Computer security, cyber-security or information technology security (IT security) is the protection of computer systems from the theft of or damage to their hardware, software, or electronic data, as well as from the disruption or misdirection of the services they provide.
Internet security is a branch of computer security specifically related to not only Internet, often involving browser security and the World Wide Web. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet represents an insecure channel for exchanging information, which leads to a high risk of intrusion or fraud, such as phishing, online viruses, Trojans, worms and more. Many methods are used to protect the transfer of data, including encryption and from-the-ground-up engineering.
A cyber-attack is an exploitation of computer systems and networks. It uses malicious code to alter computer code, logic or data and lead to cybercrimes, such as information and identity theft.
Attacks can be classified into the following categories:
Web-based attacks
These are the attacks which occur on a website or web applications. Some of the important web-based attacks are as follows-
System-based attacks
These are the attacks which are intended to compromise a computer or a computer network. Some of the important system-based attacks are as follows-
1. Virus
A computer virus is a type of malicious software that, when executed, replicates itself by modifying other computer programs and inserting its own code. When this replication succeeds, the affected areas are then said to be "infected" with a computer virus.
A virus can be spread by opening an email attachment, clicking on an executable file, visiting an infected website or viewing an infected website advertisement. It can also be spread through infected removable storage devices, such USB drives. Once a virus has infected the host it has the capacity to corrupt or to delete data on your computer and it can utilize an email program to spread the virus to other computer systems .In the worst case scenario, it can even delete everything on your hard disk .The purpose of it is to disrupt the operation of the computer or the program.
Ripper, Stuxnet, Petya, Wanna cry, Code red, Melissa, Sasser, Zeus, Mydoom, Crypto Locker, Flashback are some example of Viruses.
2. Computer Worm
A computer worm is a malicious, self-replicating software program (malware) which affects the functions of software and hardware programs.
Before widespread use of networks, computer worms were spread through infected storage media, such as floppy diskettes, which, when mounted on a system, would infect other storage devices connected to the victim system. USB drives are still a common vector for computer worms.
Differences between worms and viruses:
Computer worms "are self-replicating programs that spread with no human intervention after they are started." In contrast, "viruses are also self-replicating programs, but usually require some action on the part of the user to spread inadvertently to other programs or systems."
3. Trojan horse
Trojan horse or Trojan is any malware which misleads users of its true intent. Trojans are generally spread by some form of social engineering, for example where a user is duped into executing an e-mail attachment disguised to appear not suspicious, (e.g., a routine form to be filled in), or by clicking on some fake advertisement on social media or anywhere else.
Trojans may allow an attacker to access users' personal information such as banking information, passwords, or personal identity. It can also delete a user's files or infect other devices connected to the network. Ransomware attacks are often carried out using a Trojan. After it is activated, it can achieve any number of attacks on the host, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses). Trojans are also known to create backdoors to give malicious users access to the system.
Unlike computer viruses and worms, Trojans generally do not attempt to inject themselves into other files or otherwise propagate themselves.
4. Malware
Short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of executable code, scripts, active content, and other software.
5. Ransomware
Ransomware is a type of malware program that infects and takes control of a system. It infects a computer with the intention of extorting money from its owner.
6. Spyware
Spyware is unwanted software that infiltrates your computing device, stealing your internet usage data and sensitive information. Spyware is classified as a type of malware designed to gain access to or damage your computer, often without your knowledge. Just like viruses, spyware can be installed when you open an e-mail attachment containing the malicious software or through cookies. It can also be installed when you install another program that has a spyware installer attached to it.
7. Adware
Adware, or advertising-supported software, is software that generates revenue for its developer by automatically generating online advertisements in the user interface of the software or on a screen presented to the user during the installation process. The software may generate two types of revenue: one is for the display of the advertisement and another on a "pay-per-click" basis, if the user clicks on the advertisement. The software may implement advertisements in a variety of ways, including a static box display, a banner display, full screen, a video, pop-up ad or in some other form.
8. Key logger
A key logger is a type of malware that stores all keystrokes of a computer. It can record all sorts of personal information, such as usernames, passwords, credit card numbers, and personal documents such as emails and reports.
9. Phishing
Phishing is the fraudulent attempt to obtain access credentials such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Typically carried out by email spoofing or instant messaging, it often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.
10. Spoofing
A Spoofing attack is a situation in which one person or program successfully represents oneself as another by falsifying data and thereby gaining an illegitimate advantage.
11. Pharming
Pharming is a cyber-attack intended to redirect a website's traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim's computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real IP addresses.
User of online banking and e-commerce websites are more prone to this attack.
296 videos|297 docs|179 tests
|
296 videos|297 docs|179 tests
|
|
Explore Courses for Bank Exams exam
|