Mousetrapping, Pharming and Bluesnarfing: How Well Do You Know Your Cyber Threats?

Cyber Security: Cyber Threats

Remember Heartbleed? In the wake of all that nastiness, organizations and individuals have redoubled their vigilance when it comes to cyber security.

But where the layman might simply refer to ‘computer viruses’, there are actually a whole whack load of sneaky threats that can be responsible for everything from mundane annoyances like popups, to taking down entire networks.

So it should come as no surprise that the Global Cyber Security Market is growing at a CAGR of 11.81 percent from 2014-2018.

But just like in high school health class, it’s important to know the names, signs and symptoms of the plethora of cyber threats that can wreak havoc on everything from your PC to an organization’s entire network.

To help boost your cyber savvy, TechNavio has put together a pretty comprehensive list of all the nasty bugs lurking around the web, which are boosting sales in the cyber security market.

Cyber Security

Trojan

A hacking program and a type of malware that tricks an operating systems into thinking it’s providing a desirable function, while actually deploying a malicious payload that allows unauthorized access to the computer. Trojans steal passwords and destroy files, programs, and folders. They also provide backdoor access, which helps hackers steal personal or confidential information. This type of malware uses online games or internet-driven applications to enter into target systems.

Virus                  

Like its namesake, a computer virus is a type of malware that replicates itself and attaches the copies to executable files, damaging them. It is a malicious program that can spread from one computer to another through data in a network. The ultimate goal of a virus is to ensure that the victim’s computer becomes inoperable.

Worms

A worm is similar to a virus in that it replicates and spreads from computer to computer via the network. The difference is that it does not attach itself to an existing program. It usually uses the space of a computer’s hard disks and takes up most of the user’s network bandwidth. Storm, Morris, and Mydoom are some of the worms that have caused massive damage in the past.

Adware             

Adware displays unwanted advertisements on a user’s web page to generate revenue for its author. It records the user’s internet history and sends it back to the host organization. However, spyware does not spread from computer to computer but instead attaches itself to the system and extracts relevant information from it.

Keylogger

A type of surveillance software that records every keystroke a user makes on the keyboard, which helps hackers steal people’s login credentials.

Backdoor

A method that allows attackers to bypass regular authentication and access valuable information. This is usually installed before an attack on the system.  

Exploit

Software programmed specifically to attack a particular vulnerability of a computer. When an exploit takes advantage of such vulnerability in an operating system, users of the system must issue a fix or patch to fend off the attack. Users can be exposed to a security breach if they fail to install a patch.

Botnet

Installed by a BotMaster to gain control of all computer bots via the Botnet infection. It mainly infects the system through drive-by downloads; it could also appear as a trojan infection.

Dropper

A dropper is a program that installs malware or backdoor to a target system when run. It is generally installed in two stages: the first stage carries the malicious code and the second stage auto-triggers a download process, installing the malware.

Phishing

The act of masquerading as a reliable entity to acquire confidential information from the victim. For instance, a fake website designed to look just like the actual website is a type of phishing attack. The idea of this attack is to trick users into entering their usernames and passwords on a fake login form, which serves the purpose of stealing the identity of the victim.

Cookies

Cookies are text files stored on the user’s system, which contain data relating to the users’ browsing sessions. Cookies are used by many websites to track users’ browsing information. Hackers and companies can use this information to gain personal details about the respective users.

Bluesnarfing

Bluesnarfing is the unauthorized access to specific mobile phones, laptops, or PDA via a Bluetooth connection. It provides access to the users’ photographs, calendar, contacts, and text messages.

Bluejacking

Bluejacking uses Bluetooth technology to send unsolicited messages to users with Bluetooth-enabled devices such as cell phones. Unlike bluesnarfing, bluejacking is harmless, as it does not compromise the users’ privacy.

DDoS

A web attack that attempts to disrupt the normal functioning of the targeted computer network by making the network resource unavailable to users. It occurs when multiple hosts flood the bandwidth of a particular network resource, causing traffic, which results in the disruption of online applications or services.

Boot Sector Virus              

A virus that places its own codes in a computer’s DoS boot sector. The DoS boot sector is generally corrupted when the virus infects the computer system. The chances of the virus infecting the system are high when the computer is booting.

Browser Hijackers

These rely on trojan malware to take control of the victim’s web browsing session. It is extremely dangerous, especially when the victim is trying to transfer money via online banking as hijackers can alter the destination of the bank account, and even the amount of money being transferred.

Mousetrapping

A method used by some websites to prevent visitors from leaving their websites. These websites generally trap users by introducing a series of pop-up ads, which relaunch their website in a window that can’t be closed or which redirects users back to their websites (even after repeatedly mashing the ‘back’ button).

Pharming

Similar to Phishing, pharming attacks can be performed in two ways: one is DNS poisoning, where a users’ DNS is compromised and their websites’ traffic is redirected to the attacker’s DNS. The other method involves editing the users’ host file. For instance, even if users provide the correct web link in their web browser, it will still redirect them to another website.

Crimeware

A type of malware designed to take control of a users’ computer system, automating cybercrime. Crimeware is usually used to commit identity theft and fraud. This malware makes it appear as though end-users have committed the crime instead of the hacker.

SQL Injection

SQLi is a technique used to attack data-driven applications. This technique exploits a security vulnerability that occurs in the database layer of an application. Using SQL injection, the attacker can extract or manipulate the web application’s data. The attack becomes viable when the user input is either incorrectly filtered for string literal escape characters embedded in SQL statements, or the user input is not strongly typed and thereby unexpectedly executed.