INSIDER ATTACKS
Logic Bombs
Logic Bombs
Logic bombs are small programs or sections of a program triggered by some event such as a certain date or time, a certain percentage of disk space filled, the removal of a file, and so on. For example, a programmer could establish a logic bomb to delete critical sections of code if she is terminated from the company. Logic bombs are most commonly installed by insiders with access to the system.
Login spoofing
Login spoofing are techniques used to steal a user's password.The user is presented with an ordinary looking login prompt for username and password, which is actually a malicious program, usually called a Trojan horse under the control of the attacker. When the username and password are entered, this information is logged or in some way passed along to the attacker, breaching security.
To prevent this, some operating systems require a special key combination (called a secure attention key) to be entered before a login screen is presented, for example Control-Alt-Delete. Users should be instructed to report login prompts that appear without having pressed this secure attention sequence. Only the kernel, which is the part of the operating system that interacts directly with the hardware, can detect whether the secure attention key has been pressed, so it cannot be intercepted by third party programs (unless the kernel itself has been compromised).
Trap doors
Trap doors, also referred to as backdoors, are bits of code embedded in programs by the programmer(s) to quickly gain access at a later time, often during the testing or debugging phase. If an unscrupulous programmer purposely leaves this code in or simply forgets to remove it, a potential security hole is introduced. Hackers often plant a backdoor on previously compromised systems to gain later access. Trap doors can be almost impossible to remove in a reliable manner. Often, reformatting the system is the only sure way.
MALWARE
Trojan horses
Trojan horses (often just called Trojans) are programs that must be installed or executed by a user to be effective. Often, these are shown to user as helpful or entertaining programs which can include operating system patches, Linux packages, or games. Once executed, however, Trojans perform actions the user did not intend or user never wants, such as opening certain ports for later intruder access, replacing certain files with other malicious files, and so on.
Virus
Virus is a program that copies itself and infects a PC, spreading from one file to another, and then from one PC to another when the files are copied or shared. Most viruses attach themselves to executable files, but some can target a master boot record, autorun scripts, MS Office macros, or even in some cases, arbitrary files. Many of these viruses, like CIH, are designed to render your PC completely inoperable, while others simply delete or corrupt your files—the general point is that a virus is designed to cause havoc and break stuff.
You can protect yourself from viruses by making certain your antivirus application is always updated with the latest definitions and avoiding suspicious looking files coming through email or otherwise. Pay special attention to the filename—if the file is supposed to be an mp3, and the name ends in .mp3.exe, you're dealing with a virus.
Spyware
Spyware is any software installed on your PC that collects your information without your knowledge, and sends that information back to the creator so they can use your personal information in some nefarious way. This could include keylogging to learn your passwords, watching your searching habits, changing out your browser home and search pages, adding obnoxious browser toolbars, or just stealing your passwords and credit card numbers.
Since spyware is primarily meant to make money at your expense, it doesn't usually kill your PC—in fact, many people have spyware running without even realizing it, Once you've got that many pieces of software spying on you, your PC is going to become slow.
Worms
Computer worms use the network to send copies of themselves to other PCs, usually utilizing a security hole to travel from one host to the next, often automatically without user intervention. Because they can spread so rapidly across a network, infecting every PC in their path, they tend to be the most well-known type of malware, although many users still mistakenly refer to them as viruses.
Some of the most famous worms include the ILOVEYOU worm, transmitted as an email attachment, which cost businesses upwards of 5.5 billion dollars in damage. The Code Red worm defaced 359,000 web sites, SQL Slammer slowed down the entire internet for a brief period of time, and the Blaster worm would force your PC to reboot repeatedly.
