28 Types of Computer Security Threats and Risks

28 Types of Computer Security Threats and Risks

There are many types of computer security threats in this world. Some are pretty harmful while some are totally harmless although annoying. There are also some which does not do any damage to your computer, but has the capability to empty the numbers in your bank account.

If you are really interested to find out these threats, I have 28 of them here and do get yourself a cup of coffee before you start.

The types of computer security threats

1. Trojan. Trojan is one of the most complicated threats among all. Most of the popular banking threats come from the Trojan family such as Zeus and SpyEye. It has the ability to hide itself from antivirus detection and steal important banking data to compromise your bank account. If the Trojan is really powerful, it can take over your entire security system as well. As a result, a Trojan can cause many types of damage starting from your own computer to your online account.

2. Virus. Looking at the technology 10 years back, Virus is something really popular. It is a malicious program where it replicates itself and aim to only destroy a computer. The ultimate goal of a virus is to ensure that the victim’s computer will never be able to operate properly or even at all. It is not so popular today because Malware today is designed to earn money over destruction. As a result, Virus is only available for people who want to use it for some sort of revenge purpose.

3. Worms. One of the most harmless threats where it is program designed only to spread. It does not alter your system to cause you to have a nightmare with your computer, but it can spread from one computer to another computer within a network or even the internet. The computer security risk here is, it will use up your computer hard disk space due to the replication and took up most of your bandwidth due to the spread.

4. Spyware. Is a Malware which is designed to spy on the victim’s computer. If you are infected with it, probably your daily activity or certain activity will be spied by the spyware and it will find itself a way to contact the host of this malware. Mostly, the use of this spyware is to know what your daily activity is so that the attacker can make use of your information. Such as if you browse on sex toys for a week every day, the attacker will try to come out with a sex toy scam to cheat on your money.

5. Scareware. Scareware is something that plant into your system and immediately inform you that you have hundreds of infections which you don’t have. The idea here is to trick you into purchasing a bogus anti-malware where it claims to remove those threats. It is all about cheating your money but the approach is a little different here because it scares you so that you will buy.

6. Keylogger. Something that keeps a record of every keystroke you made on your keyboard. Keylogger is a very powerful threat to steal people’s login credential such as username and password. It is also usually a sub-function of a powerful Trojan.

7. Adware. Is a form of threat where your computer will start popping out a lot of advertisement. It can be from non-adult materials to adult materials because any ads will make the host some money. It is not really harmful threat but can be pretty annoying.

8. Backdoor. Backdoor is not really a Malware, but it is a form of method where once a system is vulnerable to this method, attacker will be able to bypass all the regular authentication service. It is usually installed before any virus or Trojan infection because having a backdoor installed will ease the transfer effort of those threats.

9. Wabbits. Is another a self-replicating threat but it does not work like a Virus or Worms. It does not harm your system like a Virus and it does not replicate via your LAN network like a Worms. An example of Wabbit’s attack is the fork bomb, a form of DDoS attack.

10. Exploit. Exploit is a form of software which is programmed specifically to attack certain vulnerability. For instance if your web browser is vulnerable to some out-dated vulnerable flash plugin, an exploit will work only on your web browser and plugin. The way to avoid hitting into exploit is to always patch your stuff because software patches are there to fix vulnerabilities.

[How to remove virus]

11. Botnet. Botnet is something which is installed by a BotMaster to take control of all the computer bots via the Botnet infection. It mostly infects through drive-by downloads or even Trojan infection. The result of this threat is the victim’s computer, which is the bot will be used for a large scale attack like DDoS.

12. Dialer. This threat is no longer popular today but looking at the technology 10 years back or more where we still access the internet using a dial-up modem, it is quite a popular threat. What it does is it will make use of your internet modem to dial international numbers which are pretty costly. Today, this type of threat is more popular on Android because it can make use of the phone call to send SMS to premium numbers.

13. Dropper. Looking at the name, a Dropper is designed to drop into a computer and install something useful to the attacker such as Malware or Backdoor. There are two types of Dropper where one is to immediately drop and install to avoid Antivirus detection. Another type of Dropper is it will only drop a small file where this small file will auto trigger a download process to download the Malware.

14. Fake AV. Fake Antivirus threat is a very popular threat among Mac user about 10 months ago. Due to the reason that Mac user seldom faces a virus infection, scaring them with message which tells them that their computer is infected with virus is pretty useful where it results them into purchasing a bogus antivirus which does nothing.

15. Phishing. A fake website which is designed to look almost like the actual website is a form of phishing attack. The idea of this attack is to trick the user into entering their username and password into the fake login form which serves the purpose of stealing the identity of the victim. Every form sent out from the phishing site will not go to the actual server, but the attacker controlled server.

16. Cookies.Cookies is not really a Malware. It is just something used by most websites to store something into your computer. It is here because it has the ability to store things into your computer and track your activities within the site. If you really don’t like the existence of cookies, you can choose to reject using cookies for some of the sites which you do not know.

17. Bluesnarfing. Bluesnarfing  is all about having an unauthorized access to a specific mobile phones, laptop, or PDA via Bluetooth connection. By having such unauthorized access, personal stuff such as photos, calender, contacts and SMS will all be revealed and probably even stolen.

18. Bluejacking. Bluejacking is also uses the Bluetooth technology but it is not as serious as Bluesnarfing. What it does is it will connect to your Bluetooth device and send some message to another Bluetooth device. It is not something damaging to your privacy or device system compared to the Bluesnarfing threat.

19. DDoS. One of the most famous thing done by Anonymous, which is to send millions of traffic to a single server to cause the system to down with certain security feature disable so that they can do their data stealing. This kind of trick which is to send a lot of traffic to a machine is known as Distributed Denial of Service, also known as DDoS.

[10 Symptoms of a Computer Infected with Malware]

20. Boot Sector Virus. It is a virus that places its own codes into computer DOS boot sector or also known as the Master Boot Record. It will only start if there it is injected during the boot up period where the damage is high but difficult to infect. All the victim need to do if they realize there is a boot sector virus is to remove all the bootable drive so that this particular virus will not be able to boot.

21. Browser Hijackers. A browser hijacker uses the Trojan Malware to take control of the victim’s web browsing session. It is extremely dangerous especially when the victim is trying to send some money via online banking because that is the best time for the hijacker to alter the destination of the bank account and even amount.

22. Chain Letters. When I was small, I got tricked with chain letters written by my friend. But chain letters does not stop at that era. It brings to adult life as well where people like to send chain letter such as Facebook account delete letter. It usually says if you don’t forward that particular message or email to 20 people or more, your account will be deleted and people really believe that.

23. Virus Document. Virus today can be spread through document file as well especially PDF documents. Last time, people will only advice you not to simply execute an EXE file but in today’s world with today’s technology, document file should also be avoided. It is best if you use an online virus scanner to scan first before opening any single file which you feel it is suspicious.

24. Mousetrapping. I am not too sure whether you had encountered a Mousetrapping Malware before where what it does is it will trap your web browser to a particular website only. If you try to type another website, it will automatically redirect you back. If you try clicking forward/backward of the navigation button, it will also redirect you back. If you try to close your browser and re-open it, it will set the homepage to that website and you can never get out of this threat unless you remove it.

25. Obfuscated Spam. To be really honest, obfuscated Spam is a spam mail. It is obfuscated in the way that it does not look like any spamming message so that it can trick the potential victim into clicking it. Spam mail today looks very genuine and if you are not careful, you might just fall for what they are offering.

26. Pharming. Pharming works more or less like phishing but it is a little tricky here. There are two types of pharming where one of it is DNS poisoning where your DNS is being compromised and all your traffic will be redirected to the attacker’s DNS. The other type of pharming is to edit your HOST file where even if you typed www.google.com on your web browser, it will still redirect you to another site. One thing similar is that both are equally dangerous.

27. Crimeware. Crimeware is a form of Malware where it takes control of your computer to commit a computer crime. Instead of the hacker himself committing the crime, it plants a Trojan or whatever the Malware is called to order you to commit a crime instead. This will make the hacker himself clean from whatever crime that he had done.

28. SQL Injection. SQL injection does not infect the end users directly. It is more towards infecting a website which is vulnerable to this attack. What it does is it will gain unauthorized access to the database and the attacker can retrieve all the valuable information stored in the database.

Computer Security

Understanding Computer Security - Types of Computer Security

Though understanding computer security needs much study, I have tried to compile all types of computer security in concise and comprehensible format. Among different types of computer security, I assume you already know about virus and spyware - precautions etc.

Types of Computer Security - An Overview

• Types of computer security risks include virus, spyware, and malware. However, those are only the tip of iceberg. To help you understand types of computer security, I have divided the entire theory into the following three parts:

  1. Internet and Network Security
  2. Standalone Computer Security
  3. Data Loss by Accidents

  Internet Security is the one most people are concerned with as it deals with malware and hackers. The next type of computer security, Network Security, deals with the security problems on networks of any size. This includes external problems as well as problems from users of computers inside the network. Standalone computers refer to computers that are not connected to any network (but may be connected to Internet). This part will cover the possible security vulnerabilities on such systems. Finally, the Data Loss part is applicable to networks and computers in the networks as well as standalone computers.

Types of Computer Security - Safety Concerns on Internet and Networks

• Internet Security, among different types of computer security, covers malware and hacking techniques. The Internet is an open zone where anyone can create a website that may place malware on your computer or server. This is also the space that gives shelter to people who are on the prowl to reach your computer or servers to access your data for misuse.

  You can divide the Internet into unknown and trusted sites. Trusted sites are simply the ones that you can trust, with a good example being your own office website. Obviously, you won't knowingly place any code on your own website to compromise the computer security of people visiting it. Another way to divide the Internet is into secure and non-secure zones. The secure zones are normally represented by a lock symbol in the address bar of your computer. An example of such sites can be your Internet banking site that employs high level encryption to secure their database as well as your computer.

  While you already know about malware, there are two more common techniques used by hackers to access your data: port knocking and packet sniffing.

  There are several ports on your computer that allow different applications to transfer data to and from your computer. A good application would instantly close the port as soon as it sends or receives information. However, there are some applications that delay or forget to close these ports. Sometimes it is the OS to blame. Port knocking, or port scanning, is the technique where hackers keep on trying to access the different ports on your computer or server. Once they find an open port, they can easily reach your data and use it the way they want.

  You might know that to transmit data over Internet, it is divided into several chunks (called packets) of equal size. Each packet contains the sequence number of the packet preceded by the IP address of the computer or website (server) to where it is send. They also contain the IP address of source computers/network components such as servers (websites). These packets are mostly encrypted before leaving for the destination. Packet sniffing is another effective technique that helps hackers gain control over the source as well as destination computers. This is more dangerous than port knocking as it affects the entire network system. The technique involves observing the encryption and transmission patterns from a computer/server to the ISP's server. Other hackers can also sniff data transmission from certain websites. Once they crack the encryption, or if the ISP or website does not support high level encryption, the data is easily accessed by the hacker. Once accessed, even a data chunk can give further clues to the hacker for gaining total control over a computer, network, and even a website.

  This is why most browsers use high level SSL encryption to keep your data safe. Still, no software is perfect and may give out details if there is any kind of security lapse on part of end-user, ISP, or the website developers.

Types of Computer Security - Other Major Issues in Network Security

• Among other types of computer security problems, this section deals with client-server model of networks. Any network is only as secure as the network designers and administrators make it. There are numerous ways whereby a network is vulnerable to both external and internal threats. The choice of server and its configuration plus encryption methods highly affect the security of any network. Following are a few of the "most possible" threats to a network on client-server model:

  1. Improper configuration of servers- where users are auto-elevated to certain reputed groups. Different servers offer different facilities. Most of the prestigious servers, including Exchange 2007, have the facility to auto-elevate users based on their interactions. This often results in data theft.
  2. Misuse of User Rights- users with certain rights may misuse their privileges to steal company data and sell it competitors or use it for some other malicious purpose such as destroying data files concerning competitors, etc.
  3. Spamming to create Denial of Service- this technique is again used by both internal and external hackers. The trick is to flood the network with fake data packets. The network is totally congested and results in a crash. If the server is not well configured, the network fails and does not work, resulting in the loss of real data that can be picked up by the hackers. Even if the hackers cannot intercept data in this case, the data in transmission is lost forever.

Types of Computer Security - Safety Factors Concerning Standalone Computers

• Among the major types of computer security are factors affecting data on standalone computers. The major threat is stealthy techniques used when such computers are left running and unattended. Many users do not consider locking their computers before taking a short break. Others can easily take a peek into the computer by the time the actual user returns. Hence it is recommended to program the computer to lock by itself after a few minutes of inactivity. The option is available in Windows OS where you can set a password for each user and set the properties to ask for the password when the screen saver is removed. This also calls for lowering the time before screen saver starts. Still, users should make it a habit to lock their computers as part of their data security policy.

  Another safety factor that is often abused is users not using any security for booting the computer. I strongly suggest a BIOS password so that unauthorized users can't even see the full configuration of the computer. Among other security threats that are again Internet related are the possibility of infection and hacking by way of malware and the methods discussed on the first page.

Types of Computer Security - Data Loss by Accidents

• A network failure or a HDD crash is never predictable. One of the most important angles in types of computer security is loss of data caused by problems with data storage devices and data loss during transmission. While the latter has to be dealt with a good network security policy - to recover data packets lost in transit, the data loss caused by a computer/server crash can be prevented using a solid backup plan. Data files can be replicated over a remote server as well as on different computers on a network. For standalone computers, users can apply backup to external devices and/or to some online storage.

  This article only touched the most common types of computer security. There can be several other problems that may cause infections and/or data loss under each of the different types of computer security discussed here, which also need to be attended to as and when required.

TYPES OF COMPUTER SECURITY - HOW IMPORTANT IS A COMPUTER FIREWALL

This series on types of computer security informs you about different types of security threats. It helps you deal with security threats to computer and security threats to networks. The series on types of computer security also discusses computer based security systems before detailing firewalls.

1. Understanding Computer Security - Types of Computer Security
2. Understanding Computer Security - Part 2: GPS Security and CCTV
3. Understanding Firewalls, Part 1 - What is a Firewall?
4. Understanding Firewalls, Part 2 - Am I Protected?
5. Understanding Firewalls, Part 3 - Limitations of Firewalls

Hackers Successfully Attacked A Nuclear Power Plant

The notorious hackers surely know how to leave an impact and create a tensed environment. Unlike the regular dose of data breach news, seldom we read about a nuclear power plant getting hacked.

Yukiya Amano, the International Atomic Energy Agency Director, has toldReuters that a nuclear power plant was successfully attacked by the hackers about 2-3 years ago. While it didn’t cause the plant to completely shut down, it disrupted the power plant. He declined to mention which particular nuclear power plant was involved in the attack.

Another incident mentioned by Amano was an attack on a nuclear lab in the University of Toyama in Japan. The lab was involved in the research on tritium, which is used in the nuclear facilities.

Amano also talked about another case in which a person tried to smuggle a little amount of enriched Uranium that could be used to build a so-called “dirty bomb”. This incident took place 4 years ago.

“This is not an imaginary risk”

In the recent times, the issue of cyber attacks on nuclear-related organizations has escalated. Very often we don’t know the complete situation. So, and such activities must be taken seriously.

“This actually happened and it caused some problems,” he said, talking about the attack on the power plant. “It needed to take some precautionary measures.”

If we consider the real world scenario, according to the security experts, blowing up a nuclear reactor is a near-to-impossible task for the militants. However, there are some flaws in every field that could be exploited in some manner.

Recently, the U.N. agency has helped the countries increase overall nuclear security and provided them radiation detection devices. Since 2010, the organization has trained more than 10,000 people in nuclear security.

Have something to add? Don’t forget to drop your feedback in the comments section below.

Bill Gates Hacked A Computer 45 Years Ago, He Got The Most “Surprising” Punishment Ever

T

here are a lot of stories about Bill Gates, like, when he programmedworld’s first PC game, or when he talked about living life at $2 a day. A dedicated philanthropist and the co-founder of Microsoft has played a major role in changing horizon of the technology world. The perception of a computer, from being a developer toy to a necessity of the common folks, has changed. For that Gates’ contribution can’t be denied.

Bill Gates is known to be a hacker in the past and for his love with programming and computers. You might’ve heard, how bill gates hacked his school system tosit with girls. But there is another hacking story of him, it was originally published by The Sydney Morning Herald on March 17, 1986. It was the time when the first Windows version was launched and this story was included in the profile on Bill Gates.

Gates was 15-year-old when he hacked into a computer of a major company. But the young hacker was out of luck. He was caught and as a punishment, he had to give up computing for an entire year.

This was sort of an uncommon form of justice for the wrongdoing, probably because there wasn’t much seriousness about hacking at that time. Maybe the company just wanted to teach him a lesson by taking away his favorite thing, computer.

Gates later became the World’s Richest Person and is still. He was recentlyoutperformed by another billionaire. But it was only for a few hours and Gates was back at the throne. It might be easy to reach the top but it’s difficult to remain there. And that’s what Gates has been doing for all the years. That’s because he has learned a lot in his life and those experiences have contributed towards his success.

C vs C++

C vs C++: Comparison and differences

• Structural or procedural

C is a structural or procedural programming language whereas C++ is a modular or an object-oriented programming language.

Let’s look at it this way:

Let’s imagine, you are building up a house in the archaic times. So you do not define the placement, size, and configuration of the bricks, windows, and the door.

Time flew by and in the modern era, you again decided to build up a house but this time, you defined everything and in fact, you even had a plan of your house.

So, the first style of building up a house was procedural. That means, you just had resources and you utilized them but in the later case, you decided everything before hand that means you modularized the construction.

Now replace the bricks of the house with the bytes and you would know what I was talking about. Thus, this is the major difference between C vs C++.

• Use of Virtual functions

No virtual functions are present in C but C++ uses them.

• Information hiding support in C++

C does not support information hiding. That means, when a data is defined in C, it becomes a free entity and can be easily manipulated by outside code. In C++, Encapsulation hides the data to ensure that data structures and operators are used as intended.

Get Best C and C++ Courses Here

• Encapsulation

Encapsulation makes mapping easier in C++ to map data and functions whereas in C it becomes very complicated. C++ uses objects for the same purpose.

• Programming approach in C and C++

C follows the top-down approach whereas C++ follows the bottom-up approach (remember an object in C++?)

• Memory Allocation

C provides malloc() and Calloc() functions for dynamic memory allocation, and free() for memory de-allocation. C++ provides ‘new’ operator for memory allocation and free operator for memory de-allocation.

• Function and operator overloading

C does not support function overloading and operator overloading whereas C++ supports function overloading and operator overloading.

That means, in C++, one function of the same name can be used in the different scopes. Overloaded functions enable programmers to supply different semantics for a function, depending on the types and number of arguments.

• Inheritance

Inheritance is not possible in C but it is possible in C++.

• Variable declaration in C and C++

In C programming language, you have to declare a variable at the beginning whereas in C++ a variable can be declared instantly anywhere throughout the program.

• C vs C++: Input and Output compared

C uses functions for input/output. For example, scanf and printf. On the other hand, C++ uses objects for input-output. For example, cin and cout.

• Namespace feature

To avoid collisions, C++ uses NAMESPACE. C has no such feature.

Let’s see it this way. Two students in the same university cannot have the same roll number while two students in different universities might have the same roll number. The universities are two different namespace and hence contain the same roll number (identifier) but the same university (one namespace) cannot have two students with the same roll number (identifier).

Also read: Best Places to Learn C and C++ Programming Languages

• Error Handling in C and C++

C does not provide direct support for error handling (also called exception handling) whereas C++ provides support for exception handling.

• C vs C++ speed comparison

Asking the question about the speed of C and C++ is quite biased. C and C++ programming languages are nearly the same when it comes to their performance, given the condition that you are a skilled programmer.

If you code some C statement and them compile them under C++, they’ll run just the same and generate the same machine code. However, C++ is developed as a superset to C and additional code is generated to support the higher level features.

The performance and speed of C and C++ mainly depends upon the decisions a C++ programmer makes. If one person makes a program that relies heavily on the high level tools of C++, the program might appear bloated. However, if one is skilled enough, a programmer can code a C++ program without calling bloated C++ libraries and acheive same level of performance.

• Influences of C and C++ on other languages

C has influenced technologies like  awk, csh, C++, BitC, Java, JavaScript, C#, D, Objective-C, Concurrent-C Limbo, Perl, and PHP.

On the other hand, C++ has influenced C#, D, Aikido, PHP, Java, and ADA 95

live-sniffer network traffic

How to live-sniffer network traffic on a remote Linux system using WireShark

Wireshark is a top  Kali Linux Wi-Fi pentesting tool and used for as world’s foremost network protocol analyzer. It lets you see what’s happening on your network at a microscopic level. With Wireshark you can analyze a network to the greatest detail to see what’s happening. Wireshark can be used for live packet capturing, deep inspection of hundreds of protocols, browse and filter packets and is a multi-platform tool.

Top Wireshark’s features are:

• Deep inspection of hundreds of protocols, with more being added all the time.
• Live capture and offline analysis with powerful display filters.
• Captured network data can be browsed via a GUI or via the TTY-mode TShark utility.
• Read/write many different capture file formats: tcpdump (libpcap), Pcap NG, WildPackets EtherPeek/TokenPeek/AiroPeek … it’s a long list. You can also export to XML, PostScript®, CSV, or plain text.
• Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platform).
• Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2.

In this tutorial, we will learn how to live sniffer network traffic using Wireshark thanks toRobert Penz. Why would you want to sniff at live network flow?. Sometimes a tcpdump is not enough to give you correct information and when you want additional information like :

• You want to check the TTL/hop count of BGP packets before activating TTL security
• You want to look at encrypted SNMPv3 packets (Wireshark is able to decrypt it, if provided the password)
• You want to look at DHCP packets and their content

Sure, it’s quite easy to sniffer on a remote Linux box with tcpdump into an file and copy that over via scp to the local system and take a closer look at the traffic. But using the Wireshark for the same query gives you better results.

We just use ssh to pipe the captured traffic through to the local Wireshark. Sure this is not the perfect method for GBytes of traffic but often you just need a few packets to check something or monitor some low volume traffic. Anyway first we need to make sure that Wireshark is able to execute the dumpcap command with our current user. So we need to check the permissions

ll /usr/bin/dumpcap
-rwxr-xr-- 1 root wireshark 88272 Apr 8 11:53 /usr/bin/dumpcap*

So on Ubuntu/Debian we need to add ourself to the wireshark group and check that it got applied with the id command (You need to logoff or start a new sesson with su - $userbeforehand). Now you can simply call:

ssh root@10.x.x.x 'tcpdump -f -i eth0 -w - not port 22' | wireshark -k -i -

And now the really cool part comes. Using Ubiqity Unifi access points in multiple setups allow you to look at the traffic a station communicates with the access point on the wireless interface. With that commands, you will be able to ssh into the access point and look at the live traffic of an access point and a station which is hundreds of KM way. You can ssh into the AP with your normal web GUI user (if not configured differently) and the bridge config looks like this

BZ.v3.7.8# brctl show
bridge name bridge id STP enabled interfaces
br0 ffff.00272250d9cf no ath0
ath1
ath2
eth0

You can choose one of that interfaces (or the bridge) for normal IP traffic or go one level deeper with wifi0, which looks like this

ssh ubunt@10.x.x.x 'tcpdump -f -i wifi0 -w -' | wireshark -k -i -

That’s it. You can live sniffer network traffic on a remote Linux PC/laptop sitting hundreds of KM away using Wireshark. Don’t forget to thank Robert Penz for bringing this awesome tutorial to you.