Home | Support | Contact Us | Site Map

Sklar Technologies

Resource Library Email Newsletter

HACKERS/VIRUSES THREATS


Viruses are something almost everyone has experienced to one degree or another, but because we have anti-virus software, we tend to feel less threatened by them. However, in order for the global virus database to be updated, someone must be infected and engineers must have enough data to identify and characterize the virus.

Hundreds of thousands of people can be affected by the virus before a detection method is developed and the virus eliminated. If you’re lucky, the virus will only be one of inconvenience and annoyance; however, it could be a virus of destruction and your data could be permanently lost.

Hackers are another way in which data can be lost. Most of the hacking we hear about involves individuals breaking into a system for private information. What we don’t hear about is hackers breaking into a system and compromising data. Companies that experience a breach are reluctant to report it, fearing the effect on their public image. Most never know it ever even happened. If you have a firewall and virus protection and think you are protected… think again.

Only when a breach involves private and confidential information of customers are companies required by law to disclose the breach publicly.

Phishing

The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

Trojan horse

A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive.

Spyware

Any software that covertly gathers user information through the user's Internet connection without his or her knowledge.

Here is a brief explanation of how spyware works:
Spyware applications are typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with spyware.

Once installed, the spyware monitors user activity on the Internet and transmits that information in the background to someone else. Spyware can also gather information about e-mail addresses, passwords and credit card numbers. Spyware is similar to a Trojan horse in that users unwittingly install the product when they install something else.

Keylogger (Keystroke Logging)

A keylogger is a type of surveillance software (considered to be either software or spyware) that has the capability to record every keystroke you make to a log file (usually encrypted). A keylogger recorder can record instant messages, e-mail, and any information you type at any time using your keyboard. The log file created by the keylogger can then be sent to a specified receiver. Some keylogger programs will also record any e-mail addresses you use and Web site URLs you visit.

Keyloggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Unfortunately, keyloggers can also be embedded in spyware allowing your information to be transmitted to an unknown third party.

Worm Virus

Virus that spreads through operating system flaws faster than the virus protection companies can deploy the signatures required to prevent the infection. Examples would be SQL Slammer and blaster. These are prevented with a disciplined approach of patch management, intrusion detection based on behavior and a prompt response.

Botnet

Botnet is a jargon term for a collection of software robots, or bots, which run autonomously as a network, working together. The word is generally used to refer to a collection of compromised machines running programs (usually referred to as worms, Trojan horses, or backdoors) under a common command and control infrastructure.

Generally, the perpetrator of the botnet has compromised a series of systems using various tools (exploits, buffer overflows, etc.). Newer bots can automatically scan their environment and propagate themselves using vulnerabilities and weak passwords. Generally, the more vulnerabilities a bot can scan and propagate through, the more valuable it becomes to a botnet owner community.

An example could be an end user gets a phishing email, clicks on the link to view the evite card, free laptop or vacation they are giving away or perhaps a false alert from paypal or a bank claiming someone has accessed their system and you need to change the creditials necessary for future access. Then once you click on the link you could be inadvertently downloading a bot or malicious software agent (i.e. spyware, Trojan, keylogger, etc.). Once installed the intruder can begin to collect information and use this system to attack another system thus creating a network of Zombie systems working together automatically under a common control infrastructure (i.e. a botnet).