sign in sign up
<<
Home , Zombie (computing)

Scary Internet Stuff

City of Phoenix and Privacy Office What Is ?

• Term for malicious software • Includes viruses, worms, programs, keystroke loggers, and other malicious software

• Most people just use the term, “virus” for all malicious software What Are Viruses?

• A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes – Designed to make copies of itself (replicate), usually without your knowledge – Usually requires user action to run, such as opening an e-mail attachment – Often contains payloads, malicious or annoying actions that the virus carries out separately from replication What Are Worms?

• Malicious code that requires no specific action on your part to enable infection or to propagate How Do Worms Spread?

• Worms generally take advantage of a software bug or flaw, called a vulnerability • A worm is like a zombie looking for “fresh meat” – Worms check all devices on a network to see if they’re vulnerable – If so, the worm infects the computer – Now the newly infected computer travels the network asking all connected devices if they’re vulnerable Other Types of Malware

• Trojan horse program: A program that comes into your computer disguised as something else, such as a game or screen saver • Keystroke logger: A program or hardware device that records all keystrokes – Often used by attackers to obtain passwords or personal information, such as bank account numbers – Many Trojan horse programs are keystroke loggers • : A program that collects information about you and your surfing habits without your knowledge • Virus Hoax: An intentionally deceptive e-mail warning about a nonexistent What Motivates Bad Guys?

• Often, the purpose of infecting systems with malware is to create a big network of “robot” computers (a ) • Used for spam, , and launching distributed denial-of-service (DDoS) attacks – About 89.5 billion spam e-mails are sent daily from bots • DDoS botnet rental is about $200 for 10,000 bots per day – Some offer a 3 minute try-before-you-buy aka Rogue Software

• Fake security software – Gets you to load malicious software AND – Gets your personal / credit card info Protection Strategies – Scary Internet Stuff • Don’t click – Don’t click on links embedded in e-mail – Be very wary of shortened URL links (often in Tweets) – Be suspicious of e-mail attachments from strangers – Don’t click on suspicious search results – Don’t visit risky Websites (think porn and gambling) • Use anti-virus software and keep it up to date • Apply security patches immediately – Usually published 2nd Tuesday of the month – Configure your computer to apply patches automatically

True or False

• Following the recommended protection strategies will 100% protect my PC Following the recommended protection strategies will 100% protect my PC There are always new vulnerabilities being discovered and new attacks coming out Thanks!

Questions? Contact [email protected]