Hello, everybody.!!! Welcome to INTROSPECTION. Today I 'm back with another post in the "INFO-BLISS" category. Earlier, we wrote a post on crimes and investigations (Link: CRIME HUNT). But in that post, we didn't write a single word about cybercrime because there's a lot to know about it. So I'm going to talk about cybercrime today.
Let's dive in...
Types:
Malware: "MALWARE" can be thought of as a software code with negative shades. Because malware is nothing but a software code designed by cyber attackers that damages system functionality, data, disrupt software, and gets unauthorized access to the network/account. There are a number of forms of malware, such as computer viruses, worms, trojan horses, and spyware. Usually, malware enters computers in a variety of ways, i.e., by downloading malicious software or files from unknown websites or by placing irrelevant ads on websites offering lotteries or money.
Solutions and prevention:
Phishing: This is not as famous as the term malware, but it can be just as dangerous or sometimes more dangerous than malware. Phishing steals the person's sensitive credentials by sending e-mails, messages, or just by calling. This is often achieved by the attackers using the name of some technical support teams, customer service teams, .. etc of some major companies or applications that you are using. Phishing is performed anonymously to people belonging to a group like one company's workers or a group of website users. There is also "SPEARFISHING" that is used on people targeted.
Password attacks: As the name itself suggests, this is the method of stealing passwords. There are various methods, such as brute force attacks, dictionary attacks, and key-logger attacks. Now, I'm not going too deeply into each of these topics, but if you're interested, you can google them.
Solutions and prevention:
Man in the middle(MITM): The attacker steals all information communicated between the service/company/website/app and the customer. He does this by acting as a customer with the company and acting as a company with the customer. First of all, he gets access to the low secured part of this communication and makes his way inside.
Solutions and prevention:
Distributed denial of service(DDOS): The attacker floods the network or service with very huge traffics as a result the receiving network gets overloaded and eventually stops functioning. This is done to some big companies as a sign to protest against governments or others.
Solutions and prevention:
Rogue Software: Rogue software is a type of software that alerts you to the presence of a virus on your computer, which appears to be fake. Then it presents you with a fake anti-virus solution for the present fake virus that will lead you to download malicious anti-virus software that can harm your computer even more.
Solutions and prevention:
STUXNET: Now, this topic may feel like a fictional conspiracy movie, but everything that has happened is real.
TWITTER HACK: I'm sure you don't remember how your day was on July 15, 2020. But it's the day that something so frightening happened.
Conclusion: Referring to my words from one of my previous posts, "We are all connected, with a powerful tool called INFORMATION." But protecting this tool from thieves is just as important as having access to it. So do not neglect any protective measures that are needed to be taken for security purposes.
Thank you..!!!
Let us know your thoughts about this topic in the comments.
Don't hesitate to share it with your friends, because "SHARING IS CARING", right??
Let's dive in...
Types:
There are several types of cyberattacks. Like:
Malware: "MALWARE" can be thought of as a software code with negative shades. Because malware is nothing but a software code designed by cyber attackers that damages system functionality, data, disrupt software, and gets unauthorized access to the network/account. There are a number of forms of malware, such as computer viruses, worms, trojan horses, and spyware. Usually, malware enters computers in a variety of ways, i.e., by downloading malicious software or files from unknown websites or by placing irrelevant ads on websites offering lotteries or money.
Solutions and prevention:
- By maintaining a proper firewall and good anti-virus software for your device.
- Updating those firewalls and anti-viruses regularly is also important.
- Using an adblocker is recommended.
- The best way is to use your common sense and keeping yourself from downloading malicious files or software.
Phishing: This is not as famous as the term malware, but it can be just as dangerous or sometimes more dangerous than malware. Phishing steals the person's sensitive credentials by sending e-mails, messages, or just by calling. This is often achieved by the attackers using the name of some technical support teams, customer service teams, .. etc of some major companies or applications that you are using. Phishing is performed anonymously to people belonging to a group like one company's workers or a group of website users. There is also "SPEARFISHING" that is used on people targeted.
Solutions and prevention:
- The best-proven way to prevent this threat is to use common sense and not fall into the traps of suspicious emails, messages, or calls.
Password attacks: As the name itself suggests, this is the method of stealing passwords. There are various methods, such as brute force attacks, dictionary attacks, and key-logger attacks. Now, I'm not going too deeply into each of these topics, but if you're interested, you can google them.
Solutions and prevention:
- Use strong security, such as double step authentication for important accounts and websites.
- Setting unique passwords for different accounts that you use is the best way to avoid this attack.
- It can be more useful to be meaningless because using meaningless passwords that include alphanumerics can make it difficult to steal your passwords.
- Setting the answers to your security questions is key, think of the answers as extra passwords, and then set up the answers to those security questions.
- It may also be useful to use the password manager and to change passwords on a regular basis.
Solutions and prevention:
- Checking the security encryption(like HTTPS/HTTP) for the websites you use.
- Using a good virtual private network(VPN) can be more secured.
Distributed denial of service(DDOS): The attacker floods the network or service with very huge traffics as a result the receiving network gets overloaded and eventually stops functioning. This is done to some big companies as a sign to protest against governments or others.
Solutions and prevention:
- Having proper traffic monitoring system and traffic analyzing system is more important.
Rogue Software: Rogue software is a type of software that alerts you to the presence of a virus on your computer, which appears to be fake. Then it presents you with a fake anti-virus solution for the present fake virus that will lead you to download malicious anti-virus software that can harm your computer even more.
Solutions and prevention:
- Again, maintaining an authorized, proper firewall and anti-virus software is important.
- Be aware of your system's condition and performance so that you don't have to trust any message or warning about the presence of viruses on your system.
- More importantly, use your common sense and think once you download any file or software.
Let's talk about some real incidents:
But before that...If you find our posts interesting, consider subscribing to "INTROSPECTION" to receive email updates for every new post. And you can access our other category posts from the drop-down on the top, take a look at it..!!
But before that...If you find our posts interesting, consider subscribing to "INTROSPECTION" to receive email updates for every new post. And you can access our other category posts from the drop-down on the top, take a look at it..!!
1. MORRIS WORM:
- This is a malware attack that took place in 1988. It is said that this is the first cyberattack on the Internet in the early days of its evolution.
- The creator of this worm is the student of MIT "ROBERT TAPPAN MORRIS."
- Within 24hours, this worm infected 6,000 computers out of a total of 60,000 computers that were connected to the internet at the time and began damaging them.
- As those are days when the internet is still in its early stages, this morris warm was an eye-opening malware for internet users as it introduced people to the term "CYBER ATTACK" that nobody knew at the time.
- In the end, Morris who created this worm said that he created this just out of curiosity to know the extent of the internet.
STUXNET: Now, this topic may feel like a fictional conspiracy movie, but everything that has happened is real.
A brief summary of what happened: Doubting Iran and its nuclear program of some kind, both America and Israel thought to stop this nuclear project of Iran. After a few failed negotiations they chose a different way rather than sending military forces to not look suspicious.
- That's when a very strong, sophisticated, and accurate malware called "STUXNET" was developed and released into the setup where the nuclear project was taking place.
- Although the creators have taken so much care in designing its working mechanism, Stuxnet has gone out of control, affecting 2,000,000 systems and damaging 1,000 Iranian installations.
- Due to its uncontrolled aggression, it started spreading to more systems than it was supposed to be and eventually the whole of Iran. This is how it came to public exposure.
- Although neither country has admitted its role in this incident, it is understood that this is a combined plan of both the US and Israel Governments, as it is not possible for some normal cyber attackers to create such a powerful malware.
- The development of Stuxnet was said to have started in 2005 and was first uncovered in 2010.
- There is no other malware until today that is more powerful than Stuxnet.
TWITTER HACK: I'm sure you don't remember how your day was on July 15, 2020. But it's the day that something so frightening happened.
- A 17-year-old hacker convinced Twitter's IT employee that he was a colleague who needed login credentials to access the company's customer support platform.
- After getting those credentials he did a very simple task of hacking 130 twitter accounts.
- But that's not it, the real jaw-dropping has to start from here. Because those 130 accounts include the accounts of Barack Obama, Jeff Bezos, Elon Musk, Joe Biden, Bill Gates, etc.
- After hacking those he posted a tweet from all those accounts which looks something like this:
With that power, he could have stolen a lot, but it's really good that the damage was limited to $100,000.
Conclusion: Referring to my words from one of my previous posts, "We are all connected, with a powerful tool called INFORMATION." But protecting this tool from thieves is just as important as having access to it. So do not neglect any protective measures that are needed to be taken for security purposes.
Thank you..!!!
Let us know your thoughts about this topic in the comments.
Don't hesitate to share it with your friends, because "SHARING IS CARING", right??