Viruses
Viruses are the most widely known security threats,
because they often garner extensive press coverage.
Viruses are computer programs that are written by
devious programmers and are designed to replicate
themselves and infect computers when triggered by a
specific event. For example, viruses called macro viruses
attach themselves to files that contain macro instructions
(routines that can be repeated automatically, such as mail
merges) and are then activated every time the macro runs.
The effects of some viruses are relatively benign and cause
annoying interruptions such as displaying a comical
message when striking a certain letter on the keyboard.
Other viruses are more destructive and cause such
problems as deleting files from a hard drive or slowing
down a system.
A network can be infected by a virus only if the virus
enters the network through an outside source—most
often through an infected floppy disk or a file downloaded
from the Internet. When one computer on the network
becomes infected, the other computers on the network are
highly susceptible to contracting the virus.
“85 percent of respondents detected computer security
breaches within the last 12 months, up 42% from 1996.”
—Annual Computer Security Institute and FBI Survey, 2001
Trojan Horse Programs
Trojan horse programs, or trojans, are delivery vehicles
for destructive code. Trojans appear to be harmless or
useful software programs, such as computer games, but
they are actually enemies in disguise. Trojans can delete
data, mail copies of themselves to e-mail address lists, and
open up computers to additional attacks. Trojans can be
contracted only by copying the trojan horse program to
a system, via a disk, downloading from the Internet, or
opening an e-mail attachment. Neither trojans nor viruses
can be spread through an e-mail message itself—they are
spread only through e-mail attachments.
Vandals
Web sites have come alive through the development of
such software applications as ActiveX and Java Applets.
These devices enable animation and other special effects
to run, making Web sites more attractive and interactive.
However, the ease with which these applications can be
downloaded and run has provided a new vehicle for
inflicting damage. A vandal is a software application or
applet that causes destruction of varying degrees. A
vandal can destroy just a single file or a major portion
of a computer system.
Attacks
Innumerable types of network attacks have been
documented, and they are commonly classified in three
general categories: reconnaissance attacks, access attacks,
and denial of service (DoS) attacks.
• Reconnaissance attacks are essentially information
gathering activities by which hackers collect data that is
used to later compromise networks. Usually, software
tools, such as sniffers and scanners, are used to map out
network resources and exploit potential weaknesses in
the targeted networks, hosts, and applications. For
example, software exists that is specifically designed to
crack passwords. Such software was created for
network administrators to assist employees who have
forgotten their passwords or to determine the passwords
of employees who have left the company without telling
anyone what their passwords were. Placed in the wrong
hands, however, this software can become a very
dangerous weapon.
• Access attacks are conducted to exploit vulnerabilities in
such network areas as authentication services and File
Transfer Protocol (FTP) functionality in order to gain
entry to e-mail accounts, databases, and other
confidential information.
• DoS attacks prevent access to part or all of a computer
system. They are usually achieved by sending large
amounts of jumbled or otherwise unmanageable data to
a machine that is connected to a corporate network or
the Internet, blocking legitimate traffic from getting
through. Even more malicious is a Distributed Denial of
Service attack (DDoS) in which the attacker
compromises multiple machines or hosts.
Data Interception
Data transmitted via any type of network can be subject
to interception by unauthorized parties. The perpetrators
might eavesdrop on communications or even alter the
data packets being transmitted. Perpetrators can use
various methods to intercept the data. IP spoofing, for
example, entails posing as an authorized party in the data
transmission by using the Internet Protocol (IP) address of
one of the data recipients.
Social Engineering
Social engineering is the increasingly prevalent act of
obtaining confidential network security information
through non-technical means. For example, a social
engineer might pose as a technical support representative
and make calls to employees to gather password
information. Other examples of social engineering include
bribing a coworker to gain access to a server or searching
a colleague’s office to find a password that has been
written in a hidden spot.
Spam
Spam is the commonly used term for unsolicited electronic
mail or the action of broadcasting unsolicited advertising
messages via e-mail. Spam is usually harmless, but it can
be a nuisance, taking up the recipient’s time and storage
space.
