackers to enter and search for your data.
Pharming- It is a practice that redirects a website traffic to another thus enabling the attacker to change host`s name without one’s knowledge. Ransomware is another computer security threat. It restricts access to computer`s file displaying a message demanding for payment for the restriction access.
Lastly, spam is a security threat that involves of sending of fake messages using electronic messaging system especially in advertisements. It is usually common on email spam in blocks and wiki spam.
In order to prevent the above threats, one needs to install an antivirus that contain both the packaged and stand-alone products that offer additional security like firewall, anti-spyware tools and spam filter.
- Bergner, K., Deifel, B., Jacobi, C. Keller, W., Rausch, A., Sabbah, A., Schatz, B., Sihling, M., Vilbig A. & Vogel, S. 2002. The Future of Information Technology: an interdisciplinary, scenario-based approach. From Bayerischer Forshungverbund Software Engineering. Technical University of Munich. Munich. Germany.
- Fitzgerald, N. 2003. A Virus By Any Other Name: Virus Naming Revisited. Virus Bulletin – pp. 7-9. January 2003
- MCAFEE, J., & HAYNES, C. (1989). Computer viruses, worms, data diddlers, killer programs, and other threats to your system: what they are, how they work, and how to defend your PC, Mac, or mainframe. New York, St. Martin’s Press.
- VOLYNKIN, A. S. (2007). Advanced methods for detection of malicious software. Thesis (Ph. D.)–State University of New York at Binghamton, Electrical and Computer Engineering Department, Watson School, 2007. http://proxy.binghamton.edu/login?url=http://wwwlib.umi.com/dissertations/fullcit/3285803.
