Hackers' weapons for attack keep pace with technological advances

Hackers' weapons for attack keep pace with technological advances

As the tools for building distributed applications improve, so do malicious developers' arsenals. The range of attacks available to those with idle hands, political goals or perhaps more sinister agendas is now larger than ever. Generally, the types of attack fall into the following categories:

Viruses. A virus, traditionally, is a piece of code that attaches itself to an innocent data file or executable program as a transport and then infects a host system when the file it has been connected to is launched. Usually it damages the system in the process, and infects more data or executable files on the system and any connected file systems, including network servers.

Traditional viruses use the file system as their primary mode of conveyance, but might be transmitted inadvertently as part of an attached data file by an infected PC.

Today, virus attacks come in so many ways that any piece of malicious software is generally referred to as a virus.

Worm. A worm is a more active piece of malicious code that hijacks some aspect of the system to propagate itself further, usually by e-mail. The Morris worm was a completely autonomous attack, requiring no user actions to allow it to continue. The Melissa and ILOVEYOU bugs sent themselves out as e-mail attachments, and needed a recipient to open them to continue their course. To some degree, that put these programs in the next category of malicious programs.

Trojan, or Trojan Horse. Like the Greeks' big wooden horse for which these programs are named, a Trojan horse comes disguised as something harmless to gain entry into an unsuspecting user's system.

The programs often do no direct damage to a system but are used to subvert system security. Qaz.trojan, the culprit in the recent Microsoft break-in, apparently transmitted passwords and other information that it captured to a hacker or hackers, letting them gain access, posing as Microsoft employees, to the Microsoft corporate network over a virtual private network connection.

Malicious Web scripts and applets. Hackers can use software loaded as part of Web pages to deliver any of the above types of attack, or otherwise subvert network security. While increasing the security settings of Web browsers can defeat many of these attacks, they are capable of further compromising the system without user action.

'Kevin Jonah


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected