Terminology Related to Security

This section defines some terms related to security used throughout the rest of the chapter.

Most of us equate hacking with malicious activities. In fact, hacking really means to work diligently on a computer system until it performs optimally. The popular use of the term hacking is more related to cracking, which is defined as the act of unlawfully accessing a network infrastructure to perform unethical activities. But for the purposes of this book, the widely accepted term hacking denotes malicious activities directed at networks and systems.

A virus is a program that triggers a damaging outcome. Viruses often disguise themselves as executables with clever filenames like "You won." Viruses can be delivered via an e-mail or a website; a virus requires a human action, such as opening an e-mail attachment, to be activated. A worm is a virus that can self-duplicate. A worm might also be able to scan a network and infect neighboring workstations.

A Trojan horse pretends to be an inoffensive application when in fact it might contain a destructive payload. An example of a Trojan horse is an attachment that, after being opened, shows a picture of a cute puppy, but in the background, the code is reading the e-mail addresses of the user's address book and forwarding those addresses to a hacker's repository for future spam use.

Attacks are becoming more complex. Malware is a generic term that describes malicious software such as viruses and Trojan horses. Combo malware is a hybrid menace that combines destructive components of different threats. A worm that carries a viral payload is an example of combo malware.

Spam is unsolicited, unwanted e-mail. Spam might contain viruses or other threats, or point to infected or dangerous websites.

Spyware is a program that gathers information without the user's knowledge or consent and sends it back to the hacker. For example, spyware could log keystrokes, upload information (such as all addresses in the victim's address book), or download a program (known as a zombie) that waits for further instructions from the hacker.

Phishing e-mails try to convince the victim to release personal information; the e-mail appears to come from a legitimate source, and it directs the victim to website that looks legitimate. When the victim enters his or her information (such as usernames and passwords) on the counterfeit website, it is sent to the hacker.

Spear phishing is a very targeted phishing attack. For example, a hacker sends an e-mail that appears to be from a company's Human Resources department, asking all employees to confirm their banking information, or they won't get paid. If any employees reply with their information, the hacker may use it to gain access to their bank accounts.

Social engineering is the practice of obtaining confidential information by manipulating legitimate users. Examples include the following:

■ Getting physical access: A hacker might get confidential information and passwords by having physical access to the organization. For example, the hacker might visit an organization and see passwords that are insecurely posted in an office or cubicle.

■ Using a psychological approach: A hacker might exploit human nature to obtain access to confidential information. For example, a hacker might send an e-mail or call and ask for passwords, pretending that the information is required to maintain the victim's account.

Was this article helpful?

0 0

Post a comment