Let’s say user (A) download an execution file (EXE) on his-her PC and double click on that file, if this file is infected the virus works based on the written code by the hacker/ attacker/ intruder and copy some files into the system. In case, user (A) does not have virus protection, the virus works perfect in destroying that computer or sending information from this computer to the attacker email. Viruses not only designed to destroy PC’s, but also designed to get information from
While the present exploits are using PowerPoint files to deliver the malware, given the type of flaw, they may start using different office files such as word documents or excel spreadsheets.
The Stuxnet attack was not executed to steal or erase information. It was carried out to physically destroy a military target; Iran’s Natanz nuclear facility. The attack was aimed at industrial SCADA controllers and was a stand-alone attack. It was not an attack that required access to the Internet. The attackers relied on local networks and USB drives to carry out the attack.
As such, he introduces a technique of identifying a spectrum of potential vulnerabilities and suggests procedures to deal with them. Systems Specification and High Order Language Implementation are categorized as items of high risk to attacks. Security Policy and Machine Language Implementation are classified as items of moderate risk of being vulnerable to attacks. Circuits Electronics and Device Physics are of low and very low risks respectively. He also discusses potential threats such as deceiving operating systems to grant access to file or data to unauthorized users through direct (overt) and indirect (convert) channels. Walker also says that lack of precise definition of trusted operating systems and the higher cost of building them are the significant drawbacks faced by the vendors. Vendors are concerned that if they build trusted operating systems, they might not be accepted by their customers. The only solution suggested by the author was to have someone or a company builds it, shares the technology used, and convinces the general public on the significance of it. Once it becomes accepted, then there will be a widespread use of trusted computer operating systems.
Each year there are many attempts to illegal gain entry into networks by attackers to steal information. Some attacks are designed to steal information while other may be to attack a system to cause damage or disrupt services. Attack can happen from anywhere in the world due to the internet and networks. A person from China can hack into an American network or such Stuxnet virus attack on Iran nuclear power plan which thought to be from Israel or United States but it is unsure where the virus originated from. According to Merkow & Breithaupt (2006), viruses caused the greatest financial loss over other computer crimes, (p 142). Worm is a type of virus which replicates and can easily infect a machine and then spread out across the network by using transport features of the computer or network.
Supervisory Control and Data Acquisition System Network systems (SCADA), Distributed Control System (DCS) and Industrial Control Systems (ICS) are examples of controlling their Critical Infrastructure. Because once the hackers are able to gain access to the SCADA Network system and sabotage the system, then the Critical Infrastructure would lead to cyberwar and chaos.
Computers have become part of our daily complex lives; we depend heavily on computers to help break our complicated lives down. Most people now prefer to do things the digital way and so does companies. Most of trading (buying and selling) is now online which requires computers. In order to satisfy our hunger for digital living, there is a need for technology called the operating system to carry out the activities we require our computers to do. Computers and technology come in different forms and sizes and due to the capitalistic nature of our economy everyone is allowed to come up with their own form of computer and even the technology to run it. In recent years’ companies have gained interest doing business digitally and since software have become easier to write or code, it is also vulnerable- easy for programmers to access and exploit called hacking. Hackers are unapproved clients who break into a technological framework, change or decimate data, frequently by introducing hazardous malware without the insight and assent of the host company. Companies are now at risk of losing much more than money by doing business the digital way. It is in this view that the Security Exchange
Computer viruses have been around just about as long as the personal computer has existed. With the advent of the Internet, the ability of viruses to rapidly spread has increased substantially. Despite this increase in capability to infect large numbers of computers across international borders, the definition of a computer virus has not substantially changed over
Another occurrence of cyberwarfare and its power lies within the Stuxnet worm, unleashed primarily to attack Iranian industrial programmable logic controllers (PLCs) in the nation’s Nuclear facilities. The Stuxnet worm is typically introduced to its target environment via an infected USB flash drive, and upon being loaded onto a computer running the Microsoft Windows operating system the worm would then seek out Siemens Step7 software. This software will then allow for Stuxnet to control Iranian PLCs, collecting information on industrial systems and causing the fast-spinning centrifuges to tear themselves apart. Stuxnet’s complexity is evident in its three prong approach to infection: It unloads a worm that executes all routines related to the main attack, it executes a link file that automatically activates other copies of the worm on the same network, and it activates its rootkit, which allows it to hide its processes and activity on the local computer as well as the entire computer network. Kaspersky Lab, an international software security group operating in almost 200 countries and territories worldwide, concluded that the attack “is a one-of-a-kind, sophisticated malware attack backed by a well-funded, highly skilled attack team” and that the “attack could only be conducted with nation-state support and backing”. In May 2011, the PBS program Need To Know cited a statement by Gary Samore, White House Coordinator for Arms Control and Weapons of Mass Destruction, in which
To understand the business of malware, one must understand how malware has evolved in the past twenty-five years. Malware, which includes all kinds of malicious software, was originally created to show the weaknesses of computers. The first type of malware, created in 1986, was a virus called “Brain.A. Brain.A was developed in Pakistan, by two brothers - Basit and Amjad. They wanted to prove that PC is not secure platform, so they created virus that was replicating using floppy disks” (Milošević). Even today malware is still used to check the security of machines.