This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Viruses are one of the biggest threats in computer security and a very common form of all threats computers can have. A Virus is a program that secretly attaches to another document or program and execute when that document or program is opened. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability.
It might contain instructions that cause problems ranging from displaying an annoying message to erasing files from a hard drive or causing a computer to crash repeatedly. A virus can infect everything in a computer including files, e-mails, and attachments. It causes the computer crush and results absolute data loss.
A virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.
There are different types of viruses exist in the world. Some of them are as follows,
- Resident virus
- FAT virus
- Companion virus
- File infectors
- Polymorphic virus
- Boot virus
- Macro virus
- Overwrite virus
- Direct action virus
Although similar in nature, worms are different from viruses in two regards:
A virus attaches itself to a computer document, such as an e-mail message, and is spread by traveling along with the document.
A virus needs the user to perform some type of action, such as starting a program or reading an e-mail message, to start the infection.
Worms are usually distributed via e-mail attachments as separate executable programs
In many instances, reading the e-mail message starts the worm
If the worm does not start automatically, attackers can trick the user to start the program and launch the worm.
It runs independently and does not require a host program. It propagates a fully working version of itself to other machines and carries a payload performing hidden tasks Backdoors, spam relays, DDoS agents.
Phases of the worm:
Probing -> Exploitation -> Replication -> Payload
Example of some of the famous viruses:
Morris worm, 1988
Code Red worm, July 16 2001
Love Bug worm.
Trojan horse is a program with an overt (expected) and covert effect. It appears normal/expected and covert effect violates security policy. It might disguise itself as free calendar programs or other interesting software.
Some of the common strategies of Trojan horses:
- Giving a malicious program the name of a file associated with a benign program
- Combining two or more executable programs into a single filename
E.g., - Autorun.inf
Logic bombs are embedded in legitimate programs and activated when specified conditions met,
- E.g., presence/absence of some file; Particular date/time or particular user
When it triggered, typically damages system, modifies, alters, delete files and disks.
Denial of Service (DoS) is a very common attack to a system. And it is one of the biggest threats to any computer security system. The very basic idea of this attack is to make the system service unavailable to the legitimate user when it demands. I mean the authorised user can not access to the system for information or any kind of service they require. Denial of Service can attack whole network system and prevent the legitimate user accessing the network system and even it prevents the user from accessing e-mails, websites and online accounts including banking or other services that rely on the affected computer. It is also known as a SYN attack because it exploits the SYN/ACK “handshake”.
The common technique of this attack is, ‘floods' the server with requests. The attackers overload the network with information. When the legitimate user sends any request to that particular server to open any site, the user is not able to open it. Because the server deny your request as the server has already been overloaded by the attacker's requests when the server can only process a certain number of requests at once. Server denies the service and that's why it is called ‘denial of service'.
Another technique, the attackers use to attack the user's e-mail account is to flood their account with spam e-mail messages. A user can either have an e-mail account supplied by his/her employer or one available through a free service provided by Yahoo, Hotmail, Googlemail or Rediffmail. Every user account is assigned a specific quota, which limits the amount of data the user can have in their account at any given time. An attacker can consume this quota by sending many, or large, unwanted e-mail messages to the account. It leads preventing the user from receiving legitimate messages.
Another DoS attack tricks computers into responding to a false request. An attacker can send a request to all computers on the network making it appear a server is asking for a response. Each computer then responds to the server, overwhelming it, and causing the server to crash or be unavailable to legitimate users.
Cyber attack & digital terrorism:
This crime can happen for many reasons. Cyber crime is a very common crime in the world. Anyone can do the crime online intentionally and easily. There is no police force online. Now a days more and more criminals shifting their crime from armed robbery to cyber crime. The criminals are choosing this way because the crime can be committed from anywhere and any computer and even without leaving any clues. Cyber crime can be committed from next door to 10,000 miles away with the same effect.
From the above discussion we can easily get to know cyber crime is being committed to get some advantages over the criminal's competitors. The business organization can do it get the business secret of its competitors and get the edge of business. The politician can use it to get the political advantage. And some of them can use it to get ransom money, trap, and threat to be killed and so on. Some criminals do it from curiosity just for fun but in near future they get involved into it.
A very important form of cyber crime is digital terrorism. The experts fear terrorists will attack the network and computer infrastructure to cause panic. Cyber-terrorists' motivation may be defined as ideology, or attacking for the sake of their principles or beliefs. One of the targets highest on the list of cyber-terrorists is the Internet itself. Three goals of a cyber-attack:
- Deface electronic information to spread disinformation and propaganda.
- Deny service to legitimate computer users.
- Commit unauthorized intrusions into systems and networks that result in critical infrastructure outages and corruption of vital data.
The identity theft is a crime.Identity theft is a term used to refer to all types of crime in which someone wrongfully obtains and uses another person's personal data in some way that involves fraud or deception, typically for economic gain.
Information theft is nothing but stealing information which is not belongs to the criminal that involves fraud activities and also for economic gain. There are numbers of information theft committing throughout the world. There are very common types are, credit card information theft including other bank card, social security information theft, database theft and so on.
The differences between those two are the criminal steals someone's identity to establish himself as the right person who the identity belongs to and commit the crime. Once the identity is captured, it is very easy to commit crimes because the criminal use the identity as their own. On the other hand in terms of information theft the criminal directly steal someone's information so that the criminal does not have to act like the right person for any identification and can do the crime.
The implications between those two are the identity theft and the information theft are very similar and both are crime. When the criminal steal someone's identity he can easily access to the victim's information. First step to steal identity and then access to the information. Those are related each other.