A computer threat is any kind of malicious and intentional attempt to damage or disrupt a computer or its related systems. It can either be software or hardware in nature. Some examples of computer threats include viruses, Trojan horse, worms, logic bombs etc. Computer threats are categorized into two classes- active and passive. Active threats are attempts by a user to damage the system for example by creating a virus which is then spread by email attachments. Passive threats on the other hand are unintentional attempts made by a user to damage the system for example opening an email attachment that contains a virus without knowing its contents.
{tocify} $title={Table of Contents}
1. What are active computer threats?
An active threat is a harmful program that can be installed on your computer by clicking on a link, opening an attachment or running an executable file. Once active, the threat can scan your computer for personal information, monitor your activities or perform other tasks that would be harmful to your computer. Most typical forms of such exertion are: Culture % of users infected < 95% 1 culture = 1 orphaned program. Blackberry OS is more vulnerable to trojan horse attacks, compared to other smartphone platforms (source: Wikipedia).
Internet Explorer runs on the Windows operating system under which Chrome runs. This allows an attacker to open compromise websites that are registered through Google web directories and search engines. (IE: bypassing firewall), Installing harmful software with Microsoft Word or Excel is a relatively easy task because Microsoft automatically allows the installation by default if you ask for permission.
This is different from asking Windows 10 for full control permission (right-click on the executable file, choose Properties) because most Windows 10 users don’t know that option exists, or they only see an error box that they need to close. (Source: Windows Automatic Approval Center) Every security solution has its own levels of protection. Users of Windows 10 can click the hamburger menu (three dots) icon and select Settings, Advanced System Settings or User Accounts to open it. Apps installed through the Store will be listed there. Click the app you wish to remove. If you don’t see this option the app is in the App Library and will be shown directly in your Start menu. Hit the X button to remove the app. You can also remove malicious extensions for the browsers: To remove all the extensions from Chrome, open the website chrome://extensions/, locate the installed extensions and hit the trashcan button. (Source: Wikipedia) There are also plenty of useful and funny “extension” names out there, such as “my tiny hands are too big”, “I am friendless and lonely and depressed” or even “Are you an idiot? This extension is annoying me.”.
2. What are passive computer threats?
Passive computer threats are subtle and difficult to detect, because they do not require any action from the user to launch an attack. Unlike active threats, which require the user to execute malicious code or open a malicious file, passive threats lurk in the background and wait for the user to perform activities the threat actor wants to monitor or exploit.
Below are list of top security threat identified by McAfee with further insights into how to deal with them. Advertising Fraud/Phishing Advertising fraud and phishing can suffer any of the following: Process hijacking With user consent, ads can be injected at various points within the browsing process. These include pop-ups, interstitials, interweb, sessions etc. These insertion points should be avoided because by definition, ads are invasive. Ad insertion can happen when either the user or the advertisers consent (i.e., user becomes a publisher) or they are not provided with adequate information (i.e., protect your sensitive information or join an anti-phishing web campaign).
Typical symptoms of advertising fraud/phishing include: Page loading times are too slow Ad blocks take too long to load Shopping cart is cleared in one page before the user proceeds to the next Decreased conversion rates Extremely long form submissions Would you believe that this is happening already? If not, start thinking about becoming a publisher. Disabling JavaScript and Cookies If your website is using JavaScript, or cookies, to display specific content to a user and do not disable them, a hacker can place a nasty JavaScript tag in a page of your site. Browsers by default suppress debugging functions like JavaScript and Cookies.
Users who do not know what to do or fixed the default security settings can not take preventative steps to defend themselves. What to do: Turn on debugging Views – Here is a very detailed post on how to enable debugging in Chrome. Enabling cookies in Google Analytics – Here is a very detailed post on how to enable cookies in Google Analytics.
Read More Details: Which One Of The Following Can Be Considered As The Class Of Computer Threats?
3. How to protect your computer from threats?
Viruses and malware are a threat to your computers and can cause data loss, identity theft, and other problems. To protect your computer from threats, use these tips: 1) Run anti-virus software and keep it up-to-date. There are many free anti-virus programs you can install on your computer.I personally recommend the Malwarebytes Anti-Malware which is available for most of the popular operating systems.
2) Use additional technology like anti-malware and anti-malvertising software to combat viruses and other malicious content behind web banners and search engine results pages.
3) Try to avoid connecting to public Wi-Fi networks or public Bluetooth networks.
4) Avoid clicking on suspicious links suspicious source codes, attachments or unsolicited social media updates, or ask strangers for information or donations.
5) Use anti-virus and firewall software to clear the Internet connections of malicious content before they reach your computer.
6) Back up your documents, pictures, videos, and other important files regularly.
7) Update the software on your computer and update the security firmware frequently.
8) Do not allow strangers to wipe out your data or insert advertisements or spyware onto your computer.
9) Update the security of your operating system frequently by installing security updates.
10) Always follow best practices for installing, using, and maintaining operating system software. Windows viruses are generated by inserting destructive code into a computer. They are computer-based threats and you can detect them as soon as they enter your computer system by the presence of a virus scanner or antivirus software.
This type of infection is known as a trojan horse attack. They are categorized as active, passive, and email-based. Active viruses can insert their code within the operating system directly without the user being aware of the process. Passive threats can use email attachments or third-party content such as online forums. They can be easily deleted by the operating system when it detects it. Email-based threats can be created by sending spam text or email content to a person or a group without his or her permission.
Conclusion:
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Active threats are usually malicious and intended to cause damage; they typically do not require any user interaction or interaction by the system running the threat, let alone user interaction reporting. Passive threats however, often have the capacity to be spread even without the user or system initiating the action; an example of a passive threat would be an email that contains a widget that links to a URL that includes a malicious script.
Microsoft, for example, defines categories of computer threats as follows: · SQL injection attacks - An attack where a hacker injects SQL commands into a web page to manipulate data. The SQL injection may penetrate the page's architecture, traverse several layers of redirect chains, and inject commands by default; the result may be that pages are no longer displayed in search results.
Examples of SQL injection attacks are those spread through email or attached in email spam – email spammers will hide the commands in the HTML of the attached email in order to insert the commands at different points throughout the email body. · Session hijack attacks - An attack where a hijacker shuts down system resources to mine cryptocurrency.
A common way to accomplish this is to inject JavaScript into a legitimate video stream on a web page. Once the JavaScript is loaded, a hacker will then monitor the user’s browser session. When the user logs back in and refreshed the page, the malicious JavaScript will wipe the user’s session cookies, and the hacker will have full control of the user's web browser. · Denial of Service Attacks - An attack that is launched to prevent a user from accessing desired resources located on the web.
0 Comments