With the rapid growth of internet (also known as cyberspace) and internet applications, there is also a rapid increase in security incidents. In the context of computer science, computer security, also known as cyber security, is the prevention of, or protection against –
n Theft or damage to the hardware, software.
n Access to information by unauthorized recipients.
n Intentional but unauthorized destruction or alteration of that information.
So, how internet security is compromised? There are a few common methods used by malicious attackers such as bailing, phishing, Trojan horse, ransomware etc. that falls under several broad categories.
Social Engineering: Social Engineering is a kind of security attack that relies heavily on human interaction. Such kind of attacks often involves tricking people into breaking security procedures. Social engineering is also called “con game” of the network. A social engineer is someone who uses deception, persuasion, and influence to get information that would otherwise be unavailable. A social engineer relies on people’s willingness to be helpful. For example, the social engineer might pretend to be a co-worker who has some kind of urgent problem that requires access to additional network resources. Popular types of social engineering attacks include:
Baiting: Baiting is when an attacker leaves a malware-infected physical device, such as a USB flash drive in a well accessed place where it is guaranteed to be found. The finder then picks up the device and loads it onto his or her computer, unintentionally installing the malware.
Phishing: Phishing is when a malicious party sends a sham email disguised as a legitimate email, often implying to be from a trusted source. Such email is meant to trick the recipient into sharing personal or financial information or clicking on a link that installs malware.
Spear phishing: Spear phishing is like phishing, but it targets a specific individual or organization.
Pretexting: Pretexting is when one party lies to another party to gain access to privileged data. For example, a pretexting scam could involve an attacker who pretends to need personal or financial data in order to confirm the identity of the recipient.
Scareware: Scareware involves tricking the victim into thinking his computer is infected with malware or has inadvertently downloaded illegal content. The attacker then offers the victim a solution that will fix the bogus problem. In reality, the victim is simply tricked into downloading and installing the attacker’s malware.
Reverse social engineering: Reverse social engineering has three steps: sabotage, advertising, and assisting. It is a person-to-person attack in which the social engineer convinces the target that he or she has a problem or might face a certain problem in the future and the social engineer is ready to help solve the problem. If this reverse social engineering is performed well enough to convince the target, he often calls the social engineer and asks for help. The Reverse social engineeringsteps are described as follows:
In the first step, a social engineer finds a way to sabotage a network. This can be as complex as launching a network attack against a target website, or as simple as sending an email from a sham email address telling users that they are infected with a virus. No matter what technique is employed, the social engineer has either sabotaged the network or given the impression that the network is sabotaged.
In the second step, the social engineer advertises himself as a person of authority,skilled in solving the problem. This can be done by various means such as dropping business cards, or sending emails that advertise his services.
In the final step, the attacked party sees the advertisement, contacts the engineer under the false pretense that the social engineer is a legitimate consultant, and allows the social engineer to work on the network. The engineer has successfully gained the trust of the target and obtains access to sensitive information such as confidential data.
Virus:A computer virus is much like a flu virus. It is designed to spread from host to host and has the ability to replicate itself. In more technical terms, a computer virus is a type of malicious software program or malware that, when executed, replicates by reproducing itself (copying its own source code) or infecting other computer programs by modifying them. The programs can include any sort of files, or the boot sector of the hard drive. A boot sector is a physical sector on a hard drive that includes information about how to start the boot process in order to load an operating system.
In today’s constantly connected world, a user can obtain a computer virus in many ways. Viruses can be spread through email and text message attachments, Internet file downloads, social media scam links, and even mobile devices. Smartphones can become infected with mobile viruses through shady App downloads. Viruses can hide disguised as attachments of socially shareable content such as funny images, greeting cards, or audio and video files.
Worm: A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Worms utilize computer network to spread itself, exploiting vulnerabilities, relying on security failures on the target computer to access it. It causes harm by consuming bandwidth, deleting files or sending documents via email. Unlike a computer virus, it does not need to attach itself to an existing program. Computer worms pose a significant threat due to the potential damage they might cause. A particularly notorious incident occurred in 1988 when a computer worm named the Morris worm caused millions of dollars in damage, and its creator was convicted under for this act.
Trojan horse: The term comes from Greek mythology about the Trojan War. In Greek mythology, the Trojan War was waged against the city of Troy where the Greeks concealed themselves into a hollow wooden statue of horse (also known as Trojan horse) in order to enter Troy by stealth. During the night, soldiers who had been hiding inside the horse emerged, opened the city’s gates to let their fellow soldiers in and then overran the city, thus winning the war. In computing, a Trojan horse is any malicious computer program which is used to hack into a computer by misleading users of its true intent. Simply put, a Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data. Attackers use Trojan horse as a way to trick end users into installing malware. Usually, the malware is hidden within an innocent-looking email attachment or a free program such as a game. When the user downloads the Trojan horse, the malware that is hidden inside is also downloaded. Once inside the computing device, the malicious code can execute whatever task the attacker designed it to carry out.
Ransomware: Ransomware is a malware that restricts access to the infected computer system, demanding that the user pays a ransom to the malware operators to remove the restriction. There are different types of ransomware such as lockscreen ransomware and encryption ransomware. However, all of them will prevent the infected computer system from operating normally. Ransomware can:
Prevent the infected user from accessing Windows.
n Encrypt files so the user can’t use them.
n Stop certain applications from running (like the web browser).
There have been a number of major cyber-attacks in the recent years. The most discussed one in Bangladesh is the $81M Bangladesh Bank Heist. On February 4, 2016 unknown hackers used SWIFT credentials of Bangladesh Central Bank employees to send more than three dozen fraudulent money transfer requests to the Federal Reserve Bank of New York, asking the bank to transfer millions of the Bangladesh Bank’s funds to bank accounts in the Philippines, Sri Lanka and other parts of Asia. SWIFT is a consortium that operates a trusted and closed computer network for communication between member banks around the world. By targeting the SWIFT network, the hackers undermined a system that until now was considered as flawless.
So, how did the attackers compromised SWIFT? There are a number of reasons. But the most highlighted ones were:
Insiders may have cooperated.
Lax computer security practices at Bangladesh Bank were to blame. The bank reportedly didn’t have firewalls installed on its networks, raising the possibility that hackers may have breached the network and found the credentials stored on the system.
In 2012, there have been major data breaches. LinkedIn, MySpace, Tumblr were among the attacked services. Databases with their users’ credentials went for sale on the dark web, leaving a total of around 500 million accounts exposed. LinkedIn was one of the first major social networks to be hacked. LinkedIn was hacked by an unknown Russian entity, and six million user credentials were leaked online.
Mark Zuckerberg’s (Founder and CEO of Facebook) social-media accounts got hacked because his password was terrible. Facebook Inc.’s first “security tip” for the users is, “Don’t use your Facebook password anywhere else online.” Zuckerberg seemed to have reused the password: “dadada,”. The password had appeared in the database of more than 100 million usernames and passwords stolen in 2012 from LinkedIn Corp. The passwords may be several years old, but they can still be useful to hackers, who then use them to try to break into other accounts, hoping that they will stumble on users like Mr. Zuckerberg, who reuse their passwords.
To many users, computer security is treated as a joke until a serious problem arises. At that point, a breach in security can cause huge and potentially harmful problems to the user such as identity theft or stealing of confidential data like credit card number. A few simple steps can be employed by the network users to prevent malicious attacks.
Implementing strong passwords is the easiest thing the user can do to strengthen his security. Proper password practices can be:
n Using non-personal information
n Using uncommon information
n Using a combination of characters
n Ensuring sufficient length
n Ensuring uniqueness
n Correlating complexity with risk
Putting up a strong firewall: Firewalls are an important security protection. Firewall sits between a computer (ora local network) and another network (such as the Internet), controlling the incoming and outgoing network traffic. With a firewall, the firewall’s rules determine which traffic is allowed through and which isn’t.
Installing Antivirus protection:Antivirus refers to the traditional means of fighting computer malware. It gives a real time protection safeguarding the computer from threats and other malicious attacks.
Updating programs regularly: Making sure the computer is “properly patched and updated” is a necessary step towards being fully protected, there’s little or no point in installing all these great software if the system is not going to maintain it right.
Backup regularly: Scheduling regular backups to an external hard drive, or in the cloud, is an effective way to ensure that all the important data is stored safely. Getting such data compromised is a painful experience – trust me, I know.
Be careful with email, instant messaging (IM) and surfing the Web: It is not uncommon for an unsuspecting user to click on a link or download an attachment that they believe is harmless. A user should never click on a link that he wasn’t expecting or don’t know the origination of the e-mail or IM. The user should take every “warning box” that appears on the screen seriously and understand that every new piece of software comes with its own set of vulnerabilities.
Education: A user should educate himself on different types of cyber-attack and know how to protect himself against them. Education is the first step in creating awareness.
The easiest way to get into a computer system is simply to ask permission. At the end of the day, no matter how much encryption and security technology such as firewall, virtual private networks (VPNs) is implemented in the device, a network is never completely secure, mostly because it is impossible to get rid of the weakest link – the human factor. Security awareness training can go a long way towards preventing security attacks. If people know what forms security attacks are likely to take, they will be less likely to become victims.
Tahira Islam is a software engineer and an emerging entrepreneur.