Cyber Attacks explained in laymen's terms

jacor (70)in #wannacry • 7 years ago (edited)

Steem and Steemit brought a lot of new non-techie people into the world of Crypto and Blockchain. I have often written articles to explain different technology sets in laymen's terms to help the technology challenged to understand what everybody is on about :)

I believe that most IT people go through the hacking stage at some point of their lives. For me it was mostly about the challenge of seeing if I can do it. This was many years ago in the early days of computers and I had some skills form this perspective. It was never about actually doing anything when I am in… It was more about the challenge of getting in. When I found that it was actually fairly easy or not too difficult to do, I lost the urge to do it :)

There are however a lot of malicious people in the world, that want to hack to hurt. In my opinion there is no real difference between Breaking and Entering vs Breaking into somebody's computer or network. When you enter somebody's network or computer, you are violating their personal space.

I was yet again the victim of crime recently when somebody broke into my car and stealing my personal belongings. Unfortunately in South Africa, this is part of life… It is sad, but it is now at the point when I went to the police station to report the incident, I actually said to the officer that I am here to report an incident in order to follow the appropriate process to submit my insurance claim. I had no expectation for the police to actually make any effort to catch the criminals. Anyway … Enough about the uselessness of our countries government and police force.

Today I want to explain some keywords of Cyber Attacks.

Virus / worms / Infections

Image Credit
The whole cycle starts when somebody downloads or gets infected by malware. Mal ware is an abbreviation for Malicious software Malware are usually distributed as either a virus or a worm. The software is uploaded onto a user's machine when a user accesses a specific site and user have no specific protection against the specific virus or worm.

Hopefully most of us are protected by Anti-Virus products. There are however more and more viruses and worms written by malicious individuals around the world to exploit vulnerabilities in operating systems or networks. These are then targeted to open a door for the software to get onto the user's computer.

I have often wondered if the anti-virus companies aren't actually writing the virus to sell more software :)

A virus is software that was specifically written to execute when a user takes a required action. The virus can only execute or start when the user actually clicks a file, send an email, share a file, or whatever the malicious developer has programmed into the code.

Image Credit

Worms on the other hand can execute without any user interaction. The worms can therefor propagate themselves across a network and infect other computers without the assistance of anybody. Dangerous little buggers :)

Vulnerability

Image Credit
Although the developers of operating systems and network devices try to cover all aspects in their software by testing as much as they can, the world of computers have become so complex, that it is not possible to cover all angles. There are always something that is not covered, hence allowing hackers and virus developers to exploit this flaw or bad spot in their software.

Updates or patches

Software development is an ongoing cycle. When the developers find or are made aware of a specific vulnerability, patches are released to fix the problem. It is therefore very important to update your computer software and patches constantly . My suggestion is to always use original software that can be updated over the internet. Which again makes you vulnerable, but the large suppliers usually have most basis covered.

Botnet

Image Credit
These things are really dangerous, as it is a network of infected computers which can be controlled remotely by the originators of the malware. It can literally be thousands of computers which is used by the attackers.

Kill Switch or killing switch

Heavy machinery usually have a safety mechanism built in to kill the machine in case of emergency. In the Cyber Attack world, it is a switch that will switch off or stop the spreading of the virus or worm.

In the latest Wannacry attack, somebody actually found the kill switch by investigating the code of the attacker. The software was contacting a specific domain, before infecting the next computer. The domain name was taken down and it actually killed the spreading of the virus. It is however still not over as the machines infected are still infected. I am fairly sure that the software can be changed and updated to initiate the attack again.

Some other attack mechanism's

Phishing

I am sure a lot of you have received emails from specifically your banks which warns you against phishing attacks. Malicious people use phishing to gain access to your user names and passwords through deceit. This can be in many forms, either by sending you an email to login to your online banking, but you are directed to a site which looks exactly like your banks website but it is actually a replica of the site. Your detail are then recorded and the attacker logs into your bank and have full access to do what he likes.