“Stranger Danger” is a common childhood warning phrase which uses to keep us safe from strangers who may appear good but actually mean bad to us. It seems this phrase has withstood the test of time and is relevant even into the digital world. Just as we share the world with different people – some good some evil – so we do share common networks for our computers. Therefore, we need to take a similar childhood precaution when using common networks to avoid the dangers that might arise from malicious network users. Some statistics state that one-third of the world’s computers are affected by malware. There is numerous computer malware that is already out there affecting the computer users and even more are still surfacing. Today, we are only going to look into two of the less commonly known malware but are actually affecting most of the computer users across the world: Trojan horse and DOS and DDOS attack.
Trojan horse
The name says it all; this malware uses a similar trick that the Greeks used to enter the securely protected city of Troy after failing to do so while using other war tactics for over ten years. The story is simple; the Greeks constructed a huge wooden horse and hid in it some of their best-trained soldiers including their legendary king and warrior Odysseus. The Greeks then pretended to sail away to indicate they have given in and left the horse behind a gift to Troy for winning the war. The Troy then pulled the horse into the city as a victory trophy. At night, the Greek soldiers sneaked out of the horse, opened the gate for their fellow soldiers who had sailed back under cover. In short, the Greek soldiers destroyed the city and ended the long lasted war.
There you have it, that is exactly what the Trojan horse malware does. We are always careful to protect our computers from attack by the third parties. Therefore, the best that the cyber attackers do to get into our computers is tricking us to invite them into our secured networks. Trojan horse is a malicious beat of software or attacking code that tricks the users to willingly run it by hiding behind a legitimate program.
Trojan horse spreads in various ways. One of them is through email. You might think that you have received a genuine email from someone you know. The email will come with what looks like a legitimate attachment and you will definitely click on it and download it. Up to this point, you may have been tricked. The email is from a cybercriminal who has properly designed it to fool you. Upon opening this attachment, it will go on to install malware on your device. Upon executing the malware, it can spread to other files and damage your computer.
You can also invite Trojan horse in your computer when you download cracked applications. Such software or their generation keys may contain the hidden Trojan attack. Some Trojan horse malware can also be concealed in unknown free programs such as games or screen savers, especially those found in untrustworthy sites. Other ways through which one can invite Trojan horse is visiting untrustworthy websites and opening infected attachments.
Once Trojan horse is inside your computer it can do a number of damages it is designed for. It can record your password by logging keystrokes, it can steal any sensitive data that you have in your computer, and even hijacking your webcam (I guess you have come across a number of computers whose owners have sealed their webcam with masking tapes or any other light blocking material). Trojan horse can also attack mobile devices such as cell phone and tablets.
You can protect yourself from Trojan horse by staying away from untrustworthy sites, pirated materials, and even dubious links. You can also upgrade your software, running internet security suits, protecting your personal information using firewalls and other antimalware software such as AVG, Avira, Zemana, McAffe, Norton, Kaspersky, and Avast.
DoS and DDoS attack
There are times when your internet access is showing full strength but you cannot access an online page. You would keep on refreshing and all you see is ‘service Unavailable.’ You must have probably concluded that the server is overloaded.
Actually, there are cases where the server gets overloaded with traffic and crashes hence making it unable to access the webpage. This usually happens in the news pages when there is breaking news that attracts the attention of many internet users. However, more commonly, this is what happens when your computer is under a DoS attack (denial-of-service). DoS is a malicious traffic overload that occurs when the cyber attacker overloads a website with traffic. A website cannot effectively serve its purpose to the users when it is overloaded.
A DoS attack is carried out using one machine and its internet connection by simply flooding a website with packets hence preventing the genuine users from accessing the contents of the website. However, nowadays, it is difficult to successfully load a server using a single other server or even or a computer. Just when we think that the DoS problem is solved with time, we again meet the DDoS (distributed denial-of-service attack).
DDoS is similar to DoS but is more forceful and difficult to deal with. While DoS typically uses one internet connection to flood a targeted system, DDoS attack uses multiple computers and Internet connections to attack the targeted system. DDoS attacks are always global and are distributed through botnets.
It is likely that not all the computers and the networks used in the DDoS attack belong to the attacker. The computers are compromised and added to the attacker’s network through malware. The computers can be distributed across the globe and the network of the compromised computers is known as a botnet. A botnet can involve two computers to thousands and more.
A DDoS is very difficult to identify and defend since it comes from multiple IP addressed simultaneously. One of the reasons why DDoS is very popular is it can be very cheap to carry out. There are many DDoS-for-hire groups operating on the dark web. These groups can effectively mobilize vast botnet networks of compromised devices such as IoT systems.
The largest DDoS attack ever recorded occurred in February 2018 and targeted Github. This attack managed to knock the code respiratory offline for 10 minutes. The greatest disruption under DDoS attack came in 2016 and influence popular sites such as Spotify, Amazon, and Netflix.
Good practice for dealing with DDoS is using a Web Application Firewall (WAF) against attacks such as SQL injection or Cross-site request forgery. These items attempt to exploit the vulnerability in your application. You can also create customized mitigations against illegal requests coming from bad IPs or those that could have characteristics like disguising as good traffic. You should also be careful with unexpected geographies. You should also try to mitigate the attacks as they happen so as to get the experience support for studying traffic patterns and create customized protections.
Summary
We may be aware of this malware but keeping track with all the network security threats is definitely a difficult task. We cannot be completely sure that the systems we are using are completely protected from the cybersecurity threat. However, we need to do our best in ensuring that our systems are as secure as possible.