Data security is a foremost issue for businesses and organisations today. Certifying that data is secure is more important every day and very important for business operations. There are several malwares or viruses that can affect the vital information on system.
A virus is small piece of software which can multiply from one infected computer to another devoid of knowledge or permission of user. Virus will reach only when it is spread by user via network or internet, or by means of removable disk like CDs or memory disks. Various viruses can erase, damage or steal data from system, and even can reformat hard disk. Few other viruses can copy themselves and give video, text, or audio messages. Even if they are not supposed to cause harm, they can take memory and can cause unpredictable behaviour, system crashes and failure of data.
Prevention: Use anti-virus software and keep it updated always. Ignore visiting unknown sites and never go for arbitrary links. Access emails via trusted sources. Have backup of data in remote media like CDs/DVDs.
Spam is an electronic version of junk mail that sends unnecessary messages and advertising to large number of receivers. Spam is a severe security topic, as it can post emails which contain worms, Trojan horses, viruses, spyware and targeted attacks meant to steal sensitive, private data. If mail don’t contain email ID, that can be a spam.
Prevention: Install spam blocking software and always keep it updated. Don’t reply to spam mails. Stop all instant messages from unknown source
Spyware is software which gets installed in system lacking of user’s knowledge. It can check user actions or can confine users direct over system. Spyware tries to stay unnoticed, either by actively secrete or not making its occurrence on computer. Spyware can assemble personal data like username or pass words, credit card details, website visited etc. It can also mount other malwares, forward web browsers to malicious websites, and modify computer settings.
Prevention: Make use of popular anti-spyware programs such as Spybot - McAfee, Search & Destroy, PC Tools’ Spyware Doctor Symantec, and Zone Alarm, these programs acts as anti-virus software and examine all incoming network traffic and block threats which are detected. Do every day, weekly, or monthly scanning of system to sense and eradicate any spyware which are being installed. Configure firewall in internet security program to avoid unnecessary needs for outbound communication.
Spoofing, phishing and pharming
Spoofing is the attack where program or person pretends to be someone else. Phishing is another type of spoofing where false website is created which just appears as legal websites. This false websites are under direct of hacker and they can gather your credit card details, names, passwords, and other sensitive information. Phishing is mostly done through email or instant message. Some email claims to be from legal source but when you click on given link, you will enter into fake web page.
Pharming is attack in which attacker sends website’s traffic to another fake website. Pharming can be done either via varying hosts file on victim’s system or via exploitation of vulnerability in DNS server software.
Prevention: Since spoofing, phishing, and pharming depend on cheating users rather than higher technology, best method to deal threat is via watchfulness. Never access emails from unidentified sources or click on links surrounded in suspect messages. Verify security rules of websites like PayPal to get consciousness of lawful and fake emails.
Botnet is the group of software robots, or bots which run programmed task on internet. Term botnet denotes to uneasy network of compromised computers, which is known as Zombie computers. These Zombies execute programs like backdoors, Trojan horses and worms. Botnet are utilized to start Distributed Denial-of-Service (DDoS) attacks against websites.
Prevention: Security measures like Simplicita,FireEye, Damballa, Symantec, and Trend Micro can be used to prevent botnets. Always keep anti-virus software updated.
Users can get polluted with Trojan horse by downloading applications that frequently pose as should have software to users. Or we can say malevolent websites attempt to attract users in downloading entertaining application with nasty codes embedded into them. Trojan horses can carry payloads and therefore have potential to cause harm. They can remove or overwrite data on computer and can insert user’s computer to network of Zombie computers to begin Distributed Denial-of-Service attacks or post spam. This can permit remote access to victim’s computer and can install other malevolent programs also.
Prevention: Use anti-virus software to become aware of it and eliminate Trojan horse involuntarily
Denial-of-Service or DoS attack can create website or web services unavailable to users. Most common ways of attack is saturating victim computer with exterior communication requests. Then computer can’t be able to reply to any rightful traffic or executes slowly and ultimately service becomes unavailable. Attacks are primarily started by zombie computers or botnets and they are usually called as Distributed Denial-of-Service or DoS attacks.
Prevention: Allot a separate emergency block of IP addresses for servers. Routers and Switches can be arranged to cut off traffic and ignore DoS attack. Intrusion-prevention systems are proficient when attacks have signatures associated with them.