article1Jon Baleva

What is Computer Security?

article1

Types of Computer Security Threats

 A malicious hacker hampers the functioning of your computer through its security vulnerabilities. There are different types of computer security threats present today. Here are some of the most common types of security attacks. Check them out. 

  1. Malware Attack

With different malware, attackers create malicious software that disrupts the system’s functioning and damages the computer. They installed this malicious software in the target’s computer without their knowledge to extract their personal information and damage the device. Some common types of malware are:

  • Virus: It is designed to damage the target computer by corrupting the data as they replicate themselves from one program to another. It spreads like an infection without the knowledge or permission of the user. 
  • Worms: Worms spread across the computer network by exploiting the operating system’s vulnerabilities. They often execute payloads, which delete files from the host, encrypt data, steal information, and create botnets. 
  • Trojan Horse: The Trojan enters your system disguised as a regular harmless file, tricking you into downloading and installing the malware. This malware can steal information, damage files, and even monitor user activities. 
  • Spyware: Spyware is designed to track your browsing habits and internet activities. It can collect keystrokes, account information, financial data, and many more. 

 

  1. Phishing 

Phishing is a practice through which the attacker sends a fraudulent message, as it is from a reputed company. It usually comes via email, bank, or other financial companies. The goal here is to steal sensitive information like credit card details, bank login details, etc. 

Besides obtaining credit card information, phishing is used to get employee login details to infiltrate an organization’s network. One way to understand and steer away from phishing communication is through user education. Users need to be taught how to identify a phishing message and what to do with one when they receive it.

  1. Man-in-the-middle Attack

The Man-in-the-Middle (MitM) attack, also known as the eavesdropping attack, occurs when the attacker intercepts themselves into a two-party conversation. By interjecting themselves into a communication process, the attacker becomes a passive listener and silently steals your information. 

For instance, in an online transaction, communication between you and your bank, the attacker will intervene without your knowledge and spoofs your card and pin details. 

Once the attacker interrupts the traffic, they can alter the contents of your messages, impersonate the person you think you are talking to, and filter and steal data. Common entry points for MitM are through unsecured public Wi-Fi or software breaches with the installation of malware on the target’s computer.

  1. Denial of Service

Distributed Denial of Service (DDoS), commonly known as denial of service attack, is used to flood the systems or networks with unwanted traffic. This useless traffic restricts the user’s access to the system or server. As a result, the design, server, or network will not fulfill legitimate requests. The attacker or the botmaster commands all the botnets to access the system simultaneously to create traffic. Botnets are a group of computers connected by an attacker compromised by a virus. 

  1. SQL Injection

SQL (Structured Query Language) Injection is a type of attack that mainly happens on websites. A SQL Injection occurs when the attacker inserts a malicious code into the target system that uses SQL statements to store data. It forces the system to reveal confidential information by submitting malicious code to a vulnerable website. 

  1. Password Attack 

As the name suggests, it is a type of attack through which the attacker retrieves passwords. Hackers employ the following techniques to crack a password:

  • Dictionary attack: handles passwords through the dictionary.
  • Brute force: decoding through a trial-and-error method.
  • Keylogger: records the critical hits on a keyboard.
  • Shoulder surfing: by observing the user’s keyboard.

What to secure and how to do it?

All organizations install computer security to protect three significant elements.

  • Confidentiality 
  • Integrity 
  • Availability 

Confidentiality ensures that the information is secure and only available to the intended audience. Integrity asserts that only authorized personnel can add and alter information and function. It protects the information being accessed by unauthorized parties. Availability asserts that the system and data are always available according to the level of service. 

We use various computer security methods for protecting information and data from falling into harm’s hands. These growing computer threats have pushed us to take rigorous preventive measures to stay safe. Several courses like CompTIA Security+ Course are designed for a better understanding of external attacks. Some of the methods to secure your computer system are given below:

  • Two-way authentication adds an extra layer of security to the authentication process. It makes it harder for attackers to gain access.  
  • Secure and robust passwords: Create strong passwords with a minimum of 15 characters, including capital letters, special characters, and numbers.
  • Install reliable anti-virus software: Anti-virus will prevent, remove, and detect malware. So, install reputable and dependable anti-virus software. 
  • Activate firewall: Firewall acts as the security between the internet and your computer.  
  • Keep the software updated: Many updates may contain new defenses against cyber attacks. 
  • Enable encryption: It converts ordinary texts into indecipherable texts.  
  • Avoid clicking email baits: Unknown sources can be part of phishing.
  • Perform regular computer scans: Periodical scans and updates will ensure your data is present and retrievable. 
  • Avoid public Wi-Fi: Public Wi-Fi is an easier way for an attacker to access your system.

Conclusion 

The internet is transforming and evolving our lives. Unfortunately, the number of cyber threats is skyrocketing. The vast network has become a battleground, hackers vs. cybersecurity professionals. 

New security threats pop up from time to time, and it is the responsibility of the professional to stay up to date with the techniques. With fitting Cyber Security Training, you will be prepared for today’s challenges. Apart from the means used by professionals, we must make sure our computer systems stay safe. The given methods will help lay a good foundation for computer security. 

article1Jon Baleva

article1

Jon Baleva is an IT professional with 20 years of experience in programming and networking. He is an expert in Python & IT Security domains as well as in Operating Systems (OS). He has trained professionals and students in IT Programming courses, Microsoft Azure, Linux   & MAC OS. He is also a writer who writes on tech-related topics for various tech magazines in Philippine. He is now an IT Trainer with Edoxi Training Institute, Dubai.

Leave a Reply

back-to-top