The threat of online security: How safe is our data?

9:24 PM / Posted by Marcus Teoh /

Before to start with the discussion, I would like to give a short scenario to let the readers know more about the importance of online security.

Scenario 1: Andrew, a fresh graduate is willing to buy a camera online but he does not have experience in online shopping. Therefore his first question might ask: “Will I be cheated when I entering my credit card number?”

The above scenario shows that Andrew is worried about credit card fraud. So nowadays, online security has been online users’ main concern in protecting their transaction from potential threat such as denial of service (DOS), phishing (refer to previous post), virus and etc.

Today, I would not just discuss about the threats being bring by technical attack such as virus, but also will provide readers more understanding about the threats of nontechnical attack as well.

Technical attack
Technical attack refer to an attack perpetrated using software and systems knowledge or expertise. Some examples of threat in this category are virus, Trojan horse, and phishing.

Denial of service (DoS) or distributed denial of service (DDoS)
DoS or DDos is the threat that attempt to make a computer resource unavailable to its intended users. The perpetrators of DoS usually use specialized software to send a flood of data packet to target computer, with the aims of overloading its resources. However DDoS attackers target a group of interrelated computer such as network and server. One common method of attack involves saturating the target machine with external communication requests, such that it cannot respond to internet traffic, or respond slowly.

Trojan horse
The name of this technical attack is derived from the legend of the Trojan war in Greek mythology. Trojan horse is a programme that appears to be useful function but actually contains a hidden function that presents a security risk. It is designed to allow hackers to remote access to a target computer system and these hackers’ motives to remote computer system are mainly for data theft such as credit card information and use of machine as part of a Botnet to perform DDoS attack.

Virus and worm
Virus and worm are type of malicious programme that can cause damages to your computer such as deleting the files or corrupting the hard drive. A computer virus attached itself to a programme or file enabling it to spread from one computer to another. Almost all viruses are attached to an executable file which means the virus may exist on your computer but cannot infect your computer unless you run for it. However a worm is similar to a virus by design but unlike a virus, a worm can spread itself without any human intervention.

Nontechnical attack
Nontechnical attack is an attack that tricks people into revealing information or performing action that can compromise the securities of a network by only just deception or persuasion of perpetrator. Social engineering is a type of nontechnical attack that uses some ruse to trick users into revealing information or performing an action that compromises a computer or network. For example, the attacker could send an e-mail to inform the receiver he or she has won a grand prize and need to reveal their credit card number for certification purpose but actually the money has been embezzle.

As a conclusion, prevention is better than cure as personal information and intellectual property data is important. So internet user should install anti-virus programme and firewall to prevent technical attack and do not trust at any suspected e-mail and website to revealing information.

Labels: ,

0 comments:

Post a Comment