Script kiddies
Script kiddies
- Using the Internet, research one of the types of attackers covered in chapter 1. Write a short profile of this type documenting their motivation, common methods of attack, and the prevalence of this type of attacker.
There are many types of attackers described in chapter I including cybercriminals, script kiddies, brokers, insiders, cyberterrorists, hactivists and state-sponsored. In this section of the paper, I will be writing about script kiddies.
Profile
As the name suggests, script kiddies are the immature people who do not know how to code a program to hack or attack a computer system or network but use programs and scripts developed by other programmers to do so. Script kiddies are immature but this immaturity does not refer to their age, it refers to their lack of knowledge regarding computer programing.
Motivation
To be honest, script kiddies do not have any real motivation to hurt others by attacking and harming their computers. All they do is just to have fun and thrill. They may also want to get popular among their peers by exaggerating their hacking skills. Script kiddies may not even know the magnitude of the attacks they are executing. They would just go to different websites and try and hack them without any prior motivation or agenda.
Methods of attack
Script kiddies search for free programs and scripts to be utilized in their attacks. They may have limited programming skills to alter these programs. They even may not have any programming skills. Anna Kournokova which is a virus that was used to attack email servers (Leyden, 2001) was primarily spread due to script kiddies.
Prevalence of attack
As earlier discusses, script kiddie do not have a lot of information about the nature of attacks they are executing, therefore, they may not be successful all the times. But when they are successful, they may leave a lot of tracks which could be used to track them down.
- Discuss the different types of malicious or concealing software discussed in chapter 3. Include a definition or each type, information on how to fight this type of attack, and a list discussing 2 or 3 recent or noteworthy attacks of this type.
Following is a discussion about different types of malicious software.
Viruses
Definition: Viruses are malicious computer codes that reproduce on a single computer. Viruses are codes that append itself to normal files and then move with the help of these files from one to another place on a computer system.
How to fight: A fight with computer viruses starts even before it has infected your computer. To do so, you must not attach any memory device to your computer before making sure that it is free of viruses. Installing antivirus software like Avast and MacAfee can help in preventing and fighting viruses.
Recent attacks: A ransom virus that has been derived from Eternal Blue virus family developed by US National Security Agency has been noticed to attack the computers of individual users and freezes it asks for a ransom of $350 to unfreeze the computer system (Haynes, 2017). The recent attacks have been in Romania, Norway, France and Britain.
Another virus called Process Doppelganging, has been reported by windows users which can fool most of the antiviruses like Kaspersky and Windows defender.
Worms
Definition: These are malicious programs that uses a computer network to replicate.
How to fight: Worms are complete programs and need an installation. The day to day user settings should be set so that not everyone can install a program on a computer to protect from Worms.
Recent attacks: A worm known as NotPetya has been reported by Mondelez International Inc. to have attacked its shipping and invoicing systems causing a 5% drop in quarterly sales (Earnings, 2017). Slammer worms have been attacking ancient SQl servers in the recent years.
Trojans
Definition: An executable program that masquerades as performing a benign activity while actually doing something malicious (Class Notes).
How to fight: Free versions of Norton and McAfee can prevent Trojans from attacking your computers but you may need a full paid version to clean your computer from Trojan
Recent attacks: A Trojan named Bateleur has been reported to attack restaurant systems through email phishing. The Trojan has been reported to be develop in Java Script (Palmer, 2017). Another Trojan called Switcher Trojan has been reported to attack Android devices.
- Use the Internet to select a social networking site. Research the security settings available for the site. Write a short report describing the settings. Compare them to the defenses for social networking sites presented in chapter 2.
I would like to talk about Facebook, one of the largest social networking website and its security settings. Facebook is a social network which connects you to people you may or may not know which has its security reparations.
Strong Passwords
The first thing what Facebook does is to ask you for a strong password. The password has to be 8 characters long with both letters and numbers which decreases the chances of it been broken by attackers.
Phishing Attacks
Facebook can help you with avoiding phishing attacks by enabling you to identify any threat and Facebook would take it down after testing it. Facebook also has inbuilt algorithms to prevent spamming on their social networking website and you may also mark a post to be spam.
Identity Theft
To prevent from your identity being stolen, Facebook has a strong password recovery system. With this system, the reset password code is sent to your personal mobile number. Also, attempts on logging in to your account are monitored and whenever a new device is logged in to your account, an email is sent to you about it.
- Use the Internet and research anti-malware software. What software gets the highest ratings? Do you think that free anti-malware software will work as well as versions that are not free?
There are two categories of anti-malware software present on the internet. The first category is free anti-malware. In this category, Avast Free Antivirus has been ranked at the top. This does not have anti-malware but also anti-rootkit capabilities (Widder & Lacoma, 2017). In the paid category, Kaspersky has been ranked at the highest (RubenKing, 2017) which is capable of anti-malware scans and behavior based detection.
I do not think that free anti-malware software would work as well as the paid version. The simple argument that I would like to make here is why do all of the free anti-malware software have a paid version? They have a paid version because they have deliberately left out some features in the free version.
References
Earnings, C. (2017). Cyber ‘worm’ attack hits global corporate earnings. Business Insider. Retrieved from http://www.businessinsider.com/r-cyber-worm-attack-hits-global- corporate-earnings-2017-8
Haynes, J. (2017). Could you be affected by the latest global cyber attack?. ABC News. Retrieved from http://www.abc.net.au/news/2017-06-28/whats-going-on-with-the-latest- cyber-attack/8658332
Leyden, J. (2001). Anna Kournikova virus spreading like wildfire. Theregister.co.uk. Retrieved from https://www.theregister.co.uk/2001/02/12/anna_kournikova_virus_spreading_like/
Palmer, D. (2017). New Trojan malware attack targets restaurant chains | ZDNet. ZDNet. Retrieved from http://www.zdnet.com/article/new-trojan-malware-attack-targets- restaurant-chains/
RubenKing, N. (2017). The Best Malware Removal and Protection Software of 2018. PCMAG. Retrieved from https://www.pcmag.com/roundup/354226/the-best-malware-removal-and- protection-tools
Widder, B., & Lacoma, T. (2017). Protect your PC from the cyber-flu with the best free antivirus options. Digital Trends. Retrieved from https://www.digitaltrends.com/computing/best- free-antivirus-software/