Malicious Attacks
Christine Jung, Max Park, Steven Ko,
Ying Lin, Monica Tong
What are Malicious
Attacks?

A malicious attack is an attempt to forcefully abuse or take
advantage of someone's computer, whether through
computer viruses, social engineering, phishing, or other
types of social engineering.

This can be done with the intent of stealing personal
information (such as in social engineering) or to reduce the
functionality of a target computer.

In July 2009, average of 89% of email
messages were spam. U.S is the top
country for malicious activity in 2008 U.S
is ranked first for malicious code, phishing
website hosts, and originating attacks.

Where does Malicious Code Hide?
1. Email
2. Web Content
3. Legitimate Sites
4. File Downloads
Types of Malicious
Attacks

Malware
◦ Adware
◦ Spyware
◦ Trojan Horse
◦ Crimeware
◦ Viruses
◦ Worms

Social Engineering
◦ Phishing
◦ Baiting
◦ Spam
Who is the Target?
How malicious hackers attack
By Roger A. Grimes | InfoWorld
1. Log-on credential or password guessing/cracking
2. Buffer overflow
3. Application or OS vulnerability
4. Application or OS misconfiguration
5. Data malformation -- SQL injection, XSS, and so on
6. Sniffing/eavesdropping
7. Client-side attack
8. Social engineering
Twitter site disabled after hackers launch
malicious online attack | Technology | The
Guardian
Attack targets Sony 'rootkit' fix - CNET
News
Why
•Cyber vandalism
•To cause harm or data loss
•Corrupting other people’s hardware
•Profit motive
•As a prank
•To take control of users' computers for black-market exploitation
•To help in profit for spyware where programs are designed to monitor users'
web browsing, display unsolicited advertisements, or redirect affiliate
marketing revenues to the spyware creator.
Prevention
“A detection system may detect suspicious activ
ity, but where is the protection from fast acting
attacks?
A prevention system must identify and stop ma
licious attacks before they do damage and have
a chance to infect a system.”
Preventing Malicious Attacks on the Internet
Along with intrusion prevention, a useful tool for the home us
er is to become familiar with some of the tricks and technique
s that hackers use to break into systems.
-scanning systems for weak spots, like an operating system t
hat has not been upgraded or recently patched
-the use of malware to record important information from the
computer (e.g., passwords or financial information).
Remember that a system may not always be attacked to steal
information; it may also be attacked to be used as a storage s
ite for illegal content (such as pirated movie downloads) or a
system could be recruited into an online 'bot army.'
Preventing Malicious Attacks on the Internet
To increase security of the home computer, the home user can take
a few relatively simple steps.
-One of the first steps in computer hacking prevention is to make
sure that all of your software is up-to-date.
-Another measure that any home user may take is to install a firew
all. The firewall’s purpose is to stop unauthorized contact or entry
onto the system.
-Different applications on the market will scan and remove
malicious code that has found its way onto a hard drive. Running
various virus software applications yields benefits as well.
Works Cited
1. Metalib: search “attacks on the internet”: Burch, Hal. “A
sercuirty study of the internet: an analysis of firewall
behavior and anonymous DNS.” Cameo: 2004
2. Databases A-Z: Web of Science: Chu HC, Deng DJ, Chao
HC, et al. “Next Generation of Terrorism: Ubiquitous Cyber
Terrorism with the Accumulation of all Intangible Fears.”
Journal of Universal Computer Science V. 15 I. 12: 2009
3. eJournal A-Z: ECO Electronic Collections Online: Search
Attacks on the Internet: Radosavljevic,
Vladan;Belojevic,Goran. A New Model of Bioterrorism Risk
Assessment. Bio security and Bioterrorism 7, no. 4: 443451, 2009
4. http://www.infoworld.com/d/security-central/howmalicious-hackers-attack-447