TiA Chapter 9

cybercrime
is any criminal action perpetrated primarily through the use of a computer
cybercriminals
individuals who use computers, networks, and the internet to perpetrate crime
Internet Crime Complaint Center (IC3)
a partnership between the FBI and the National WHite Collar Crime Center
identity theft
occurs when a thief steals your name, address, SSN, birth date, bank account, and credit card information and runs up debts in your name
The Federal Trade Commission
Who identified these other methods that theives could use to obtain information?
-stealing purses and wallets
-stealing mail
posing as bank or credit card company reps
virus
a computer program that attatches itself to another computer program and attempts to spread to other computers when files are excahnged
host
What is the program that the virus attatches itself to?
they are engineered to evade detection
why are computer viruses threatening?
to replicate itself and copy its code into as many other host files as possible
what is a computer virus’s main purpose?
boot-sector virus
replicates itself into a hard drive’s master boot record
master boot record
a program that executes whenever a computer boots up, ensuring the virus will be loaded into memory immediately
by a flash drive left in a USB port
How are most boot-sector viruses transmitted?
logic bomb
is a vrius that is triggered when certain logical conditions are met-such as opening a file or starting a program
time bomb
a virus that is triggered by the passage of time or on a certain date
Michelangelo virus
a famous time bomb that was set to trigger every year on March 6
BlackWorm virus
a time bomb that spreads through email attachments
worm
take advantage of file transport methods like emails or network connects to spread
viruus
What requires human interaction to spread?
worm
Does a virus or a worm work more independently?
script
a seriees of commands that is executed without your knowledge
-used to perfor useful, legitimate functions on web sites, like collecting name and address information
macro virus
a virus that attaches itself to a documet that uses macros
macro
a short series of commands that usually automates repetitive tasks
e-mail viruses
use the address book in the victim’s email system to distribute the virus
-once the infected document is opened it triggers the virus
Melissa virus
What was the first practical example of an e-mail virus?
encrytion viruses
when they infect your computer they run a program that searches for common types of data files and compresses them using a complex encryption key that renders your files unusable.
-then you get a message that asks you to send money to an account
polymorphic virus
changes its own code or periodically rewrites itself to avoid detection
multipartite virus
designed to infect multiple file types in an effort to fool the antivirus software that is looking for it
stealth virus
temporarily erase their code from the files where they reside and then hide in the active memory of the computer
-existing programs icons suddenly disappear
-if you start a browser and it take you to an unusual home page
-odd messages pop up
-data files become corrupt
-programs stop working
-your system slows down
What are some of the ways you know your computer can be infected with a virus?
antivirus software
is specifically designed to detect viruses and protect your computer and files from harm
virus signature
a portion of the virus code that is unique to a particular computer virus
quarantining
-antivirus software scans files when theyre opened or executed
-if it detects a virus signature it stops the execution of the file
-it also places the virus in a secure area on your hard drive.
inoculation
the antivirus software records key attributes about files on your computer and keeps these statistics in a safe place on your hard drive
drive-by downloads
-viruses on websites
-is common and affects almost 1 in 1000 web pages
hacker
most commonly defined as anyone who unlawfully breaks into a computer system
white-hat hackers
hackers who break into systems for non-malicious reasons
black-hat hackers
the more villainous hackers
gray-hat hackers
-cross between white and black
-they will often illegally break into systems merely to flaunt their expertise
packet
data travels through the internet in small pieces called this
IP address
how are the packets identified?
packet analyzer (sniffer)
a computer program deployed by hackers that looks at each packet as it travels on the internet
Trojan horse
a program that appears to be something useful or desirable but while it runs does something malicious in the background without your knowledge
backdoor program or rootkits
are programs that allow hackers to gain access to your computer and take almost complete control of it without your knowledge
zombie
a computer that a hacker controls in this manner
-used to launch denial-of-service attacks on other computer
denial-of-service (DoS) attack
legitimate users are denied access to a computer system because a hacker is repeatedly making requests of that computer system through a computer he or she has taken over as a zombie
distributed denial-of-service (DDoS) attack
which launches DoS attacks from more than one zombie at the same time
botnet
is a large group of software programs that runs autonomously on zombie computers
logical ports
are virtual communications gateways or paths that allow a computer to organize requests for information
SMTP
the protocol used for sending email on the internet
firewall
a software program or hardware device designed to protect computers from hackers
personal firewall
a firewall specifically designed for home networks
-blocking access to logical ports
-keeping your computer’s network address secure
How do firewalls protect you?
packet filtering
firewalls filter out packets sent to specific logical ports
logical port blocking
firewals can be configured to ignore requests that originate from the internet asking for access to these ports
internet protocol address (IP address)
unique address code
network address translation (NAT)
assign internal IP addresses on a network
true
Virus and hacking attacks against Linux are far less likely than attacks against Windows
biometric authentication device
a device that reads a unique personal characteristic such as a fingerprint or the iris pattern in your eye and converts its pattern to a digital code
malware
is software that has a malicious intent
adware
spywarre
viruses
What the three primary forms of malware?
adware
is software that displays sponsored advertisements in a section of your browser window or as a pop-up ad box
spyware
is an unwanted piggyback program that usually downloads with other software you want to install from the Internet
-it runs in the background of your system
keystroke logger (keylogger)
monitors keystrokes with the intent of stealing passwords, login IDs, or credit card information
spam
unwanted or junk email
spim
unsolicited instant messages and are a form of spam
spam filters
can catch as much as 95% of spam by checking incoming e-mail subject headers and senders’ addresses against databases of known spam
cookies
small text files that some web sites automatically store on your computer’s hard drive when you visit them
unauthorized access
tampering
destruction
What are the three major threats your data on your computer faces?
backups
are copies of files that you can use to replace the originals if they are lost or damanged
program file
is used to install software and usually comes on DVDs or is downloaded from the Internet
data file
a file you have created or purched
-include files such as research papers, spreadsheets, music files, movies, etc
image backup
What would you perform in order to back up all files on your computer?
incremental backup
involveds backing up only files that have changed or been created since the last backup was performed
image backup
means that all system, application, and data files are backed up
incremental backups
What is the more efficient backup?
social engineering
any technique that uses social skills to generate human interaction that entices individuals to reveal sensitive information
pretexting
involves creating a scenario that sounds legitimate enough that someone will trust you
phishing
lures Internet users to reveal personal information such as credit card numbers, SSN, or other sensitive information that can lead to identity theft
pharming
when malicious code is planted on your computer that alters your browser’s ability to find web addresses.
scareware
a type of malware that is downloaded onto your computer and tries to convince you that your computer is infect with a virus or other type of malware.
hoax
an attempt to make someone believe something that is untrue.
urban legend
when hoaxes become so well known and they are accepted by society as true events even though they are false
surge protector
is a device that protects your computer against power surges
Metal-oxide varistors
bleed off excess current during minor surges and feed it to the ground wire
whole house surge protector
function like other surge protectors but they protect all electrical devices in the house
uninterruptible power supply (UPS)
a device that contains surge protection equipment and a large battery
-when power is interrupted, the UPS continues to send power to the attached computer from its battery