Monday, May 11, 2009

Midterm Question #3 Internet if properly maximized can be used as a medium to the advantage of the company. However, risks and threats are there. Thus

Midterm Question #3

Internet if properly maximized can be used as a medium to the advantage of the company. However, risks and threats are there. Thus, research the following:

Question#1. Identify the possible risks and threats (eg. virus) that can potentially attack a company with internet connection.
Answer:

There are ten of the most prevalent threats covered here. Either go through them all, or click on the links below for those you are particularly interested in:

  1. Viruses and Worms
  2. Trojan Horses
  3. Rootkits
  4. Crackers and Hackers
  5. Spam
  6. Web Bugs
  7. Child Security
  8. Pop-Up/Under Ads
  9. Tracking Cookies
  10. Spyware

What Is A Virus?
A virus is a man-made computer program that infects a file or program on our computers. Each time the infected program is run, the virus is also triggered. It spreads itself by infecting other programs on the same computer.

What Is A Worm?
A worm is also a man-made program that replicates itself. However, unlike a virus, it does not infect other program files on the computer. Instead, a worm spreads itself automatically to other computers through email, over a network and via Internet Relay Chat (IRC).

What Is A Trojan Horse?
Although Trojan horse programs are categorized as viruses, they are not true viruses, since they do not replicate. But, like viruses, they are one of the most destructive of the Internet risks covered in 'How Do You Stay Safe On The Internet?' and are favored by crackers and spyware writers.

What Is A Rootkit?
Rootkits are not destructive in their own right... but they are designed to conceal the presence of malicious programs on a computer.

What Is A Hacker/Cracker?
The term "hacker" is a misused term. We should really be referring to a "cracker" to describe those who break security on a computer system.

The original term "hacker" refers to computer enthusiasts who enjoy learning everything about a computer system.

What Is Spam?
Spam is defined in Dictionary.com as, "Unsolicited e-mail, often of a commercial nature, sent indiscriminately to multiple mailing lists, individuals, or newsgroups; junk e-mail".

Spammers peddle pornography, sexual aids, diet pills and get-rich-quick schemes... in fact, anything that has a perceived value.

Spam is no longer just a frustration, nuisance and time-waster... it has now become a major Internet security risk to those of us who want to know, how do you stay safe on the Internet?

What Is A Web Bug?
It is an image file, usually 1x1 pixel, hidden on a web page or in an HTML e-mail and will be of interest to those who ask 'How Do You Stay Safe On The Internet?'

What Are PopUp/Under And Banner Ad?
A pop-up ad appears as a separate window on top of the web page we are viewing, whereas pop-under ads appear under the page being viewed, becoming visible when the web page is cancelled. A banner ad is immediately on view on a web page and can be animated or stationary.

What Are Tracking Cookies?
When we browse web sites, the web server for the web site sends a cookie to our web browser (e.g. Internet Explorer), which it then stores on our computer hard drive.

What Is Spyware?
Spyware has surpassed viruses as the number one computer Internet security risks facing us today. Most estimates report that 80-90 percent of computers already have been infiltrated by spyware.

Spyware is software that is installed on our hard drive to gather information about us and our computer habits. It then transmits it through our Internet connection to a third party, usually without our knowledge or consent.

There are two categories of spyware... surveillance or monitoring spyware and advertising spyware, or adware.



Question#2. Case research and analysis:
Question#2.a Identify one company that had experienced an attacked from the internet.
Answer:Blue Frog company

Question#2.b Describe the attack.
Answer:they deal with attacks on a regular basis, and this was an order of magnitude larger than what they are used to seeing. For the first part of the attack, this was seen as a network problem, because it caused connectivity issues for two of our three upstream providers.

Question#2.c Identify the damages done and the solutions adopted to reverse the damages and to protect the company from future threats.
Answer:

The company's service, Blue Frog, enabled nearly a half million users to automatically opt-out of unsolicited bulk e-mail messages, or spam, by each sending a single message back to the advertiser. Collectively, the automated opt-out messages inundated the clients of spammers forcing six of the top-10 bulk e-mail groups to agree to use the company's filtering software to cleanse their mass-mailing lists of any Blue Frog users, according to the firm.

However, one spammer decided to attack back instead. Starting May 1, the spammers--who Blue Security identified as PharmaMaster--attacked the company's Web site and spammed Blue Frog users with even more mass mailings. The attacks not only disrupted Blue Security's operations but knocked out the Web blog hosting service Six Apart and a handful of Internet service providers, including Tucows.

While the company had started recovering from the initial attacks, the spammer promised more to come, said one company source. Those threats and the collateral damage led the firm to decide to shutdown its service.


The closure marks a sudden end to a controversial service and highlights the importance of spam as a source of cash for the underground Internet economy. In December 2005, spam e-mail message accounted for half of all e-mail sent, according to security firm Symantec. (SecurityFocus is owned by Symantec.) While spammers cost companies an estimated $20 billion, they only netted roughly $20 million to $30 million in profits in 2003, according to estimates by analyst firm Ferris Research.

The attacks also underscore the power that criminals can still wield on the Internet, especially through large networks of compromised computers known as bot nets. Bots have become the tool of choice for many online criminals to extort money from legitimate companies by threatening a hard-to-stop denial-of-service (DoS) attack; other criminals use the controller software to install adware on the compromised PCs to earn affiliate fees from the advertising networks.

The success of the attacks also reveals that, despite e-commerce companies' assertions that the Internet has become safe for business, the worldwide network has progressed merely from the Wild West to the equivalent of the 1920s mob-controlled urban centers, said Peter Swire, a law professor at Ohio State University and a member of the advisory board of Blue Security. To fight the online gangs of the Digital Age will take concerted efforts on behalf the U.S. government and other countries, he said.

"This attack was from an organized crime ring on the Internet," Swire said. "The rising amount of extortion on the Internet is a symptom of under-enforcement. It takes concentrated effort to break up any mob, and legitimate companies are at risk of extortion attacks unless enforcement and other cybersecurity measures improve."




reference: www.google.com
student: Jessa Daquil
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)