An Overview to Today’s Computer Intrusion Problem
Computers and the applications and programs that run on them have evolved in sophistication and complexity.
The Internet has evolved in size, users, complexity, content, applications for sale that you can use on your computer, etc.
Viruses have evolved in sophistication, complexity and the damage they can cause to a computer. As they have evolved, anti-virus software has been forced to evolve in response as well. Your computer anti-virus programs are constantly being updated to meet new threats that are appearing almost daily.
Hackers have also evolved. Now they are no longer constructing simple intrusions for fun and just to see if they can do it, now they are getting into the computers of people such as you and I, into businesses, major corporations, governments and learning institutions. They are stealing information from us all such as personal and financial information, online computer usage information, Internet usage information, location and personal movement information and more.
Even the companies we deal with who provide online, computer and application services to us are taking information from our computers that we did not even know they were taking and they are taking it without our permission and are currently using it to find ways to market more products and services to us to make more sales.
Just go to a travel site for example and check on the cost for a flight to Las Vegas. By the following day, you will be getting a number of e-mails from various sources about current “Las Vegas” deals – hotels, car rentals, cheap flights, etc. Hackers and external business entities learn from you every time you touch your computer. Even the keystrokes you type in your computer are sent to Microsoft daily unless you reconfigure the default “Privacy” settings to stop them from having this information.
Once your computer has sent out your information, you have absolutely no way of knowing how it is being used, who has it or who they are selling it to.
A whole new “Hacking” language has evolved as well. There are now new terms in our language being used to describe what was once just called “Hacking” – now there are actually categories of hacking that you can learn about and each of these has their own terminology. A few examples of this include:
Clickjacking (User Interface redress attack, UI redress attack, UI redressing): This is a malicious technique of tricking a Web user into clicking on something different from what the user perceives they are clicking on, thus potentially revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.
CookieJacking: Is a form of hacking wherein a hacker can gain access to session cookies of an Internet Explorer user.
Camfecting: This is the process of attempting to hack into a person’s webcam and activate it without the webcam owner’s permission. The remotely activated webcam can be used to watch anything within the webcam’s field of vision, sometimes including the webcam owner themselves. Camfecting is most often carried out by infecting the victim’s computer with a virus that can provide the hacker access to their webcam.
Ransomware: Intrusion programs built to get into your computer and take ownership of parts or all of it with attached applications that force you to pay money to the hacker to get your computer back and usable again.
Phishing: Phishing is a type of attack that involves emails that appear to be from legitimate businesses that the user may be associated with. Phishing messages look authentic, with all the corporate logos and formats similar to that of official emails. These messages ask for verification of personal information, such as: an account number, a password, or a date of birth. Twenty percent of unsuspecting victims respond, which may result in stolen accounts, financial loss, or even identity theft.
The Windows platform was designed and built for easy interoperability and networking and therefore left opportunities within the operating systems for all types of auto- and semi-automatic connections to other computers. These weren’t flaws or programming mistakes, it was purposefully built that way.
Their goal was to improve a user’s online experience but it unfortunately also created many vulnerabilities in your system that give others access to your personal information.
Read my other posts relating to this topic and you will learn about things you can do or stop doing that are inviting people and companies of malicious intent into your computer and your life – which you may have thought was private.
Be sure to protect yourself!
Bye for now.