Question

Q1- What are the most common threats found in research in real life situations?

Answer 1

Ans1) Most common threats found in reserach in real life situation:

1) Botnets:
If you've never heard of a botnet, it's likely because they go largely undetected.

What they are:
A collection of software robots, or 'bots', that creates an army of infected computers (known as ‘zombies') that are remotely controlled by the originator. Yours may be one of them and you may not even know it.

What they can do:
Send spam emails with viruses attached.
Spread all types of malware.
Can use your computer as part of a denial of service attack against other system.

2) Distributed denial-of-service (DDoS) attack

What it is:
A distributed denial-of-service (DDoS) attack — or DDoS attack — is when a malicious user gets a network of zombie computers to sabotage a specific website or server. The attack happens when the malicious user tells all the zombie computers to contact a specific website or server over and over again. That increase in the volume of traffic overloads the website or server causing it to be slow for legitimate users, sometimes to the point that the website or server shuts down completely.

It could be possible for malicious users to use your computer in one of these attacks. By taking advantage of security vulnerabilities or weaknesses, an attacker could take control of your computer. He or she could then force your computer to send huge amounts of data to a website or send spam to particular email addresses. The attacks are "distributed" because the attacker is using multiple computers, including yours, to launch the denial-of-service attacks.

What it can do:
The most common and obvious type of DDoS attack occurs when an attacker “floods” a network with useless information. When you type a URL into your browser, you are sending a request to that site's computer server to view the page. The server can only process a certain number of requests at once. If an attacker overloads the server with requests, it can't process yours. The flood of incoming messages to the target system essentially forces it to shut down, thereby denying access to legitimate users.

What you can do:
There are steps you can take to reduce the likelihood that an attacker will use your computer to attack other computers:

Install a firewall, and configure it to restrict traffic coming into and leaving your computer.
Follow good security practices when it comes to maintaining your contact or email lists. Applying email filters may help you manage unwanted emails, by automatically processing incoming messages based on certain criteria that you set.
Be cautious if you notice that your Internet connection is unusually slow or you can't access certain sites (and that your Internet connection is not down).
Avoid opening email attachments, especially if they are from people you don't know.
If you believe you are a victim of a DDoS attack, contact your Internet Service Provider, as they will be able to help mitigate.

3) Hacking:

- Hacking is a term used to describe actions taken by someone to gain unauthorized access to a computer. The availability of information online on the tools, techniques, and malware makes it easier for even non-technical people to undertake malicious activities.

What it is:
The process by which cyber criminals gain access to your computer.

What it can do:
Find weaknesses (or pre-existing bugs) in your security settings and exploit them in order to access your information.
Install a Trojan horse, providing a back door for hackers to enter and search for your information.

4) Malware:
- Malware is one of the more common ways to infiltrate or damage your computer.

What it is:
Malicious software that infects your computer, such as computer viruses, worms, Trojan horses, spyware, and adware.

What it can do:
Intimidate you with scareware, which is usually a pop-up message that tells you your computer has a security problem or other false information.
Reformat the hard drive of your computer causing you to lose all your information.
Alter or delete files.
Steal sensitive information.
Send emails on your behalf.
Take control of your computer and all the software running on it.

5) Pharming:
- Pharming is a common type of online fraud.

What it is:
A means to point you to a malicious and illegitimate website by redirecting the legitimate URL. Even if the URL is entered correctly, it can still be redirected to a fake website.

What it can do:
Convince you that the site is real and legitimate by spoofing or looking almost identical to the actual site down to the smallest details. You may enter your personal information and unknowingly give it to someone with malicious intent.

6) Phishing:
- Phishing is used most often by cyber criminals because it's easy to execute and can produce the results they're looking for with very little effort.

What it is:
Fake emails, text messages and websites created to look like they're from authentic companies. They're sent by criminals to steal personal and financial information from you. This is also known as “spoofing”.

What it does:
Trick you into giving them information by asking you to update, validate or confirm your account. It is often presented in a manner than seems official and intimidating, to encourage you to take action.
Provides cyber criminals with your username and passwords so that they can access your accounts (your online bank account, shopping accounts, etc.) and steal your credit card numbery.

7) Ransomware:
What it is:
Ransomware is a type of malware that restricts access to your computer or your files and displays a message that demands payment in order for the restriction to be removed. The two most common means of infection appear to be phishing emails that contain malicious attachments and website pop-up advertisements.

What it can do:
There are two common types of ransomware:

Lockscreen ransomware: displays an image that prevents you from accessing your computer
Encryption ransomware: encrypts files on your system's hard drive and sometimes on shared network drives, USB drives, external hard drives, and even some cloud storage drives, preventing you from opening them
Ransomware will display a notification stating that your computer or data have been locked and demanding a payment be made for you to regain access. Sometimes the notification states that authorities have detected illegal activity on your computer, and that the payment is a fine to avoid prosecution.

What you can do:
Do not pay the ransom. These threats are meant to scare and intimidate you, and they do not come from a law enforcement agency. Even if you submit payment, there is no guarantee that you will regain access to your system.

If your computer has been infected (i.e. you are unable to access your computer or your files have been encrypted), contact a reputable computer technician or specialist to find out whether your computer can be repaired and your data retrieved.

In order to lessen the impact of a ransomware infection, be sure to regularly back-up your data with a removable external storage drive. It's possible that your files might be irretrievable; having an up-to-date backup could be invaluable.