While most of us have heard of the different types of threats we may face while online, many of us have had first-hand experiences in dealing with a virus on one of our devices. There are many types of internet security threats we may encounter so in this post we are going to look at some of the more common ones along with the not so common.
We will look at what they are? and how they work? Hopefully, this will help you to have a better understanding of the threats used against us, and how to identify and avoid them. We will look at the A – Z of known threats in two separate posts.
This is post covers Internet Security Threats A To E
So Let’s get into Internet Security Threats!!
A – Threats
- Advanced Persistent Threat (APT) – Is a continual set of secretive and hidden attack threats and processes that are designed to penetrate your network or systems. These threats are carried out by using multiple threat types such as Phishing and Malware and different delivery methods like Email and Social Media Platforms.
- AdWare – Are a type of malicious software threat that installs on your devices or systems. It then installs 3rd party advertising to your system. These Ads often result in ” Pop-Ups” in open or while trying to open a window, that the user is unable to close.
- could include Spyware that is designed to spy on the users’ online activities or
- may also contain stolen certificates that could deactivate the devices’ Anti-Malware and or Anti-Virus programs and
- can affect any device or system this includes computers, mobile phones, and tablets.
- Backdoor – Malware that will target a hidden entrance or method to gain entry to a device, computer, system or on software, by circumventing normal security measures.
- Bad Actor – Term commonly used to describe a Cyber-Criminal or Hacker.
- Bot – A individual Internet-Connected Device. While a Bot is most likely a computer, almost any device that can connect to the internet can be a Bot, these include Smart TVs, Tablets, Smart Phones, Routers, or even a Refrigerator that is capable of connecting to the internet.
These Bots form what is referred to as a Botnet. Bots receive the operational directives from a Control and Command server directly from who is commonly known as a Botmaster. They can also in some cases receive instruction from other Bots that are within the Botnet.
- Botnet – Internet-connected network that is also Malware infected. It is used by Cyber-Criminals to distribute Malware, Spam, or to launch DDoS (Distributed Denial of Service) attacks. Botnets are made up of any number of devices some can reach upwards of 1,000,000. These large number Botnets have the capability of sending more than 50 million Spam Emails daily.
The term Botnet is made up by combining the words “roBOT NETwork”. Botnets have been used by Cyber-Criminals to conduct “Click Fraud”, Online Polls, Special Event Ticketing mass purchasing, Phishing Emails, and Social Media Platform manipulation.
- Bot Master – The Botnet Controller, Herder, or Operator. These individuals control the Botnets remotely by sending commands via the C&C server or can send instructions to individual Bots within the Botnet. Since this type of activity is very risky these individuals go to great lengths to obfuscate their location and names from the threat of possible prosecution of law enforcement agencies.
- Business Email Compromise (BEC) – Phishing attack designed to scam a larger company/business out of money, by impersonating a company executive. The scam starts by Cyber-Criminals accessing the target companies’ network system by launching a Spear-Phishing attack or by Malware. These types of attacks are highly organized and coordinated.
The Cyber-Criminal will research the intended targets vendors, financial systems and executives Email style, type and schedules. Once the information has been gathered and while the targeted executive is away on business the attack begins. Cyber-criminals use this opportunity to send a fake Email to someone who most often works in the finance department. The Email requests a wire transfer to be made to one of the company vendors.
If the scam is successful the money requested will be wired to an account that is in control of the Cyber-Criminals perpetrating the scam.
- Click Fraud – Scam that uses Botnet to create automated advertising “Clicks” in order to increase revenue on a website owned by a Cyber-Criminal. This type of attack is used against legitimate sites such as Google AdSense, where you get paid to allow advertisements on your site.
- Clone-Phishing – Phishing attack that will employ the use of previously genuine Email that was already delivered. The Phisher will make a nearly identical Email that contains similar attachments, content, sender, and recipient Email addresses.
A fake link or attachment will then be added to replace the real ones and because this Email gives the appearance of originating from a legitimate source the target is tricked into opening the attachment or “Clicking” the link. This type of Email is also known as “Spoofed Email”.
- Command and Control (C&C) – Is the Control and Command server that the Bot Master uses to send commands to and receive information from Bots over the Botnet. The C&C infrastructure is commonly made up of multiple servers, over a client-server architecture.
- Crypter – Malware that has hidden encryption designed to obfuscate it from the system, network, or device security measures.
- Dark Web – A Internet-Based Network of “Overlay Networks” or ” Dark Nets” that contain web content that can only be accessed by certain software, authorization, or using special network configurations and could also employ non-traditional protocols, communications, and ports.
Example of dark Web access tools is Freenet, Tor, and the Invisible Internet Project (I2P). The Dark Web provides access to a variety of content from pirated TV shows and movies, to drugs and many other nefarious criminal activities.
- Data Breach – An incident where the security of protected, sensitive or confidential data has been accessed by an unauthorized person or persons. The information accessed through this type of breach can be copied, destroyed, stolen or sold to 3rd party interests.
The most common type of information targeted in these security breaches is social security numbers, credit card information, Emails, banking information, etc.
- Distributed Denial of Service (DDoS) – Type of attack that is designed to and with the use of multiple computers interconnected to a Botnet to Deny Access or to shut down “Crash” a targeted network system. This is accomplished by overwhelming the computer, website, etc. with more traffic than the system can handle.
- Domain Generated Algorithm (DGA) – Since C&C Botnets are easy to locate and block by traditional security measures. Botnets will use a DGA to avoid discovery, these DGAs are designed to generate so many domains it makes it virtually impossible to block them all.
Many of these generated domains have no functionality and since the Bots are designed to cycle through the domains looking for a functional one.
Dropper – malicious software that has been designed to “Drop” or install another different type of Malware like a virus or a Backdoor. They have been designed to avoid detection by Anti-Virus/Malware programs. In most cases, they stay hidden from these programs only to be activated at a later time.
- Encryption And Complex Protocols – Used to hide Botnet
transmissions in Botnet code, because a Botnet communication string is
made up of code and multiple headers, this makes the communication
extremely hard to understand and read.
So some of this Bot driven Malware will use a Trojan that encrypts
both the C&C communication and the Malware. A user will download the
Malware using an SSL Connection from an infected web
server. Once the software has been installed the Botnet will use
encrypted P2P (Peer 2 Peer) network to communicate with the C&C
- Exploit – Malware that finds and uses software vulnerability to gain unauthorized access to a computer, network or system.
We Are Almost Done!!!
As, I mentioned at the beginning of this post we were going to look at Internet Security Threats A through E, with the next half of threats to follow in a subsequent post. In the next post, we will look at the remaining threats H through Z. So I hope you found the First part of the glossary of Internet Security Threats informative, see you on the next page.
I hope you enjoyed this post and if you have any questions or just want to leave a comment please do so below
Stay secure and always practice
Safe Text !!!