Hackers' weapons for attack keep pace with technological advances

Hackers' weapons for attack keep pace with technological advances

As the tools for building distributed applications improve, so do malicious developers' arsenals. The range of attacks available to those with idle hands, political goals or perhaps more sinister agendas is now larger than ever. Generally, the types of attack fall into the following categories:

Viruses. A virus, traditionally, is a piece of code that attaches itself to an innocent data file or executable program as a transport and then infects a host system when the file it has been connected to is launched. Usually it damages the system in the process, and infects more data or executable files on the system and any connected file systems, including network servers.


Traditional viruses use the file system as their primary mode of conveyance, but might be transmitted inadvertently as part of an attached data file by an infected PC.

Today, virus attacks come in so many ways that any piece of malicious software is generally referred to as a virus.

Worm. A worm is a more active piece of malicious code that hijacks some aspect of the system to propagate itself further, usually by e-mail. The Morris worm was a completely autonomous attack, requiring no user actions to allow it to continue. The Melissa and ILOVEYOU bugs sent themselves out as e-mail attachments, and needed a recipient to open them to continue their course. To some degree, that put these programs in the next category of malicious programs.

Trojan, or Trojan Horse. Like the Greeks' big wooden horse for which these programs are named, a Trojan horse comes disguised as something harmless to gain entry into an unsuspecting user's system.


The programs often do no direct damage to a system but are used to subvert system security. Qaz.trojan, the culprit in the recent Microsoft break-in, apparently transmitted passwords and other information that it captured to a hacker or hackers, letting them gain access, posing as Microsoft employees, to the Microsoft corporate network over a virtual private network connection.


Malicious Web scripts and applets. Hackers can use software loaded as part of Web pages to deliver any of the above types of attack, or otherwise subvert network security. While increasing the security settings of Web browsers can defeat many of these attacks, they are capable of further compromising the system without user action.


''
'Kevin Jonah

inside gcn

  • cyber hygiene (Lucky Business/Shutterstock.com)

    Cleaning up cyber hygiene

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group