Computer security
Security in the context of computers mean addressing the important aspects of Confidentiality, Integrity and Availability of the computer system.A good secure system would have achieved the right balance of these three aspects in relation to data, software and hardware of the particular computer system. Once a system is secured it has a lower possibility of being subject to be exploited the vulnerabilities of the system.
Virus
Computer viruses are software that can cause damage to the computer system that it resides in as well as spread itself (the software) to other computer systems. These viruses have the ability to attach them selves to another object such as a document or file and once the document or file is opened or executed by the user, virus will spread to that computer system. If this file were copied to another the virus would spread the same way to that computer. This processes will enable viruses to spread and infect many computer systems. Today's highly networked systems and the Internet has enabled an ideal medium for the viruses to spread.Viruses exploit vulnerabilities that exist in software and destroy, alter or compromise data on a computer system.
Worst computer viruses
While there may be many different ways to categorize a computer virus such as, the damage caused, the hardness to detect, the time taken to spread and so on code red, Melissa, I love you & nimda can be listed as well known and worst effecting viruses that have spread in the computing world so far.Based on an article by (Thorsberg, 2002) worlds worst viruses are
- LoveLetter - I love you virus (2000)
- Klez worm (Oct 2001)
- Melissa virus (Mar 2001)
- Magistr (Mar 2001)
- Explorer.zip worm (1999)
- Anna Kournikova (or VBS.SST@mm) worm (Feb 2001)
- Nimda virus (Sep 2001)
- Benjamin worm (May 2002)
- Code red worm(2001)
- Sircam (Jul 2001)
The latest viruses
Examining Symantec's security response page (Symantec, 2010a) few of the latest threats are listed below and the vulnerabilities were noted on Microsoft Windows, Microsoft Access, Outlook, Adobe flash player and Adobe reader.- W32.Changeup.C - Worm
- This was discovered on 23 july 2010 and infected Windows 95, Windows 98, Windows XP, Windows Me, Windows Vista, Windows NT, Windows server 2003 and Windows 2000 systems. The worm exploits a vulnerability in Microsoft Windows shortcut 'LNK' files automatic file execution and spread through removable and shared drives.
- Bloodhound.Exploit.343 - Trojan, Virus, Worm
- Symantec lists Windows systems as affected by this worm and it also exploits the Microsoft Windows shortcut 'LNK' files automatic file execution vulnerability.
- Bloodhound.Exploit.341 - Trojan, Virus, Worm
- Windows systems are affected by this worm and it exploits a Microsoft Outlook TNEF Stream with MAPI attachment Remote code execution vulnerability according to Symantec.
(McAfee, 2010b) had the below list of malware on it's threat center web page on the same day and noted Microsoft Windows, Microsoft Office and Internet Explorer on the current vulnerabilities list.
- Exploit-CVE2010-2568
- (McAfee, 2010a) described this malware as exploiting a vulnerability found in Microsoft windows shell code which allows code execution via a maliciously crafted .lnk file. Removable USB drives and shared folders were noted means of spreading for this malware.
- MSIL/Terdial.d
- This particular malware periodically dials premium rate/high cost long distance phone numbers according to (McAfee, 2010b) MSIL/Terdial.D description. It requires compact .NET framework installed to run the malicious code and is packaged with a legitimate game called “PDA Poker Art” according to Mcafee’s description.
The latest attacks
According to the Internet security threat report by (Symantec, 2010b) Hydraq trojan was used to carry out attacks on large companies in January 2010. This trojan has used a previous unknown vulnerability in Microsoft Internet Explorer and a patched vulnerability in Adobe Reader and Adobe Flash. Attackers have been able to gain full remote access to the computers once the Trojan has been installed.Further according to the same report in 2009 a major attack has been carried out against a single credit card payment processor, hacking in to the network using an SQL-injection attack.
Crimeware kits
An increasing problem with computer attacks would be the crimeware kits, a toolkit that allows people to customize malicious code and includes a variety of different exploits. Some examples of these are Zeus kit which could be bought for $700 or even free from underground forums. Fragus, Eleonore and Neosploit are also well known attack kits that can be used for web attacks according to (Symantec, 2010b)References
McAfee (2010a). Exploit-CVE2010-2568 Retrieved 31/07/2010, from
http://vil.nai.com/vil/Content/v_268562.htm
McAfee (2010b). MSIL/Terdial.D Retrieved 31/07/2010, from
http://vil.nai.com/vil/Content/v_268519.htm
Symantec (2010a). Security response Retrieved 23/07/2010, from
http://www.symantec.com/business/security_response/landing/threats.jsp
Symantec (2010b). Symantec global internet security threat report. Trends for 2009, XV.
Retrieved from http://eval.symantec.com/mktginfo/enterprise/white_papers/b-whitepaper_internet_security_threat_report_xv_04-2010.en-us.pdf
Thorsberg, F. (2002). The world's worst viruses, from
http://www.pcworld.com/article/103992/the_worlds_worst_viruses.html
No comments:
Post a Comment