Category Archives: Security
The Trojan Horse
The use of the wooden horse statue by the Greeks to invade Troy is arguably the oldest social engineering attack known to man. This method of making the Trojan to allow their destroyers get right into the homes of Troy is considered to be so clever, that an entire section of malware has been named after it.
The art of psychologically manipulating people so that they give up confidential/sensitive information is known as social engineering. These are non-technical attacks, which rely on fooling people into deviating from regular security procedures. People engaging in this criminal act either target individuals for things such as bank information and passwords, or they might target the employees of entire organizations for sensitive corporate information, which they can then use to make a lot of quick money in the market.The use of social engineering has increased drastically, because it is much more difficult to hack into someone’s software/password than it is to win their trust and exploit them to gain information that is wanted. No matter how technically sound the security chain might be, information is always susceptible to attack if the people involved with the information are vulnerable. The key to protecting oneself from such fraud is to develop a good sense of who and what to trust. The various types of social engineering that one can be targeted with are based on common attributes of the human thought process while making decisions. The various biases that a human may have towards a person or a situation are exploited in an endless list of combinations, some of which we will look at below.
Types of Social Engineering
Pretexting: This is one of the most common threats of social engineering, in which conmen create an imaginary scenario to interact with the targeted person in such a way that the person would voluntarily give out information or perform certain actions, which he/she would not do in ordinary circumstances. This technique is carried out by first finding out information about the targeted person or organization through documents such as discarded bank/financial statements, which is then used to convince the target that the conman has a sense of authority.
This technique can also be used by impersonating people like the police, tax officials, or insurance investigators, who in the mind of the victim have a right to know about the information. The conman simply does a little research to satisfactorily answer questions asked by the victims, behaves earnestly and authoritatively, and extracts information with quick thinking and manipulation of the situation.
Baiting: This technique uses the greed or curiosity of the target. Usually, the criminal uses some form of physical media like a CD or pen drive, which is given a legitimate but interesting label. It is then purposely left in a place like a restroom or elevator, where it is sure to be found by someone. When any person finds the CD, he/she is expected to get curious about the label and the data that it contains. However, on inserting the CD into a computer, they unknowingly install malware into the system, which could give the attacker unrestricted access, not only to that computer, but also to the company’s internal network.
Tailgating: In this method, the attacker’s intention is to gain entry into a restricted area of large organizations. If the area is guarded by electronic access systems, like electronic employee ID cards, the attacker just walks behind a legitimate employee having access to the area. Usually, the real employee will hold the door open for the attacker as courtesy, as he/she may think that the attacker is a part of the organization. They might forget to ask the attacker for identification, or may assume that he has misplaced his ID. The attacker might also display a fake ID, giving him access to any place that he may want to go.
Quid Pro Quo: In this technique, the attacker randomly calls telephone numbers at the targeted company, posing as a member of the technical assistance staff, and asking if there is any problem with the computer systems. Eventually, the attacker will find someone having a genuine problem, and will help solve the issue, all the while getting the distressed employee to unknowingly type in commands which will give the attacker access to the network, or put in a malware in the computer.
Phishing: This is another popular method used by criminals to fraudulently obtain private information about a person. The scam is run by either sending an email or making a phone call to the target. The email/phone call is designed to appear like legitimate correspondence from real businesses, like banks or credit card companies. If such an email is received, it will have links to a webpage with seemingly legit logos and company content, and a form which will request all kinds of details, such as PIN numbers or addresses, for alleged verification purposes.
In phone calls, a bogus interactive voice response (IVR) system prompts the target to call a supposed bank number, where a lot of information is asked for verification purposes. These systems work by appearing to reject login IDs and passwords entered by the victim, so that the information is entered multiple times. Some systems even transfer your call to the attacker, who gains information by acting as a representative from the customer service department.
Social Engineering Examples
Example 1: In 2011, a security company ironically had a breach in their security system, which the attacker accessed using social engineering. Over a couple of days, two phishing emails were sent to low-level employees of the firm. The subject of these emails was ‘2011 recruitment plan’. Eventually, one curious employee opened the excel attachment, which contained a malware, giving access to the attacker by a loophole in Adobe Flash software. The breach cost the company over USD 60 million.
Example 2: In 2013, a Chinese cyber-espionage group named ‘Hidden Lynx’ made several attacks on the digital code signing certificates of security companies. The group infected sites, which were accessed regularly by the target companies with malware, and gained access to the company network and networks of some of their clients.
Example 3: A bank in Belgium was robbed of diamonds and other gems worth over 21 million Euros in 2007 by a mysterious man, who is still at large. But what set this robbery apart from the others was that, the thief used only his charm and wit to do the job, despite the bank’s great security system. He visited the bank during business hours, became very friendly with the staff, brought them small gifts like chocolates, all the while making copies of the keys and finding information on where the jewels were. Finally, when the theft was found out, the employees could not believe that such a nice man could do such a terrible thing.
Social engineering attacks prey on the nature of humans to be helpful and trusting, and many individuals are unaware of how these attacks look like. Even if the employees of a company are trained to spot such frauds, third-party contacts can still compromise security. Therefore, such attacks are difficult to prevent completely. However, in order to make it difficult for social engineers and discourage them from attacking, some preventive measures need to be taken.
Measures to Prevent Social Engineering Attacks
-It is important to assess how much knowledge an individual or employees of the organization have about security, so that adequate training can be imparted to fill in the gaps in their knowledge.
-Training should be provided in small pieces rather than as a whole, so that it is easily understood.
-Using simulated attacks of likely fraudulent scenarios will help in identifying the signs of social engineering.
-Using advanced systems of security and different passwords for different accounts is very important.
-Regularly checking personal data, account details, and making requisite upgrades to security is very helpful.
-Keep security questions creative, and completely abstain from giving out personal information over the phone or email.
-Restrict information that can pass out of the organization, and never allow unauthorized guests to be unsupervised in areas with network access.
-Make sure that employees are trained to politely question people they don’t know, about their presence in the office premises, and ensure that regular sessions and talks about security issues are held, so the problem of social engineering is always fresh in the minds of the employees.
-Employees should be provided with an effective centralized system for reporting suspicious behavior, which will have a good chance of detecting social engineering patterns, and preventing disasters from taking place.
This list of preventive measures is by no means a complete one. However, it is hoped that the article has given you some food for thought. Social engineering attacks occur on a daily basis, and it is important that awareness is maintained, so that one does not give out information just because the attacker asked for it nicely.
Even if the computer is not plugged into a network, a person can open its cabinet and gain access to the hard drives, steal them and misuse or destroy the data saved on them or, damage the device altogether. It is also necessary to remember that in case one dissembles his computer hardware, the risk of losing coverage of warranty becomes very high.
The security of computer hardware and its components is also necessary for the overall protection of data. If a stand-alone system contains some important or classified information, it should be kept under constant surveillance. Locking system for a desktop and a security chain for a laptop are basic security devices for your machine. Certain disk locks are available in various sizes, which control the removal of the CPU cover protecting internal components of the system.
Computer networks are an integral part of any organization these days, as they facilitate the free flow of data and services to the authorized users. However, such networks also pose a security threat in case the data is classified and confidential, thus making network security a vital necessity.
As the data is available only for authorized users, it is possible for hackers to pretend to be one, by providing the correct user name and password. Computer network security can be disrupted or encroached.
Denial-of-service is meant to disable a computer or a network and can be executed with limited resources. It is one of the most common forms of attacks by hackers and can effectively disable the whole network of an organization. Denial of service attack makes a computer resource unavailable to its intended user.
To carry out this kind of attack, hackers generally flood a network or the access routers with bogus traffic. They also make attempts to disrupt connections between two machines and prevent individuals from accessing a service.
trojan horse virus program
Trojan horse is common and one of the most potential threats to computer security. They are malicious and security-breaking programs, disguised as something which is considered as non-malicious by the security software. They are a useful tool for hackers who try to break into private networks. Hackers generally attach Trojan horse to a file, which triggers a virus or remotely controlled software, giving the hacker complete control over the computer.
Viruses and worms are well-known for their destructive nature and the property of replicating themselves. They are basically pieces of computer program codes, which are written by hackers and other computer geniuses.
Sniffing is the act of intercepting TCP/IP packets while they are getting transferred on a network. The interception generally takes place through simple eavesdropping done by a hacker.
It is one of the most essential type of network security in today’s world of Internet. Firewall is a filter that prevents fraud websites from accessing your computer and damaging the data. However, a firewall is not a great option for securing the servers on the Internet because the main objective of a server is granting access to unknown users to connect to various web pages.
Along with firewall, try installing a good anti-virus and security software to enhance the security level of your computer system.
Although uncommon, hardware malfunction can prove to be a major threat to your data in the computer. The life span of hard disks is always limited because of surrounding factors and this can amount to a severe loss of all your files saved on the disk, if there is no proper backup of those files made on any other system.
It is important to avoid data and information loss in case of hard disk crashes. The only solution is to regularly keep backups of all the data on other media such as magnetic tapes, CD-ROM, etc. It is a good practice to store the media off-site and in case of a disk crash, restore the information from the backup media onto the new disk.
Install a software program on your computer that will clear all the old, unused files and registry keys. It will also help to detect malware and save your computer from a severe damage caused by it. Keep your system in the loop of latest updates and security alerts or else, it will become vulnerable to security threats.
It is important to keep a record of technical support consultants and software documentations, like manuals and guides to make them accessible to the staff members of the company.
Hackers have developed increasingly sophisticated means of tampering with the Web, including infecting or pirating critical software applications in both public and private sectors of business. Traditional security measures have protected software only by using passive activities such as encrypting files or hiding programs behind firewalls and security perimeters. The problem with passive approaches is that they provide just a single defense layer that experienced hackers can dispose of quickly, leaving applications with no protection once that security level is breached.
The Internet obviously has opened up new markets and business opportunities, but it has also provided for the rapid dissemination of malware, different types of viruses, and compromised applications that can bring business to a halt. With companies increasing global distributions and online sales, and increasing numbers of businesses conducting operations online, the risk to transactions and software is growing exponentially. Securing the perimeter of a network, application, or system is no longer sufficient in today’s distributed computing environment. To safeguard their intellectual property, companies need to adopt new approaches that integrate security directly into software and data.
To succeed in IP protection, security software must be durable and resilient. Protection methods currently used―authenticating users, specifying user privileges, and transaction verification―are easy for experienced hackers to get around because they are a single yes/no point of decision. Such individual decision points result in single failure points, which allows hackers to create tools of attack that are rapidly distributed throughout the Internet. Protection schemes must be renewed and updated to maintain immunity against the experienced hackers gain every time they successfully breach security.
Security solutions should be user-friendly so that users can tailor the software to fit their specific business requirements for their individual environment. The solutions should also be free of performance penalties, so that developers do not have to choose between the amount of performance they get and the amount of the application that is secured. Also, security approaches should be friendly toward developers, because providing security at the code level is expensive and labor-intensive. In addition, code-level security measures will not be reusable, so ongoing expenses will be high.
Successful protection of your IP requires a balanced, careful evaluation of the various approaches available, and then selection of the one that will provide you with the maximum defense against hackers. If you keep these requirements in mind while making your selection, then the next time a hacker tries to worm his/her way into your mission-critical applications, your IT administrator will receive prompt notification in real time, and will be able to respond appropriately to protect your network and systems. Thwarting hackers isn’t as daunting a challenge if you prepare yourself ahead of time, and ensure that you have the proper protection in place.
With the escalating popularity and usability of the Internet, it is only normal that issues like Internet security or Internet safety are being discussed. Other than hackers and spammers, even pedophiles (online predators) and cyber-terrorists are lurking on the Internet in search of easy prey. If you are wondering why everybody is increasingly talking about Internet security and the need to ensure Internet safety while surfing the virtual world, some information on the threats that you are likely to face in the cyberspace will help you get rid of your doubts.
Why is Internet Safety So Important?
In order to understand why you need to safeguard your privacy and maintain Internet safety standards, it is very important to be aware of the dangers or risks associated with unsecured Internet access. So let’s discuss some of the most common issues in Internet safety:
Unauthorized Network Access or Hacking
Unauthorized access is one of the major threats as far as Internet safety is concerned. Network security consists of the provisions made in an underlying computer network infrastructure to protect the network and the network-accessible resources from unauthorized access. Hacking means people can get unauthorized access to your account, computer, or network. Once they have the access to your account, they have complete control over all your transactions, and can misuse your account for illegal or objectionable purposes. A hacker getting access to your online banking account is as good as a robber getting access to your safe.
In March 2012, FBI Director, Robert Mueller revealed that hacking would overshadow terrorism as the biggest threat for the nation in the near future. While 50 per cent of the hacking cases in the US are attributed to hacktivism, a whopping 40 per cent are attributed to cybercrimes.
Phishing, Email Frauds, and Spamming
Phishing refers to the cases of online scams wherein people fraudulently acquire sensitive information by posing as a trustworthy entity via email or instant messaging. Often this information can include your important financial as well as personal contact details. The information can then be used for several illegal purposes, which, in turn, can put you in trouble. At times, this information is collected and sold to online advertisers as well. Online scams, which involve requests for your bank account numbers, passwords, or any other sensitive information, are a menace over the Internet. Spamming might be relatively harmless, but it is just as annoying since it floods your mailbox with unwanted advertising. Spammers are also likely to sell your address and phone numbers, as a result of which you might end up getting bombarded with telemarketing calls and snail mail at times.
RSA Security LLC, formerly known as RSA, is a reputed computer and network security company based in the United States. If the data revealed by them in July 2012 is to be believed, the worldwide monetary losses from phishing alone accounted for over US$687 million in the first half of 2012. Similarly, Google Transparency Report reveals that the search engine giant flags around 10,000 websites as unsafe on a daily basis because of phishing and malware.
Sexual Abuse, Pedophiles, and Pornography
The Internet is not just flooded with illegal pornographic content, but is also full of sexual predators on a lookout for easy prey. There are several cases of pedophiles trapping children via chat and web cams, bullying them into meeting in person, and abusing them. Internet pornography is a major threat for the people who frequently keep on posting their photographs and videos over the Internet, since these can be misused and even posted on pornographic sites.
In 1998, the National Center for Missing & Exploited Children started the CyberTipline (1-800-843-5678) to help people report crimes against children. Since its inception, it has received more than 1.7 million reports of suspected child sexual exploitation. Furthermore, between 2004 and 2008, the law enforcement agencies working on Internet Crimes Against Children recorded a rise of 230 percent in the number of documented complaints of online enticement.
Cyberterrorism – A Threat to National Security
Several government websites contain important information, which is either uploaded over the Internet or stored in their database. These websites are vulnerable to security threats since many people try to break into security systems to access undisclosed matters of national importance. Almost every major terror group uses the Internet today, primarily as a propaganda tool and also as a means of communication. Cyber-terrorists can also bring down the infrastructure, which is more or less dependent on the Internet today, to spread panic in the world. While cyberterrorism is definitely a threat, criminal activities (e.g. Internet extortion) and nuisance attacks (e.g. email bombing) are also rampant in the virtual world.
Ways to Ensure Internet Safety
Secure Your Network
Taking into account how vulnerable we are to cybercrimes, having strong firewall protection for the network is a must today. In case you want to secure your network for your home PC, you need a basic firewall, anti-virus software, anti-spyware software, and a robust password in case of wireless connections. In case you have a medium business, you would need a strong firewall and all the previously mentioned parameters with the addition of physical security and a network analyzer. In case of large businesses, you would require stronger Internet security software and security fencing in addition to the network analyzers.
Make Internet Child-safe
It is safe to educate your children about the possible dangers of the Internet and supervise their online activities for a while, but your children might get a wrong impression if they realize that you are spying on their online activities. This is where cyber security software and hardware come to you rescue. It is possible to make Internet child-safe by using software which allows you block websites which are not ideal for children. An even better option is to have a healthy relationship with your children. It will help you discuss the dos and don’ts of the Internet with them, without sounding preachy.
Internet safety or Internet security is an important issue that needs to be dealt with for safeguarding the security and privacy over the World Wide Web. With Internet security threats, like hacking, phishing, spyware and virus attacks, identity thefts, cyberbullying, child pornography, etc., becoming commonplace, it is high time you resort to smart-surfing and protect your computer and your data online.