What do you know about Phishing, Cookies, Worms and Trojans in a technological world? Do they still mean sitting out by the river waiting for a bite, biscuits, small garden slimy things or a person from ancient Troy?
The rise of online communication, financial management, social networking and education is expected to continue. As users of a whole host of technological appliances and devices, are you fully aware of potential threats and how vulnerable you may be? You hear the terms being spoken, but do you actually know what they mean? Most people place an enormous amount of trust in their devices, believing they are safe from viruses, hackers, etc., because they have created their own accounts and passwords. Technological advancement is leaving many adults behind, including some teaching staff, and they need to catch up. Growing up in an ever-changing world of technology, young people tend to be more adept at using devices and are familiar with a vast majority of terms, but do they actually know what they are, why they are so called and what the consequences may be? Whilst some of the consequences may simply be minor inconveniences, others can have catastrophic outcomes.
To understand the potential risks, a good place to start is to become familiar with some technological terminology:
An attempt to obtain ‘others’ information such as usernames and passwords, including credit card details. Phishers disguise themselves as a trustworthy body alleging to be from popular social web sites and auction sites in an electronic communication. Online payment procedures are frequently used to bait the unsuspecting victim.
Also known as HTTP Cookie, Web Cookie or Browser Cookie. A cookie is typically a small piece of data sent from a website and stored in the user’s browser. They were designed to be a reliable mechanism for websites to remember the user’s previous activity. When the user revisits the same website, the data (including logging in details or pages visited) is stored in the cookie and can be retrieved, from even months or years ago.
A computer programme that can duplicate itself. Viruses are able to reproduce themselves and spread from one computer to another, almost always corrupting or modifying files on the targeted computer, and are most likely to be extremely
destructive. Viruses should not be confused with other types of malware
programmes as these do not have a reproductive ability. Many viruses attach
themselves to files that are part of genuine programmes. They do this is order
to replicate themselves by translating codes and writing to memory. Viruses are
able to infect files on a network file system thus increasing their chances of
spreading to other computers and mobile devices. They can also send a web
address link as an instant message to all contacts on an infected device. If
the recipient believes the link to be from a trusted source, e.g. a friend, the
likelihood is that they’ll follow the link to a web site. This also enables the
virus hosted at the site to infect the new computer and continue spreading.
Viruses can be divided into two types:
Non-resident – these viruses search for other
hosts to infect and transfer control to the computer software
Resident – these do not search for hosts,
instead they load themselves into the computer memory on completion and then
transfer control. The virus stays active in the background and infects new
hosts when those files are accessed by other programmes or the operating system
A malicious file or programme that often disguises itself as a legitimate one. It does not attempt to inject itself into other files like a virus. Often appearing as helpful programmes Trojans can make copies of themselves, steal information, or harm the target computer system. Others rely on ‘drive-by downloads’. These are
downloads that may happen when visiting a website, viewing an e-mail or by
clicking on a deceptive pop-up window that appears to be genuine and presents
themselves as harmless in the form of ‘social engineering’. The victim
mistakenly authorises the installation on their computer without understanding
the consequences, such as; giving a hacker remote access to the computer system
which then allows them to execute all kinds of operations in an attempt to
defraud the victim/s of personal data or money. Operations may include and are
not restricted to:
Electronic money theft Data theft (passwords or
credit card information)
Malware from third-party sources
Downloading or uploading of files including
modification or deletion of existing files
Watching the user’s screen
Crashing the computer
The term used to mean a variety of forms of hostile, intrusive or annoying software or code. Whichever form it occurs in it comes with malicious content that helps hackers to gather sensitive information, gain unauthorised access to a computer system or disrupt computer operations. Malware should not to be confused with defective software. Defective software has a legitimate purpose but contains harmful bugs that were not noticed before release. Malware are blended threats and sometimes appears as a scrip or code, which may include; masquerading as genuine software and may come from an official company, e.g., tracking software to gather statistics for advertising purposes.
A computer worm is an individual computer programme that duplicates itself with the purpose of spreading to other computers. It usually does this through a network system which is often as a result of inadequate security protection on the target computer. Unlike a virus worms do not need to attach themselves to an existing programme. They almost always cause at least some harm to the network, even if only by consuming bandwidth. (In computer networks, bandwidth is often used as a substitute term for ‘data transfer rate’, i.e., the amount of data that can be carried from one point to another in a given time period (usually a second).
A type of malware that is often secretly installed and typically hidden on a personal computer and can be difficult to detect. They collect information about user’s data and monitor activity without their knowledge. Spyware has more functions than simply monitoring a user’s activity. They can collect almost any type of data including user logins, bank or credit account information and also personal information like Internet surfing. Spyware is able to install additional software, redirect web browsers, and change computer settings that interfere with connections speeds, browser settings or performance of other software. (Some spyware such as ‘keyloggers’ may be installed by the owner of a shared, corporate, or public computer on purposed in order to intentionally monitor users.)
Software that employs surreptitious abilities that are designed to conceal the presence of certain processes or programmes, e.g. malware aiming to avoid detection by antivirus software. They do this by destabilising the software that is intended to find it. Removal of a rootkit can be complicated or practically impossible, particularly when it is located in the ‘kernel’. (The kernel is the main element of a computer operating system, acting as the bridge between data processing and applications. It also manages the communication between hardware and software mechanisms). Reinstallation of the operating system may be the only available solution to the problem.
The term derives from ‘robots’. A ‘bot’ is a type of malware that acts as an agent allowing the attacker to gain complete control over the affected computer. They can do this by hiding in the shadows of a computer, using file or process names that are either similar or identical so that they are not noticed. Once infected with a ‘bot’ a computer is then generally referred to as ‘zombie’. Attackers are able to access lists of ‘zombie’ PCs and activate them to carry out ‘Denial of Service’ attacks again websites, host phishing attack websites or send out thousands of spam e-mail messages. A ‘Denial of Service’ attacks floods a network with overwhelming amount of traffic, slowing its response time for legitimate traffic or grinding it to a halt completely. If the attack could be traced back
to its source all that would be found is an unsuspecting victim (agent) rather
than the true attacker!
A network of virus-infected computers that are used to send about 80% of spam.
The use of electronic messaging systems to send unwanted bulk messages usually withcommercial content and often in large quantities to indiscriminate number of
recipients. E-mail spam is the most common although the term spam can be
applied to other similar abuse in other forms of electronic media; instant
messaging, web search engine, blogs, online classified ads, mobile phone
messaging, social networking and file sharing network spam to name but a few.
Over time e-mail spam has increased to infecting ‘zombie networks’ (see ‘bots’)
and networks of virus or worm-infected PCs in homes and offices around the
world. Spammers are able to access the computer via a ‘backdoor’ installed by
worms. They use it for malicious purposes. This ‘backdoor’ access complicates
attempts to control the spread of spam because the spam doesn’t usually
originate from the spammer. There are set-ups that deploy ‘e-mail address
harvesting’, which are dedicated to collecting e-mail addresses and selling
collected databases. Some rely on users not reading the ‘small print’ of
agreements who then unwittingly agree to sending messages to their contacts.
This very common approach is particularly prevalent in social networking sites.
Do not be over alarmed at the information given above. Rest assured that
there is almost always a remedy; however, it is important to consider all
security threats, both known and unknown, when selecting your network security
systems. To help counteract problems, ensure that you update your computer or
device with the latest protective software and that passwords are strong and
changed regularly. You should also make sure you use a personal firewall
programme to protect your computer from unauthorized access.