When we read about hacking in the news, we usually hear that massive corporates or government departments have been breached and some kind of corporate database has been stolen. We truly live in the age of the data breach , were hackers break into an organization’s infrastructure and purloin millions of records of personal information, either from their customers or internal staff.
Some of the biggest breaches of recent times, such as Target, Sony, Anthem, and the US Office of Personnel Management , have garnered massive media attention, however what we don’t normally usually hear in the news coverage (or at least without digging a little deeper) are details relating to how the hack occurred. How did the attacker infiltrate the company network, what vulnerabilities were exploited, what flavor of malicious software (malware) was employed by the attackers and what countermeasures were in place that may have been bypassed or failed? These questions are the kind of questions that security managers and security staff need to be asking, since putting yourself in the role of an attacker is by far the best way to ensure that you see how your organization could be attacked.
Viruses, worms, Trojan horses, rootkits, spyware, adware—the list goes on. In our modern computing environment , especially when hooking into the Internet, you’ll be bombarded by an expansive collection of technical threats, each of which is ready to strike at the heart of your computer system, preparing to steal your information, take control of your computer, or deny you of its service. To remain productive, these threats need to be kept at bay; however, the landscape is confusing. How do you know if you’ve plugged all the holes, bolstered the network, fortified the servers, and made sure your users are safe? Furthermore, what are all these different kinds of malware and how do they operate? Do they act autonomously or can these malware types integrate with other kinds to collaborate on making the threat greater than any individual hazard? Let’s start by looking at the different classes of malware and how they operate.