Online security threat, is one of the issues that concerns many people. We must aware of the threats we are facing only then we can avoid from the trap.
Basically, cyber attacks include accidental actions, malicious attacks and online fraud.
ACCIDENTAL ACTIONS
This threat is avoidable because it arises from basic lack of knowledge about online security concepts and other such as poor password choices, accidental disclosure or outdated software. Other than that, misconfigured security products and information leakage resulting from insecure information transfer also contribute to the online security threats. Thus, education can help innocent online users from this threat.
MALICIOUS ATTACKS
These attacks specifically aim to harm targeted prey. For instance, computer virus, phishing, denial-of-service (DOS) attack, distributed denial-of-service (DdoS) attack, worm as well as trojan horse.
Computer virus
It is the most common form of malicious code which the program or a fragment of code replicates by attaching copies of itself to other programs. For example, the Melissa virus/worm which first spotted in March 1999 caused about $ 80 million in damage worldwide. This virus was embedded in WORD document and would be sent out as an attachment to the first fifty people in the e-mail. Besides, ‘ I LOVE YOU’ virus which was found on May 2000 also caused great impact in worldwide.
Phishing
Phishing is a social engineering attack that the electronic identity is misrepresented in an attempt to trick individuals into revealing credentials. This threat will be discussed in more detail in the later post.
Denial-of-service attacks (DOS) and Distributed denial-of –service (DDoS) attack
DOS involves one computer attacking another but they are growing into DDoS which attacks with the use of multiple computers in a highly organized form. A DDoS attacks by overwhelming the server with plenty of messages that seem normal. They will send a list of internet protocol (IP) addresses to the target machines which are under their control. When everything is ready, the attacker will give order to the machines to send data packets against the given IP using false identities. This process is called ‘sproofing’.
ONLINE FRAUD
Online fraud consists of identity theft and data theft.
Identity theft is basically about the attackers use a victim’s name to open an account using false identification. Then, the attacker will use the account to do what he plans to do. Besides, data theft is the manipulation of private data without the victim’s knowledge.
The example of online fraud is the Cisco Systems case in April 2001 which the two workers transfer stock share to their private portfolios.
Threats are everywhere. Be carefull and cautious.
Reference:
No comments:
Post a Comment