.png)
Types of Cyber Attacks
In a Physical Attack, conventional weapons like bombs or fire are used. Uses a Syntactic Attack Virus type software to interrupt or harm a Computer system or Network.
The semantic attack is a more subtle approach. Its aim is to attack the trust of users due to the computer system to produce errors and unexpected results.
Synthetic attacks are sometimes classified under the word "malicious software" or "malware".
These attacks may include Viruses, Worms, and Trojan Horses. Delivery is a normal vehicle email of formal wear.
Semantic Attacks include amendment of information or dissemination of wrong information.
The information has been amended without the help of a computer, but computers and networks have provided new opportunities to get it.
Also, a large number of people get the help of mechanisms such as emails, message boards and websites with the spread of false information.
Cyber Attacks can be divided into different categories:
- Trojan programs that share files through instant messenger.
- Phishing
- Fake Websites.
- Spoofing
- Spyware
- Electronic Bulletin Board
- Information Brokers
- Internet Public Records
- Trojan Horse
- Wormhole attack
Instant messaging allows file-sharing on the computer. All current popular instant messengers have the ability to share the file, or users have the ability to maintain the above functionality by installing patches or plug-ins; This is also a big threat to present Information Security.
This communication software also makes it difficult to prevent and control information security for existing hack prevention methods.
Hackers use instant communication capability to plant a Trojan program in an untrained program; The imposed program is a type of remote-controlled Hacking Tools that can hide and is unauthorized.
Trojan program is inadvertently executed to control the infected computer; It can read, delete, move and execute any file on the computer.
The Advantages of Hackers, remote accessory backdoors are Trojan programs with immediate messengers to access the file: When the victim gets online, the hacker will be notified.
Thus, a hacker can track and access infected computers, and continuously steal user information.
There is no need to open a new port to broadcast a hacker; He can do his operation through an open instant messenger port. Even if a computer uses a dynamic IP address, its screen name does not change.
Hijacking and Impersonation
There are various ways through which a hacker can impersonate other users.
The most commonly used method is emailing users e-mail to users without knowing about user accounts, passwords, and other user-related information.
The number of user accounts and related information theft is a very serious problem in any instant messenger.
For example, a hacker stops the user after stealing the user's information; User's contacts do not know that the user's account has been hacked, it is believed that the person they are talking to is a user, and they are willing to execute some programs or disclose confidential information.
Therefore, user identity theft not only risks a user but also surrounds the surrounding users.
Security against Internet security problems is currently focused on future research; Because without good security, the computer can be easily attacked, causing huge losses.
Users who are willing to receive accounts can do this with the help of a Trojan to steal the password.
If an instant messenger client stores his password on his computer, a hacker can send the trojan program to the user without thinking.
When the user executes the program, the program will search the user's password and send it to the hacker.
There are several ways through which a Trojan program can send messages back to the hacker. Methods include instant messenger, IRC, e-mails, etc.
The current four most popular instant messengers are AIM, Yahoo! Messenger, ICQ, and MSN Messenger, none of which encrypts its flow.
Therefore, a Hacker can use Main-In-Middle Attack to hijack a connection, then to impersonate a hijacked user and participate in a chat session.
Denial of Service
There are several ways through which a hacker can launch a DoS Attack on an instant messenger user. Due to a partial DoS Attack, the user will hang the end or will use a large part of the CPU resources, making the system unstable.There are several ways in which a hacker can disrupt service on instant messenger clients.
A Common Type of Attack is filling a particular user with a large number of messages.
Popular Instant Messaging Clients are protected from Flood Attacks by allowing some users to ignore.
However, there are several tools that allow hackers to use multiple accounts simultaneously, or automatically create large numbers of accounts to complete the flood assault. To add it
The fact is that once the Flood-Attack has started and the victim knows what happened, the computer can be unresponsive.
Therefore, it may be very difficult to add attacker user accounts to the list of instant messenger clients, it is very easy to create DoS attacks and it is very difficult to find out, and therefore there are attractive weapons for hackers.
In a typical DoS Attack, the attacker node spoils its IP address and uses several intermediate nodes to overwhelm other nodes with traffic. DoS attacks are usually used to exclude important servers for a few hours from the operation, resulting in the DoS server being served to all users.
It can also be used to interrupt the services of an intermediate router.
Phishing Attacks
Phishing Attacks word comes from the analogy that Internet scammers are using email lures for fish for password and financial data from the sea of internet users.The word was coined by hackers in 1996, which was stolen by AOL users by password scam and stole AOL internet account. Because hackers have the tendency to replace "f" with "ph", the word phishing is derived.
Phishing Attacks is a method that exploits people's empathy in the form of receiving e-mail; Feed as e-mail act These e-mails usually request their readers to go to a link which appears on the website of some charitable organizations;
But really connects readers to a website that will install a Trojan program in a reader's computer.
Therefore, users should not forward the unauthorized charity mail, or click the unfamiliar link in the e-mail.
Occasionally, the link can be a very familiar link or frequent web site, but still, it will be safe if you type in the address so that you avoid being associated with a fraudulent website.
Fisher pleases people using similar e-mails mailed by well-known enterprises or banks; These e-mails often ask users to provide personal information, or as a result of losing their personal rights; They usually have a fake URL that connects to a website where users can fill in the required information. Due to clutter, people are often caught by the phishing.
Phishing Technique
Phishing Techniques can be divided into different categories, some of which are given below:Link Manipulation
Most of the methods of phishing use the technical deception designed to create a link in the email (and the spoof website it is about) related to the spoofed organization. Misspelling URLs or subdomains are common tricks used by fishers, such as this example URL, http://www.yourbank.com.example.com/. Another common trick is that the anchor text is valid for the link when the link actually goes to the Fisher's site.
An old method of spoofing used a link containing the '@' symbol, which was originally used as a way to include username and password (as opposed to standard). For example, the link cheats a casual observer at HTTP: //www.google.com@members.tripod.com/might assuming that he will open a page on www.google.com While this
In fact, the browser is sent to a page by using the username www.google.com Username of www.google.com: The page opens normally, no matter whatever the user name.
Such URLs were disabled in Internet Explorer, while Mozilla and Opera web browsers gave the option to present warning messages and to continue or cancel the site.
Another problem with the URLs has been found in dealing with the international domain name (IDN) in the web browser, which can blindly allow the same web address to lead to potentially malicious websites.
Despite the publicity surrounding the blame, which is known as IDN spoofing or Homograph Attack, any Phishing Attacks have not yet taken advantage of it.
Using open URL redirectors on trusted organizations' websites to hide malicious URLs with a trusted domain, Phishers has taken advantage of the same risk.
Filter Evasion
Fishers used images instead of text to make it difficult for anti-phishing filters to detect commonly used text in Phishing Emails.
Website Forgery
Once the victim goes to the website, the deception does not end. Some Phishing Scams use javascript commands to change the address bar.
It is either by placing a picture of a valid URL above the address bar or by closing the original address bar and opening a new one with a valid URL.
An attacker can also use flaws in his script against a victim of a trusted website.
This kind of attack (known as cross-site scripting) is particularly problematic since they direct the user to sign on their own web page of the bank or service, where the security from the web address Everything looks right up to the certificate.
In fact, the website link has been prepared to carry out the attack, though it is very difficult to spot without expert knowledge. A similar defect was used against Pay Pal in 2006.
A Universal Man-In-The-Middle Fishing Kit, discovered by RSA Security, provides a simple-to-use interface that allows a Fisher to recreate websites and enter log-in details on a fake site is.
Phone Phishing
All Phishing Attacks do not require fake websites. Messages claiming to be from a bank asked the users to dial a phone number about problems with their bank accounts.
Once the phone number (owned by Fisher, and IP service was provided by a voice) was dialed, the indications prompted the users to enter their account number and PIN.
Voice phishing sometimes uses fake caller-id data so that calls from a trusted organization are called.
Solution
Social Responses
One strategy to combat phishing is to train people to recognize phishing attempts,
And to deal with them. Education can be promising, especially where training provides direct feedback.
People can take steps to avoid phishing attempts by modifying their browsing habits slightly.
When an account is required to be "verified" (or any other topic used by Fisheries), it is a wise caution to contact the company, from which the email is clearly checked Is generated for the email that is valid.
Alternatively, the address the person knows is the company's actual website, which can be typed in the address bar of the browser instead of relying on any hyperlink in the suspicious phishing message.
Technical Responses
Anti-phishing measures have been implemented in browsers as extensions for embedded features, extensions or toolbars for browser and part of the website login processes. Following are some key points of the problem.
Helping to Identify Legitimate Sites
Since phishing is based on impersonation, therefore, restricting it depends on some reliable way to determine the actual identity of the website.
For example, some Anti-Phishing Toolbars display the domain name for the visited website.
Pet-name extensions for fire-fox allow users to type in their own labels for websites so they can recognize later that they are back to the site. If the site is suspicious, the software can either warn the user or block the site outright.
Fake Web-Sites
With the rise of online financial transactions, Fake Bank Websites that steal account numbers and passwords have become commonplace.
Therefore, when using online banking, we should take precautions, such as using secure encrypted customer certificates, net surfing after the correct process, etc.
First of all, scammers create a similar website homepage; Then they send e-mails with enticing messages to attract visitors.
They can also use fake links to connect internet surfers to their websites. After this, the fake website inspires visitors to enter their personal information, credit card information or online banking account number and password.
After receiving the user's information, scammers can use the information for the clearance of bank accounts, online purchases, or counterfeit credit cards and other similar crimes.
Typically, these fake websites will have a quick search option, which will motivate users to enter their account number and password. When a user enters his account number and password, the website will respond with a message that the server is under maintenance.
Therefore, when using online banking, we should observe the following:
Inspect the correct procedure for admission to the banking website. Do not use links generated from searches or links on other websites.
Online banking certificates are currently the most effective security measures.
Do not rely on e-mails, phone calls, and small messages, etc., who ask for your account number and password.
Fisher often fosters a well-known enterprise when sending e-mails by changing the sender's e-mail address for a well-known enterprise, to gain the trust of people.
The 'From' column of the e-mail is determined by the mail software and can be easily changed by the web administrator.
Then, Fisher creates a fake information input website and gives a link to send e-mails to those who send e-mails to lure them to their fake website. Most Fisher makes a copy of famous enterprises websites to entice users to use their fake websites.
Nevertheless, a user can easily see that the URL of the website they are entering into has no relation to the enterprise concerned. Therefore, phishers can use different methods to impersonate enterprises and others.
The method commonly used is hiding the URL. It can be easily done with the help of javascript. Another way is to take advantage of the imperfections in the Internet browser, for example, displaying a fake URL in the browser's address bar.
The security impairment is a commonly used move due to the browser's address bar to display fake URLs and is often used in the past. For example, an e-mail in HTML format can hold the URL of a famous enterprise website, but in fact, the link links to a fake website.
The key to using the same URL for the desired website is to trick visual senses. For example, the sender's address may be disguised as a Nikkei BP, and the link URL on http://www.nikeibp.co.jp/ which is less than a k from the exact URL which is HTTP www. .nikkeibp is .co.jp /. Two URLs look very similar, and the difference is barely noticeable.
That's why people have the ability to click on links. Apart from the above, there are many more scams that take advantage of the trickery of the senses. Therefore, you should not rely on the name of the given sender and the presence of the website easily.
Never click on unfamiliar and suspicious URLs on a webpage. In addition, never enter personal information on a website without careful checking.
Solution
Internet Explorer 7 and FireFox 2 have sophisticated filters that can detect most fake websites.
Here are some other clues that can remove the fake:
- Find proof of the presence of a real-world: an address, a phone number, an email contact. If there is a doubt, send an email, make a phone call or write a letter to establish whether they really exist.
- The address of the website is different from the one you used, perhaps it has extra characters or words or it uses a completely different name or at all names, bus numbers.
- Right-clicking on the hyperlink and selecting "Properties" reveals the correct destination of the link - if it appears in the email, then it is different.
- Even if you are asked to enter personal information but there is no padlock in the browser window or 'https: //' at the beginning of the web address, to indicate that it is using a secure link and The site is what it says.
- A request for personal information such as usernames, passwords or other security details, when you are normally asked only for some of them.
- Although rare, it is possible for your computer to be corrupted by viruses so that you can type the address of a legitimate website in your browser and still end up on a fake site. This problem is known as 'farming'. After reaching a website, check the address in your browser's address bar to ensure that it matches the address you typed. Subtle changes (for example 'eBay' instead of 'eBay') can indicate that your computer is a victim of a fermenting attack.
Similar to nature for phishing, farming (clear farming) is a hacker attack that aims to redirect traffic to one website to another, fake website. Pharming can be done either by changing the host file on a victim's computer or by exploiting a vulnerability in the DNS server software.
DNS servers are responsible for solving the name of the computer in their real address - they are "signposts" of the Internet. The compiled DNS server is sometimes known as "poison". Farming is a word on farming and phishing.
Phishing word refers to social engineering attacks in order to obtain access credentials such as usernames and passwords. Pharmaceuticals have been used to steal identity information in recent years. Pharming has become a major concern for businesses hosting e-commerce and online banking websites.
Spoofing Attacks
A technique is used to gain unauthorized access to the computer, so the intruder sends a message to the computer with an IP address indicating that the message is coming from a trusted host.
In order to engage in IP spoofing, a hacker should first use a variety of techniques to find the IP address of a trusted host and then modify the packet header so that the packet appears coming from the host Are.
There is a near and often confused word spoofing with phishing and farming. In the context of the Internet, a "spoofer" is generally defined as "cracker", which changes an e-mail address or "forge", which can generate a message from a different source address She does show off, which she really has.
There are several ways that an attacker can do this, and there are many types of attacks. An attacker can do this to gain access to a secure site, which will accept the "hijacked" address one or more of the permissible addresses in a malicious manner, which may cause the source of any type of attack to be hidden.
Email spoofing is often an attempt to deceive the user in giving a harmful statement or issuing sensitive information (such as passwords).
Spoofing Attacks Techniques
Spoofing attacks can be divided into different categories, some of which are given below:
Man-in-the-middle attack and internet protocol spoofing
An example from cryptography is the in-the-middle attack, in which an attacker assures Ellis that he is Bob, and to Bob believing that he is Ellis, thus reaching all the messages in both directions without any difficulty Receive. Anyone's
Spyware
Spyware is computer software that can be used to collect and remove confidential information from any computer without the owner's knowledge.
Surfer does everything online with your password, can be unsafe for spyware. Spyware can put anyone at risk of becoming a victim of identity theft. In addition, some forms of spyware can be identified by remote location on the computer, without knowing thieves can ever make physical access to the victim's computer.
While Spyware suggests software that secretly monitors user behavior, the functions of spyware extend well beyond simple monitoring.
Spyware Programs can collect various types of personal information, but users can also control user control in other ways, such as installing additional software, redirecting web browser activity, accessing websites visually, which is more Will cause harmful viruses, or ads will destroy revenue.
A third party. Spyware can also change computer settings, which can result in slow speed, various home pages, and internet or other programs. In an effort to increase the understanding of spyware, a more formal assortment of software types included in it is captured under the term privacy-aggressive software.
In response to the emergence of spyware, a small industry has worked on 1ll anti-spyware software.
Running anti-spyware software has become a widely recognized element of computer security best practices for Microsoft Windows desktop computers. Many jurisdictions have passed anti-spyware laws, which usually target any software that is definitely established to control the user's computer.
Routes of Infection
Spyware does not spread directly in the way of computer viruses or worms: Generally, an infected system does not attempt to transmit the infection to other computers.
Instead, spyware gets on a system through the user's deception or exploitation of software vulnerabilities.
Most spyware has been installed without users' knowledge. Since they do not install the software, if they know that it will disrupt their working environment and their confidentiality, spyware will compromise with cheating users, either by piggybacking on a piece of desired software such as Kaza or Limaye, Trick to install it (trojan horse) way).
Some "badass" anti-spyware programs themselves appear as spy software while spyware.
Distributor of spyware usually presents programs as a useful utility - for example "Web Accelerator" or as an Assistant Software Agent. Users download and install the software without any doubt that there may be a loss.
Spyware can come with shareware or other downloadable software as well as music CDs.
The user downloads a program and installs it, and the installer installs additional spyware. Although desirable software cannot harm itself, bundled spyware does.
In some cases, spyware writers have paid shareware authors to bundle spyware with their software.
In other cases, spyware writers have erased the desirable free software with the installer connecting spyware.
A third way of distributing spyware manipulates users by manipulating the security features designed to stop unwanted installation.
Internet Explorer prevents web sites from starting unwanted downloads. Instead, it requires user action, like clicking on a link.
However, links can prove confusing: for example, a pop-up ad might look like a standard Windows dialog box. The box contains a message such as "Would you like to optimize your internet access?" The button that resembles reading a button looks like yes and no. No matter what "button" the user presses, a download begins, which keeps spyware on the user's system.
Later versions of Internet Explorer provide a lesser way for this
Solution
As the threat of spyware has increased, many techniques have been exposed to counteract it.
These include programs designed to remove or block spyware, as well as various user exercises that reduce the possibility of spyware on the system. However, spyware is an expensive problem.
When a large number of spyware has infected Windows computers, the only solution may be to back up the user data and to completely restore the operating system.
Security practices
In order to prevent spyware, computer users have found many practices useful in addition to installing anti-spyware programs.
Many system operators install a web browser in addition to IE, such as Opera or Mozilla Firefox.
However, they have also faced some security vulnerabilities, compared to Internet Explorer, their comparatively small market share makes hackers unattended for hackers to target users on those browsers.
Though no browser is completely secure, Internet Explorer is a big risk for spyware infections because there are also large user base as well as vulnerabilities like ActiveX.
Electronic Bulletin Boards
Chat rooms and electronic bulletin boards have become breeding grounds for identity theft.
When criminals receive personal identification information like credit card numbers or social security numbers, those hackers go to the chat room and post messages that they have personal information for sale.
On April 16, 2004, a man in Manchester, New Hampshire was sentenced to a website and eight bullying cases related to an electronic bulletin board, where he had thousands of social security numbers and other personal information related to the employees of the global crossing, Also posted for sale as well.
The threat of injuring or killing.
Information Brokers
Information brokers have been around for decades,
However, in recent years a new breed of information brokers has emerged; The way in which individually sells greed-induced information to someone requesting it electronically through the Internet, some information brokers are negligent upon receipt of orders.
They fail to verify the requesting party's identity and if necessary check the less in check if any
In one case, a 24-year-old Indian man who worked for the Gurgaon-based online marketing firm named Infinity E-Search (March 2005), an undercover journalist working for £ 2,750 for The Sun, Bank account information was sold.
The victim has claimed that he was only a middleman and did not sell the data collected by his employer.
Infinity research has said that the company does not handle any data for named banks in the Sun Report, and according to the press report, the victim does not have access to any kind of confidential data through his employment with the company.
But this case has anticipated an anti-outsourcing backlash if Indian firms are seen careless about data handled by them.
Internet Public Records
There are two ways public records are electronically accessible. Some jurisdictions post them on their government web sites, which gives free or reduced-cost access to records.
Government agencies and courts also sell their public files to commercial data compilers and information brokers.
They make them available on a fee basis, either through web sites or through special network hookups.
Identity Theft
Identity Thefts and other types of fraud are easily accessed by electronic identities through personal identifiers and other personal information.
Such information includes details about social security number, credit card, and bank account number and investment.
Solution
What can be done to reduce the negative consequences of creating public records with personal information available on the Internet and from other electronic services?
Governments are not likely to decide to keep such records completely off the Internet. In fact, they should not.
Public policy reasons are irreversible to make public records available electronically - promoting easy access to government services as well as opening governmental practices to the public and promoting accountability.
But there are many approaches government agencies and court systems can take individuals to reduce the loss when sensitive personal information is to be posted on the Internet while promoting government accountability at the same time.
Regulating the information broker industry
Information broker industry should be regulated. At present, information brokers buy public records from local, state and federal government agencies and return them to the customers for sale.
They add data from commercial data sources such as credit reports and consumer survey data.
In fact, anyone can access these files, although many information brokers claim that they limit access to businesses like private investigators, lawyers, law enforcement, media, borrowing landlords, and employment background checkers.
However, the effectiveness of such self-regulation is limited in the best form.
Requiring more accountability of the private investigator industry
A major user of the private investigator profession, public record information, should be regulated in states where there are no monitoring agencies.
In addition, the existing rules should be tightened and made uniformly nationwide, perhaps by federal law. Private investigators should be organized for strong standards about the use and use of sensitive personal information.
They should be held accountable when misusing personal information.
Trojan Horses
In this context, a Trojan horse can be defined as an application that seems benign, but instead takes some kind of malicious activity. Trojans can be disguised as a game, an e-mail attachment, or even a web page.
As soon as the victim runs the camouflage application or opens it, the Trojan installs itself on the hard drive and then runs every time the Windows is turned on.
Related:
- What is Identity Theft?
- What is the Dark Web? How to Access the Dark Web?
- How to Start a Career in Cyber Security?
- What is E-Mail Security?
No comments:
Post a Comment