Security Threats and Security software

4 mins read

There are a lot of malicious computer programs which can harm your computer in different ways. All of them are designed in different ways or have different aims. Some of them are as follows:

  1. Virus – A virus is a malicious computer program that does some kind of harm to your computer, i.e. it may delete/alter some files or disable some hardware on your computer. It does so by altering one of your programs and inserting its own code there. Thus, whenever you run your (infected) program, the virus runs along with it. An antivirus program (also called an anti-malware program) removes such kind of viruses or malware.
  2. Trojan – A trojan is a malicious computer program that looks harmless on the outside but is actually malicious. The true intention of a trojan is hidden since the outwardly useful program will have some hidden code that will do the harm to your computer. Like a virus, it may delete/alter some files or disable some hardware on your computer.
  3. Backdoor – A backdoor a a program that resides on your computer and gives access to the hacker to control your computer as he wishes or do whatever he wants using your computer’s resources.
  4. Worm – A worm is a malicious computer program that replicates itself onto other computers. This replication may happen over a computer network or through physical devices like USB drives. It does not need any human intervention to spread itself and is programmed in such a way so as to spread itself. It may delete or alter files or disable some hardware on your computer or simple replicate itself over and over again so as to deplete the available resources on your computer.
  5. Malware – Any computer program that is designed to harm the data on a computer is known as a malware.
  6. Spyware – A spyware is a program that gathers personal information about your computer. Such information that is gathered may be obtained from the user’s computer without prior or explicit approval of the user and might also be transmitted to a website or email address. An anti-spyware program removes such programs.
  7. Ransomware – A ransomware is a program that will not allow you to access your files (either by hiding them in an obscure location or usually by encrypting them) and asks for ransom (usually in cryptocurrency these days since payments can thus be received anonymously).
  8. Keylogger – Keyloggers is a software that records what you type on your computer’s keyboard. Since they record whatever the you type, your various usernames and passwords might be compromised. Once the program records sensitive information that is being typed, the information may be transmitted to an online website or through email. An anti-keylogger detects any programs that might be listening to your keyboard input and disables/deletes them.
  9. Rootkit – A rootkit is a malicious computer program that hides its presence. While being hidden, they can delete/alter your files, allow a person to control your computer remotely, steal your data, disable your anti-virus, etc. Since rootkits are designed to exploit a particular vulnerability and custom rootkits can be programmed, there is no one program which can detect and delete all rootkits.
  10. Bootkit – A bootkit is a kind of a rootkit which targets your boot area (called Master Boot Record or MBR). MBR is what loads the computer’s operating system. When a bootkit infects a computer, it can infect the MBR and thus load into memory even before the Operating System loads and thus avoid any antivirus or anti-malware programs. This is the most dangerous type of malicious program.
  11. Denial of Service (DoS) – Since no computer has unlimited hardware, there are limitations on how much physical resources are available to a computer. A DoS attack on a computer will send a large number of unnecessary requests to the computer to process the sent data, and while the computer is busy processing such data, the actual requests by genuine users will be ignored or dropped thus denying them service.
  12. Distributed Denial of Service (DDoS) – When the DoS attack is made on a computer from various computers through a synchronized and distributed way, it is called a DDoS attack.
  13. Salami Slicing – In this attack, the attacker does multiple small damages to various devices or accounts. The damage to an individual machine or account will be an insignificant one and may not be easily noticeable. But considering the totality of account, the cumulative damage done in such an attack will be quite large. Salami slicing can also be done on a single device/account repeatedly. An example will be to hack into a banking system and siphon off Rs. 1 from 1,00,000 account rather than Rs. 1,00,000 from one single account.
  14. Social Engineering – This refers to the art of manipulating people so that they give you access to otherwise confidential information or perform actions which they otherwise would not have performed had this manipulation not been done. It can be in the form or an SMS, an email or a phone call or any other means of communication. Social engineering will usually include a compelling story or may touch upon an emotion of yours or bait you with a quid-pro-quo situation so that you perform the said action or reveal the required information.

Besides the above mentioned programs that remove corresponding malicious programs, some other useful programs are as follows:

  1. Firewall – A firewall is a software that monitors your internet traffic. If you connect your computer to internet, then there are some connections that your computer makes to other computers on the internet. Some of the computers might be trying to connect to your computer in an unwanted way (i.e. without any permission) and some applications on your computer might be trying to connect to the internet without your prior permission. Such connections are blocked by the firewall. Thus, a firewall basically acts as a filter for inbound and outbound computer connections. Modern day firewalls allow user the flexibility to define own rules apart from certain predefined rules that come with the firewall software. Such rules let the user deny/allow certain specific connections.
  2. Intrusion Detection System (IDS) – An intrusion detection system monitors a computer network for programs for suspicious activities that might indicate that there has been a breach in the network and some unauthorised access has been done. Usually, after detection of an intrusion, a full scan of all computers on the network should be done so as to detect any other malware that may have been installed after making the intrusion. Whenever an intrusion is detected, a notification is sent to the administrator so that he can take appropriate action.
  3. Intrusion Prevention System – Whereas an IDS simply detects an intrusion, an intrusion prevention system goes a step further tries to prevent the intrusion from happening. Now, the IPS system will be able to prevent such intrusion from known threats or may also flag off any partly suspicious connections.

For Wikipedia entry on Cybersecurity, click here.

For more posts on Cybersecurity, click here.

For more posts in The Cyber Cops project, click here.