You Information And Laptop Under Constant Attack
Your information (username, password, social security number) is needed for you to do business on the web (shopping, paying bills, check status of work). But it is also a piece of information highly valued by internet bad people. So they will do anything they can to steal it. From the comfort of their living rooms.
 |
| The internet bad people want to steal your 1. information 2. resource such as your laptop. |
Steal Your Information:
There are multiple ways for internet bad people to steal your information. I have broken it down to how you might fall pray - by the first point of contact.
1. Email spear phishing via social engineering
The internet bad people will look up your public information (Facebook, Google+, LinkedIn, ...), find out who your friends and family might be, then write you a convincing email to get you to respond or click.
2. Visiting website that are malicious
You might be led to enter a malicious website created by the internet bad people to look like a legitimate web site - so that you will enter your private information (username, password, SSN).
3. Malware
Malware is a bad program created by the internet bad people. It is some how downloaded on your laptop or mobile device (accidentally or through trickery). Once the bad program is installed, it can do many bad things. It can spy on your keystrokes to steal your username and password. It can turn on your laptop camera to peek at your. It can turn on the microphone to record you. It can even sabotage your laptop by draining your battery or overheat your laptop and potential start a fire.
4. Fake App
Perhaps a close cousin of the malware - a fake app is an app that you download that appears to be legitimate (a free game downloaded directly from a website instead of downloading from Apple iTunes Store or Google Play Store). During the fake app installation, it will ask you for permission into your personal information stored on your device. Once you give it permission, the fake app can siphon your personal information as you are using the fake app (games, etc).
Hijack Your Laptop:
1. Ransomware
Ransomware is a program that you accidentally or was tricked into downloading into your laptop or mobile device. Rather than stealing your information, the ransomware locks you out of your device. The only way to unlock your device is to pay the internet bad guys. Once payment is received, you will receive a passcode to unlock your device.
2. Virus, Bot
The internet bad people need resources (free laptops) to help them carry on their bad deed. One way they obtain resources is to somehow trick laptop owners to download a virus (email attachment that looks legitimate, download a file from a website). Once the virus is installed in a laptop, it will 1. find ways to plant itself in another laptop 2. wait for commands from the internet bad people. One of the common commands is to jam a website with infinite web requests from millions of virus infected laptop. The web server under attacked won't be able to handle the requests and the web server will be disabled. This is called Denial of Service (DoS) attack.
What To Do?
What can you do to reduce the likely of being impacted by these attacks? One method is to use a firewall to watch and block potential threats from the internet bad people.
Firewall comes in two flavors : in software and in hardware.
Software Firewall
Built into most operating systems is the ability to setup simple firewalls. Here is an example of the MacOS firewall:
 |
| MacOS firewall gives your program (Microsoft Excel) and service level (File Sharing) control. |
Hardware Firewall
Hardware firewalls are usually physically included in a router. There are different approaches to how firewalls are implemented in hardware.
1. Stateless packet filtering (flow based)
As packet flows through the router, the firewall inspects the packets individually, without regard to the bigger picture of what is happening. So this is a good start, but not very effective.
2. State packet filtering (flow based)
As packets flow through the router, the firewall determines the connection state before inspecting the packets. The connection state is based on TCP state.
3. Application (proxy based)
This approach takes all the packets, build up the final data view (document, picture, message, etc) and examines the data from the application point of view.
No comments :
Post a Comment