Desktop and laptop computers can be attacked from a number of angles (or “threat vectors” in security parlance) that can lead to a data breach, an attacker taking over your computer or encrypting your own files from you, or even an intruder gaining access to your office’s bank accounts. Primary threats include malware (short for “malicious software”), ”social engineering” attacks, loss and theft. We’ll cover social engineering attacks in Part II of this course. In the meantime…
It is not at all uncommon for your computer to be attacked electronically as a result of clicking on a link to a website infected with malware (often referred to as a “drive by download”). These sites can be encountered anywhere on the Internet, including web searches and social media websites, as well as in the links found in the emails, instant messages or texts you receive. Individual files can also be infected with malware, which will attack your computer as soon as you open or download them. You can run across these infected files as email attachments or nearly any kind of download from the Internet (audio files, games, videos, etc.), it can happen though USB transfer too, if malicious or infected files are on a thumb drive that’s connected to your computer.
Malware comes in a variety of forms, including viruses, worms and Trojans. A virus is essentially a program that’s piggybacked onto another program or a file. When the underlying file or program is opened (or run), the virus starts to work. This also means a virus is effectively inert until someone opens/runs its host file or program. A worm is a self-replicating standalone program that spreads from system to system. This is often done via email. If you’ve ever seen (or experienced) one or more strange emails coming from a friend, family member or colleague’s correct email address, that may well have been a worm trying to spread itself by sending messages with infected links or attachments to people in their contact list. Once the recipient clicks on the link or opens the attachment, the worm can spread to the new system
Trojans make up the majority of current malware. “Trojan” is short for Trojan horse. It’s a hidden program that – like the Trojan horse of Greek legend – isn’t what it appears to be. Among other places, Trojans can be lurking on infected websites or hidden in software downloads, email attachments, and mobile apps. They can hide inside nearly any type of file (audio, video, office documents, pictures, etc.) and will often be disguised as something fun, interesting or important, to tempt you to click on them. While they may seem innocuous, they’re always bad. How bad? In effect, they come in all shapes and sizes and can do just about anything to your computer. This includes recording your keystrokes, spying on you with your computer’s camera and microphone, stealing personal info and business data and often installing a “backdoor” to allow cybercriminals to take control of your computer remotely. Many Trojans can also elude or even disable anti-virus software and other security measures.
A “botnet” is a group of computers that have been successfully co-opted via malware that forces them to be remotely controlled through the Internet. Botnets can be huge, with some controlling tens or even hundreds of thousands of unwitting victims. These compromised computers can be used for a number of purposes, including sending spam and disabling targeted websites with a flood of fake web traffic. This is called a distributed denial of service (DDoS) attack.
Unlike depictions of electronic attacks on television and in many movies, there is generally no alarm or warning of any kind when a computer is attacked or a network is breached.
Fake antivirus malware (aka “scareware”) is actually a type of attack that plays on the idea there’s supposed to be a warning sign. It will appear as an unexpected pop-up window claiming your computer has been infected by malware, with an offer to fix the problem if you just “click here.” The pop-ups are always fake. If you see one, don’t click on it (the pop-up itself is typically an infected link that will attack your computer).