Let me ask you, what am I holding in my hand? To you, it may seem that I'm holding my credit card and my driver's license, but to a hacker, I'm holding almost $70 in my hand and that's because the three-digit number at the back of my credit card can fetch up to $15 in the black market. This together with the information about the credit card number, the bank information can get up to $25. The date of birth on my driver's license can fetch up to $15 and the address information and other personal information can get up to $30 in the black market. So, we must ask that all this information that we hold to so dearly in our wallet; are they protected when they are in the digital format? Especially in your tax documents, in your car insurance, home mortgage, banking information documents and all the electronic versions of that which you store in your laptops, in your emails, and in the web service. Just ask yourself if your computer is protected. When was the last time you checked to make sure that the antivirus running on your machine is up to date? Do you even remember the version or the brand or the features of the antivirus that you're using? If not, it's better to check whether your computer is properly protected because hackers have a lot of ways to get around to the data that you store on your machines. In this lecture, we are going to see some of those techniques that hackers use for cybersecurity threats. So, the first type of cybersecurity threat that we are going to talk about is a malware. The term Malware comes from two words malicious and software. These are malicious software that are malicious codes that have been written by hackers for a variety of reasons. Some of them may be innocuous, just as a prank; others can have a more nefarious purpose. For example, they might be trying to steal your personal information, your financial records, your transaction history with the bank, your medical records, intellectual properties, and organizational secrets and thereby cause massive financial damages and process disruption. The most common form of malware is a virus. Viruses are different from the biological viruses that can infect humans. These are computer programs that can infect other computer programs and make the machines sick. So, these viruses just like the biological viruses can propagate very rapidly. They do so by attaching themselves to other programs and applications that you're using, and when those programs and applications are transferred to another machine, this copy of the virus gets transferred with them, and thus, they infect the other machines as well. Some of these viruses can be lying dormant for a long time, others can cause immediate damage. For example, the Friday the 13th virus is a virus that will operate in a stealth mode. Until the calendar reaches Friday the 13th, this virus lays and wait. When it's Friday the 13th, this virus would delete all the files, and applications, and documents that you have opened on your machine, and thereby, cause much inconvenience. Some viruses like the Melissa virus have caused more than $1 billion of damage. The Melisa virus would send out infected Word documents from Microsoft Outlook. There are many such viruses that have continued to wreck havocs reaching up to $38 billion of damages. Another type of malware is a worm. These are not the creepy crawlers in your garden; rather these are a special type of virus. These viruses are different, and that they have network awareness and they can propagate on their own. They would use shared drives and shared folders in order to propagate from one machine to another without requiring human intervention. Once it's on a machine, it will use up all the available resources on that machine, and thereby, slowing down the machine. It will use up all the CPU cycles, memory, bandwidth, and thereby, slow down the machine and the networks on which that machine is operating. Examples of some of the most important worms in history include the Blaster, Code Red, Nimda and these have caused billions of dollars in damages as well. Another type of malware is a Trojan horse. These computer programs disguised the true intent from the users. For example, they might appear in the form of a beautiful screensaver that you want to download. But once it's on your machine, it's going to start deleting files and open up a backdoor for the hackers to take administrative control of your machine. That's why its name is derived from the ancient Greek story of Troy where the Greek soldiers were hiding their true intent inside a wooden horse. Trojans trick the users into downloading them, but unlike viruses and worms they cannot propagate on their own, they would depend on humans to pass them from one machine to another. Ransomware attacks which threaten to publish the victim's data or to perpetually block access typically use Trojan viruses. Some of the most famous Trojan viruses are the Shedun Trojan and the Zeus Trojan. All these malwares, viruses, worms, and Trojan horses use some kind of software vulnerabilities resulting from poorly constructed programs and software. For example, some of these programs may be enabling improper access to a computer's memory location that should not actually belong to it. It belongs to some other data of other programs; these are called buffer overflows. Other sources of vulnerabilities are poorly designed web forms that do not validate the user input before creating databases. Hackers often take advantage of such lack of input validation to gain unauthorized access to databases. These are known as Code Injection techniques. So, now that we have seen how computers can be compromised, let's talk about botnets. Botnets are a network of computers that have been compromised by worms or Trojan horses, which can then be used to launch simultaneous attacks. Often these botnets of infected machines are rented out by attackers to hackers who have developed the worms or Trojan horses and they want to use these to gain control of other machines. To create botnets, users are first tricked into installing some form of malware or Trojan horse, and these worms help the malware propagate to other network machines because worms have a self-propagation mechanism and the Trojan horse component opens up a backdoor for the attacker to control these machines. Botnets are often employed by attackers to spread spam and to launch coordinated denial of service attacks on a target machine. The target machine, for example, a server is overwhelmed with simultaneous data requests from the bots, and thus, is unable to cater to the legitimate requests. The service becomes unavailable or the website goes down. It's the same method that is used for mail bombing and flooding someone's mailbox with unsolicited emails. This kind of attack is known as a distributed denial of service attack. One way to counter such denial of service attack is to keep firewalls and routed patched and their traffic filtering rules and settings updated. So, in the next video, we're going to continue looking at other cybersecurity threats including password cracking and identity manipulation through eavesdropping and impersonation.
