Technology is wonderful as it keeps bringing more convenience to our lives. Traditionally people rely on computers to work for simple electronic tasks. With the advancement of technology, we can perform more than that by using the Internet, such as e-transactions. However data security is always an issue and it grows largely as more and more malicious attacks are developed.
Malicious Threats
Malicious threats can be categorized into technical and non-technical attack. Technical attack is an attack perpetrated using software and systems knowledge or expertise. The most common example is Malware. Malware is a compound from malicious and software. It is used to describe all types of malicious software, including worm, virus, Trojan horse, Spyware, Adware, Rookit etc.
A perpetrator is likely to use Trojan program to capture one’s personal and sensitive data. Trojan is a program which appears to perform a certain useful action but in fact performs hidden action such as transmitting a computer virus. For example, Girlfriend Trojan is a server program that arrives in the form of file that looks like an interesting game. When the unsuspected runs the program, the Trojan installed. The server will execute commands, sent by the client, on the victim’s computer such as to send back the information captured (user Ids and passwords) to the client. The Trojan program also enables the perpetrator to erase or overwrite data on a computer, corrupt files in a subtle way, upload and download files, show fake downloads of software movies, games, porn videos and porn websites that victim did not download, and so on.
Similar to Trojan, a Spyware existed to collect personal information without the user's knowledge or informed consent and send it to third parties. It is being installed surreptitiously on a personal computer. The spyware program can collect various types of personal information, such as Internet surfing habit, sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software, redirecting Web browser activity, accessing websites blindly that will cause more harmful viruses, or diverting advertising revenue to a third party. Spyware can even change computer settings, resulting in slow connection speeds, different home pages, and loss of Internet or other programs.
Besides this, our data is also exposed to non-technical attack, which is an attack that uses trickery to trick people into revealing sensitive information. Phishing is an example of this attack. It becomes a popular method to collect information by masquerading or creating fake Web sites that look identical to real Web sites. Commonly an email will be sent to customers requesting them to provide or update their information on the fake Web sites.
There are still other threats of data security. By taking necessary steps to safeguard our personal information, it could reduce information leaks.
Similar to Trojan, a Spyware existed to collect personal information without the user's knowledge or informed consent and send it to third parties. It is being installed surreptitiously on a personal computer. The spyware program can collect various types of personal information, such as Internet surfing habit, sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software, redirecting Web browser activity, accessing websites blindly that will cause more harmful viruses, or diverting advertising revenue to a third party. Spyware can even change computer settings, resulting in slow connection speeds, different home pages, and loss of Internet or other programs.
Besides this, our data is also exposed to non-technical attack, which is an attack that uses trickery to trick people into revealing sensitive information. Phishing is an example of this attack. It becomes a popular method to collect information by masquerading or creating fake Web sites that look identical to real Web sites. Commonly an email will be sent to customers requesting them to provide or update their information on the fake Web sites.
There are still other threats of data security. By taking necessary steps to safeguard our personal information, it could reduce information leaks.
No comments:
Post a Comment