Cyber Threat Gallery – A comprehensive guide to different cyber attacking tools
The world of cyber-crime is as old as the existence of computer networks, and we are not talking about the internet either folks. Local networks came along quite a long time before that, and malware existed ever since those days! However, nowadays when you talk about cyber-threats you are automatically thinking of all the different types of threats that you can find online. If you were to list down every single type of malware that ever existed, chances are you will keep writing for quite a long time. However, while there are countless functionally specific threats, there are some that are a lot more common and popular. We have selected the top types of malware that you can expect to see around at any given time.
This is probably the most common type of malware that you will find floating around. A virus is basically a program that is able to replicate itself by inserting its code into other applications. The similarity of function with a biological virus is exactly what gave it its name. Once the virus code is injected into an application, we say that the application has become “virus infected”. The types of problems that a virus can cause to a system range from disk space and CPU usage to corruption of data and stealing of private information. While some viruses can be extremely harmful and cause serious damages, others are meant to simply annoy the user and waste their time.
A virus must be executed for it to start working. While most virus applications and files wait for the user to run them by misrepresenting themselves, others can do it automatically as well. Most common antivirus systems are capable of capturing commercially floating viruses and take care of them automatically. However, some properly designed viruses can hide from security scans and even execute code that can seriously cripple or compromise companies or individuals. It is recommended to use specialized antivirus software to deal with all potential threats. Keeping yourself vigilant and avoiding contact with untrustworthy files and software online is a simple but important step in keeping your system safe from viruses.
In terms of its basic functionality, a worm is very much the same as a virus, i.e. it replicates itself to wreak havoc. However, that is also where the similarities end since unlike the virus, a worm actually attacks a network rather than the computer data. This is what every single worm is designed to do as its basic task. However, these worms can still do damage by causing network usage to spike or crash servers. The very first worm called the Morris worm was supposed to only disrupt networks but it ended up crashing about 1/10th of the whole internet. Its creator Robert Tappan Morris was the first person ever to be convicted under the Computer Fraud and Abuse Act in the USA.
There can be more targeted worms as well which can cause specific damage like deleting files, encrypt systems for ransom demands or steal information. Nowadays worms have become incredibly complex and are used in a variety of different applications. The most common use however is to create a backdoor in any system, allowing the creator to control any machine remotely. They are also used to create zombie networks which are often used to execute DoS attacks. The most effective way of combating worms is to make sure you have the latest OS and antivirus updates installed, you do not use untrusted links and sources and your firewall is always active.
Adware is a term that varies quite a lot in terms of the intensity that is supposed to be attached to it. If you talk about a generic adware, it is basically a program that allows advertisements to come up in an application or a website. This can be harmless most of the times but there does come a case every so often where you see a much more aggressive program. You would see it in the form of a repeatedly generating pop up or a window that refuses to be closed. It may not necessarily be a bad thing for your machine and can sometimes contain exactly what a particular user may be looking for. However, there is definitely a flipside to this story.
There are a lot of adware programs that may look like they are providing a particular service but they would in fact be providing a cover for a damaging program. A lot of viruses are also hidden nowadays in adware programs and they can easily access your personal information without getting your consent openly. No wonder that a lot of people tend to treat Adware as an equally potent security threat as any other virus or Trojan. To avoid getting in contact with such malicious programs, there are a lot of specialized software available that can be used for detection. Malwarebytes is a great example of such software.
This one does not need much of an explanation because it is literally in its name. If you still can’t figure it out, a spyware is a program that is created to gather private data from its target. It obviously does so without the consent of the user and can share all this personal information to its creator. The top types of spyware include Trojans, system monitoring programs, adware and cookies as well. The most common use for spyware is to steal private information from users by monitoring their systems. They can also install additional software without consent and cause changes in settings etc. or reduce functionality of the system.
Spyware used to be a big thing in the past but with social networks and other big data mining companies now operating, it has become a very old concept. Most of the information is provided by the user willingly and this in itself allows companies to use that data for their own gains. Unlike other malware, this is a very unique program that convinces the user to provide data on their own by tricking them into executing the program. Given the incredibly fast growth of spyware in current times, a lot of companies have come up with their own ways to solve the problem. Most antivirus software contain spyware detection code nowadays and you can also find them in a lot of specialized software as well.
Bots is basically a short form of the word robots and a bot in this particular context is any internet based robot. These are basically programs that are designed to automatically perform specific tasks on the internet. These are also the basis of most of today’s internet based artificial intelligence as well. A bot’s most common use is to run scripts repeatedly to fetch data from all over the internet. This is also called web crawling or web spidering. The reason behind this is that a human cannot work as fast as an automatic bot and fetch data. A lot of companies use this to gather large quantities of information for different purposes which can be both good and bad.
As far as bad bots are concerned, they can perform a lot of different tasks like sending spam emails, sucking up all your internet bandwidth through downloaders, website scraping, DDoS attacks, operate zombie machines and networks, and a lot more. More than half of the total internet traffic is based on these automatic bots and one needs to be very careful to avoid getting into trouble on the internet. Browsing trusted websites and not providing your private information on unknown platforms is very important to stay safe online. At this point we must also appreciate that these bots have developed so much that a lot of good things like Siri and Google Assistant are now in existence.
AI Hacking is literally the stuff of the movies and reminds us of Matrix and other similar films displaying the dominance of artificial intelligence (AI). The amount of work that is currently being done in the field of AI is simply staggering. Naturally, there is a whole world of people exploring malicious programs that are designed to learn and develop themselves for efficiency and stealth. These programs are very good at avoiding detection and don’t even activate until they have reached their target. One of the biggest examples of such software is Stuxnet, a program that was deployed by USA and Israel to attack an Iranian uranium enrichment facility. However, other tests have shown that one doesn’t need a government level budget to create these things and a lot of other people are creating them too.
So far we have not seen any reports of anyone actually catching a program that was developed purely using AI techniques. And the reason for that could be the fact that they are simply too good to be caught now. This is clearly an alarming thing for a lot of people, specifically corporates but also ordinary people. The amount of vigilance that we need to show while browsing the internet is at a critical level and the fact is that things are just warming up at the moment. We can easily expect this to be the next big thing/crisis.
This particular type of malware is one of the most powerful in terms of the level of access it provides to an attacker. The term root comes from Linux where it is used to refer to a system administration level access. And kit is basically the collection of programs that allow that access to an attacker. A rootkit can either be installed manually or through an automated channel by exploiting the user and gaining their system password. The worst part about a rootkit is that it is almost impossible to detect since the attacker is able to acquire administrator privileges and can disable any detection program. This unprecedented access also allows the attacker to remove any trace of intrusion from within the system.
Detecting rootkits is a very difficult task, even when it is installed in the most basic user mode. For kernel and OS based rootkits, the only solution often is to reinstall the operating system or even change hardware! However, all that can only come once you are able to actually detect the rootkit’s existence on the system. Detectors are also only able to find rootkits if they have some kind of flaw in their camouflage. As a user, you can check for rootkits in a number of different ways. These include looking for pattern changes, monitoring network and bandwidth usage and verifying software signatures etc.
Cryptocurrency is the top new trend at the moment and we are well aware that every new technology brings with it a new menace. Cryptojacking is exactly that as it is a way of taking over someone’s computer and use it to min for cryptocurrency. Hackers are able to manipulate people into clicking on a link etc. which contains malicious cryptojacking code. This code executes on the computer of the victim and hijacks its resources i.e. CPU, ram, GPU to mine for cryptocurrency. The program is very stealthy and does not let the user notice anything is out of place. It runs silently in the background and the only thing the user feels is an overall drop in the performance of their system. This is a great alternative to ransomware as detection is very hard due to its stealth nature and the victim does not file any lawsuit either since nothing is actually stolen.
The race for earning more and more is developing at an alarmingly fast rate and the competition itself is also very cutthroat. So much so that nowadays mining programs are also coming equipped with the ability to kill competitor programs. CoinMiner is such a program that comes equipped with a list of known miners and if its finds any process running on the system it kills it too. It is quite difficult to stay safe from cryptojacking attacks and the best we can do is stay vigilant and not install any unknown link or application.
Spear Phishing is an advanced and a lot more targeted version of the commonly known phishing activity. Phishing is when you receive emails from known sources asking you to provide personal information to gain access to your private data and accounts. At most they gain access to your personal information and use it to harass you with ads or other similar unwanted services. However, spear phishing is a lot more directed and the messages you see are often from a source that the victim knows personally. The messages in this category can be posing as someone’s boss or other official or personal contact and gain personal information. Attackers using this approach are usually looking for ransom, sensitive and valuable information or even commercial secrets etc.
There are countless examples of when attacks of this nature caused massive damages to big corporations and entities. Ubiquiti Networks lost close to 50 million dollars when hackers posed as management personnel and sent phishing emails which led to unauthorized international wire transfers. Another angle of this is a whaling attack where attackers use phishing to gain access to high profile targets like politicians, celebrities etc. Keeping yourself safe from phishing and spear phishing attacks is quite easy. All you need to do is make sure that you email client has the latest phishing detection available and you yourself should never open spam emails. Always look for cues in your emails as they often have some giveaway feature that you can spot.
This particular type of malware is designed to attack a user’s internet browser and performs unwanted changes or other serious hacks. The most common use of this is to take over the browser’s setting and change them for their own advantage. The most common effects are a change in the homepage or error page of the browser which results in forced clicks from the users. These are basically used to gain advertising revenue against ads that are placed on the attacker’s websites. However, some people also use them to install other programs like keyloggers to gain access to sensitive information like user IDs and passwords which can be used to blackmail or harass users. The most common example of these hijackings are the toolbars that you commonly see installed on browsers. They disable default traffic paths of browsers and redirect everything through their own servers which is a major security issue.
It is now an official practice by Microsoft in Windows 10 where they have provided an additional security step. To change browser defaults, the user must perform the action manually by going into the settings application. This prevents automatic hijacking by such malware that change the browser defaults without permission. However, it is also very important that you yourself make sure that you don’t install any unnecessary toolbars etc. on your browsers as they are definitely malware!
Have you ever faced a situation where you enter a website and all of a sudden you see a big warning page telling you that your system is in danger? Chances are that you have and such pages are exactly what a scareware is. Unlike other technically strong malware, scareware utilizes social engineering to get its job done. They prey on the human fear and coax users to install malicious software on their systems, thinking that they are saving their computers. The reality however is that these scary notices are a way for hackers to gain access to your system by scaring you. Sometimes they also make the user delete legitimate software like windows default antivirus or disabling the firewall even. This is done because such programs cannot be tampered with by such malware so they make the user do it for them.
As long as you don’t panic in such situations, you can rest assured that these types of scams are nothing to worry about. If you ever face such random threat messages it is best to simply ignore them and close the window. They will not harm you in any way unless you yourself enable them to do so. At most, they are used by companies as aggressive advertising channels to make users install their products. Microsoft and Washington State also once sued and won a case against a company of similar nature in 2005.
PUP (potentially unwanted programs)
A potentially unwanted program or PUP is a type of program that the user of a system does not necessarily require but it comes as part of a product that was downloaded by the user willingly. This term was created by the globally renowned company McAfee because a lot of companies creating such products were objecting to the fact that their programs were being categorized as spyware. The companies provide detailed information regarding such products in their download agreement to remove any legal oversight. A lot of users do not read lengthy agreements and are prone to installing such programs. Not all such programs are necessarily harmful but it is important to stay wary when installing them.
There was a lot of trend back in the day where companies got users to install such programs so that they could generate revenue from advertising and installations. However, after such companies were investigated in mid 2000s, a lot of malware was found in these programs. The result was indictments of a lot of companies after which the whole trend declined. That does not mean you won’t see such programs again and in fact they are still just as common. Windows is now capable of identifying PUP installs and also automatically quarantines them for safety until you decide whether or not you want to keep them.
System Penetration is pretty much the karate academy for networks where they learn to defend themselves from attacks. Also commonly referred to as penetration testing, this is a whole field of system security where experts try to find vulnerabilities in any network by attacking them in the same manner as a hacker would. The result of this activity is to find out what the vulnerable points of any network are so that they can be fixed before an actual attack happens. One of the key aspects of this testing nowadays is checking for penetration possibilities using social engineering. Testers try to find vulnerabilities in the users of the network to gain access to the system. This is very important since it is not possible to measure this aspect without performing an actual test.
For any business or organization that has any sort of network running as part of their overall setup, it is important that they perform frequent penetration tests. This is especially important when installing new equipment, changing locations, making changes to software or changing usage policies. Even though it can be a costly process, it is a very important investment to avoid loss of critical data or finances due to an actual hack. There is a whole range of tests that can be performed on a system and you can opt for one that suits your specific needs easily.
The world of cyber-crime is just as big, if not bigger, than the internet itself. There are a lot of negative elements present in the shadows that are lurking around you, waiting for you to make the slightest mistake. Being vigilant about your online activities is very important and with only a few simple steps, you can ensure that you have a safe, pleasant and uneventful browsing experience every time.