Malicious software programs are referred to as malware and include a variety of threats, such as computer viruses, worms, and Trojan horses. A computer virus is a rogue software program that attaches itself to other software programs or data files in order to be executed, usually without user knowledge or permission. Most computer viruses deliver a “payload.” The payload may be relatively benign, such as instructions to display a message or image, or it may be highly destructive destroying programs or data, clogging computer memory, reformatting a computer’s hard drive, or causing programs to run improperly. Viruses typically spread from computer to computer when humans take an action, such as sending an e-mail attachment or copying an infected file.
Most recent attacks have come from worms, which are independent computer programs that copy themselves from one computer to other computers over a network. Unlike viruses, worms can operate on their own without attaching to other computer program files and rely less on human behavior in order to spread from computer to computer. This explains why computer worms spread much more rapidly than computer viruses. Worms destroy data and programs as well as disrupt or even halt the operation of computer networks.
Worms and viruses are often spread over the Internet from files of downloaded software, from files attached to e-mail transmissions, or from compromised e-mail messages, online ads, or instant messaging. Viruses have also invaded computerized information systems from “infected” disks or infected machines. Especially prevalent today are drive-by downloads, consisting of malware that comes with a downloaded file that a user intentionally or unintentionally requests. Hackers can do to a smartphone just about anything they can do to any Internet device: request malicious files without user intervention, delete files, transmit files, install programs running in the background to monitor user actions, and potentially convert the smartphone into a robot in a botnet to send e-mail and text messages to anyone. With smartphones starting to outsell PCs, and smartphones increasingly used as payment devices, they are becoming a major avenue for malware.
Malware targeting mobile devices is not yet as extensive as that targeting larger computers, but nonetheless is spreading using e-mail, text messages, Bluetooth, and file downloads from the Web via Wi-Fi or cellular networks. The security firm McAfee found nearly 13,000 different kinds of malware targeting mobile devices in 2012 compared to less than 2,000 in 2011, with almost all attacks targeting devices using Google’s Android operating system. (Graziano, 2012). Mobile device viruses pose serious threats to enterprise computing because so many wireless devices are now linked to corporate information systems.
Blogs, wikis, and social networking sites such as Facebook have emerged as new conduits for malware or spyware. These applications allow users to post software code as part of the permissible content, and such code can be launched automatically as soon as a Web page is viewed. On July 4, 2011, hackers broke into the “Fox News Politics” Twitter account, sending fake messages about President Barack Obama. The hackers changed the account's password, preventing Fox from correcting the messages for hours (Sherr, 2011).
Internet security firm Symantec reported in 2012 that it had detected 403 million new and unique threats from malicious software in 2011, up from 286 million in 2010. Symantec observed that the amount of harmful software in the world passed the amount of beneficial software in 2007, and as many as one of every 10 downloads from the Web includes harmful programs (Drew and Kopytoff, 2011). According to Symantec, 36 percent of malware today is being targeted at small businesses, because it is more difficult for such companies to protect themselves against so many different types of attacks (Symantec, 2012). Table 8.1 describes the characteristics of some of the most harmful worms and viruses that have appeared to date. A Trojan horse is a software program that appears to be benign but then does something other than expected. The Trojan horse is not itself a virus because it does not replicate, but it is often a way for viruses or other malicious code to be introduced into a computer system. The term Trojan horse is based on the huge
Worms and viruses are often spread over the Internet from files of downloaded software, from files attached to e-mail transmissions, or from compromised e-mail messages, online ads, or instant messaging. Viruses have also invaded computerized information systems from “infected” disks or infected machines. Especially prevalent today are drive-by downloads, consisting of malware that comes with a downloaded file that a user intentionally or unintentionally requests. Hackers can do to a smartphone just about anything they can do to any Internet device: request malicious files without user intervention, delete files, transmit files, install programs running in the background to monitor user actions, and potentially convert the smartphone into a robot in a botnet to send e-mail and text messages to anyone. With smartphones starting to outsell PCs, and smartphones increasingly used as payment devices, they are becoming a major avenue for malware.
Malware targeting mobile devices is not yet as extensive as that targeting larger computers, but nonetheless is spreading using e-mail, text messages, Bluetooth, and file downloads from the Web via Wi-Fi or cellular networks. The security firm McAfee found nearly 13,000 different kinds of malware targeting mobile devices in 2012 compared to less than 2,000 in 2011, with almost all attacks targeting devices using Google’s Android operating system. (Graziano, 2012). Mobile device viruses pose serious threats to enterprise computing because so many wireless devices are now linked to corporate information systems.
Blogs, wikis, and social networking sites such as Facebook have emerged as new conduits for malware or spyware. These applications allow users to post software code as part of the permissible content, and such code can be launched automatically as soon as a Web page is viewed. On July 4, 2011, hackers broke into the “Fox News Politics” Twitter account, sending fake messages about President Barack Obama. The hackers changed the account's password, preventing Fox from correcting the messages for hours (Sherr, 2011).
Internet security firm Symantec reported in 2012 that it had detected 403 million new and unique threats from malicious software in 2011, up from 286 million in 2010. Symantec observed that the amount of harmful software in the world passed the amount of beneficial software in 2007, and as many as one of every 10 downloads from the Web includes harmful programs (Drew and Kopytoff, 2011). According to Symantec, 36 percent of malware today is being targeted at small businesses, because it is more difficult for such companies to protect themselves against so many different types of attacks (Symantec, 2012). Table 8.1 describes the characteristics of some of the most harmful worms and viruses that have appeared to date. A Trojan horse is a software program that appears to be benign but then does something other than expected. The Trojan horse is not itself a virus because it does not replicate, but it is often a way for viruses or other malicious code to be introduced into a computer system. The term Trojan horse is based on the huge
wooden horse used by the Greeks to trick the Trojans into opening the gates to their fortified city during the Trojan War. Once inside the city walls, Greek soldiers hidden in the horse revealed themselves and captured the city. An example of a modern-day Trojan horse is the MMarketPay.A Trojan for Android phones. This Trojan is hidden in several apps that appear to be legitimate, including travel and weather apps. It places orders for applications and movies automatically without the user’s permission, potentially causing users to be hit with unexpectedly high phone bills. MMarketPay.A has been detected in multiple app stores and has spread to more than 100,000 devices.
SQL injection attacks have become a major malware threat. SQL injection attacks take advantage of vulnerabilities in poorly coded Web application software to introduce malicious program code into a company’s systems and networks. These vulnerabilities occur when a Web application fails to properly validate or filter data entered by a user on a Web page, which might occur when ordering something online. An attacker uses this input validation error to send a rogue SQL query to the underlying database to access the database, plant malicious code, or access other systems on the network. Large Web applications have hundreds of places for inputting user data, each of which creates an opportunity for an SQL injection attack.
A large number of Web-facing applications are believed to have SQL injection vulnerabilities, and tools are available for hackers to check Web applications for these vulnerabilities. Such tools are able to locate a data entry field on a Web page form, enter data into it, and check the response to see if shows vulnerability to a SQL injection. Some types of spyware also act as malicious software. These small programs install themselves surreptitiously on computers to monitor user Web surfing activity and serve up advertising. Thousands of forms of spyware have been documented.
SQL injection attacks have become a major malware threat. SQL injection attacks take advantage of vulnerabilities in poorly coded Web application software to introduce malicious program code into a company’s systems and networks. These vulnerabilities occur when a Web application fails to properly validate or filter data entered by a user on a Web page, which might occur when ordering something online. An attacker uses this input validation error to send a rogue SQL query to the underlying database to access the database, plant malicious code, or access other systems on the network. Large Web applications have hundreds of places for inputting user data, each of which creates an opportunity for an SQL injection attack.
A large number of Web-facing applications are believed to have SQL injection vulnerabilities, and tools are available for hackers to check Web applications for these vulnerabilities. Such tools are able to locate a data entry field on a Web page form, enter data into it, and check the response to see if shows vulnerability to a SQL injection. Some types of spyware also act as malicious software. These small programs install themselves surreptitiously on computers to monitor user Web surfing activity and serve up advertising. Thousands of forms of spyware have been documented.
Many users find such spyware annoying, and some critics worry about its infringement on computer users’ privacy. Some forms of spyware are especially nefarious. Keyloggers record every keystroke made on a computer to steal serial numbers for software, to launch Internet attacks, to gain access to e-mail accounts, to obtain passwords to protected computer systems, or to pick up personal information such as credit card numbers. For example, the Zeus Trojan stole financial and personal data from online banking and social networking sites by surreptitiously tracking users' keystrokes as they entered data into their computers. Other spyware programs reset Web browser home pages, redirect search requests, or slow performance by taking up too much memory.
No comments:
Post a Comment