To begin, transmit, and distribute an attack, blended threats combine the features of viruses, worms, and Trojan horses with server and Internet vulnerabilities. Blended threats may quickly spread and create extensive damage by utilizing many tactics and strategies. Because they combine such diverse techniques to achieve their goals, it is not possible to defend against them entirely using traditional security measures.
Blended threats are a major concern for organizations that use open communication methods such as email, social networking, web browsing, and remote desktop connections. An attacker can incorporate a virus, worm, or other malware into any of these types of content -- for example, by inserting it into an attachment file sent via email or posted on a website. When this content is viewed or used by one of your employees, the virus will be activated too.
Viruses, worms, and Trojans do not discriminate between administrative accounts and non-administrative users. Therefore, if one user has access to the email system or web browser tools, then all users who use those services are at risk. Since administrative functions provide read/write access to files and folders, an attacker could modify or delete important documents if they have hacking capabilities. Users should exercise caution not to give away administrative rights when working from a public computer.
Server vulnerabilities exist because most organizations use servers to provide information or resources to customers, members, partners, or employees.
Machine worms are malicious programs that swiftly duplicate and propagate from one computer to another. Worms are frequently spread by exploiting software weaknesses. Computer worms are one of the most widespread computer network hazards, despite the fact that we don't hear much about them these days. The first worm was written in 1988 for the Berkeley random number generator project, and since then many more have followed. Worms can cause significant damage to computers, as they search for open directories on networks to infect.
Worms can be classified according to their method of transmission: contact worms, non-contact worms, and stealth worms. Contact worms use messages to spread themselves to other computers, such as email viruses and social networking malware. Non-contact worms use special files or commands to spread themselves automatically, such as rootkits and Trojan horses. Stealth worms hide on computers without anyone knowing it has happened.
Computer worms can also be classified by what they do once they have infected a computer. There are two types of payloads: data collecting parasites and program destroying parasites. Data collecting parasites copy themselves to other computers and store information such as usernames and passwords. This allows the parasite to gather confidential data. Program destroying parasites delete important files on infected computers or replace them with copies made by the parasite. These copies contain hidden instructions that can be used to initiate further attacks.
Finally, computer worms can be categorized by who creates them.
Though the list of possible dangers is enormous, the most prevalent security threats you should be aware of are listed below.
An advanced persistent threat (APT) is a sophisticated, long-lasting hack in which an intruder creates an unnoticed presence on a network in order to steal critical data over time. Cyber espionage, including the theft of intellectual property or state secrets, is an eCrime committed for monetary benefit. Although cybercrime can be done for revenge, it is often done for profit.
Examples of APTs include the Stuxnet virus that was used to damage Iran's nuclear program and the Chinese hacker group Red Dragon that stole data from NASA among other organizations.
The term "advanced persistent threat" has become popular since the New York Times published an article about it in March 2004. The article described how a computer hacker group called Lulz Security had broken into several large companies' computers and was still inside them more than a month later. The newspaper coined the phrase "advanced persistent threat" to describe this type of hacking attack.
In April 2014, Microsoft announced that one of its customers had been attacked by someone using an anonymous email address to tell the company that its internal systems had been breached. This incident led to speculation that it could be another Lulz Security campaign, but members of the group denied involvement. In addition, there have been reports that North Korea may be responsible for attacks against South Korea and Japan, but these claims have not been verified by any third parties.