Premium Essay

Malicious Code Attack

In:

Submitted By hstreatjr
Words 520
Pages 3
Week 4: Essay 4.1

Malicious Code Attack

Harold Streat Jr (15813476)

NT2580: Introduction to Information Security

March 2, 2014

DeVon Carter

Malicious Code Attack

The Code Red virus didn't kill the Internet, but it did prove that there is a long way to go in the war against cyber-attacks, and, if the future is anything like the past, it is a war the good guys will never win (Burnett & Gomez, 2001).

The Code Red worm is one example where knowledge of emerging vulnerabilities and implementation of security patches plus overall watchfulness of network activity could have saved many systems from falling prey to a well-publicized attack (Burnett & Gomez, 2001).

The Code Red or Red Wiggler Worm, as it was known, was a self-replicating program designed to consume computer and network resources creating a Denial of Service (DoS) to the user community.

The Code Red worm exploited a known vulnerability in Microsoft Windows NT and Windows 2000, popular operating systems in the business environment. The vulnerability was related to Internet Information Server (IIS), which runs on many Windows-based World Wide Web servers throughout the world. Code Red spread through several variants with mixed effectiveness. As the worm code was mutated, updated and re-released, infection rates increased (Burnett & Gomez, 2001).

The worm began by scanning networks to identify hosts running IIS and accepting information on TCP port 80. Once a valid host was found, the worm attempted to exploit a buffer overflow vulnerability in the IIS Indexing Service. When it was successful, it replicated itself on the infected server and began scanning for more hosts to infect (Burnett & Gomez, 2001).

The original worm defaced web sites while simultaneously attacking hosts. What may have contributed to the infamy of the worm,

Similar Documents

Premium Essay

Malicious Code Attack

...Karen Barber ITM – 5600 – Information and Communications Security Assignment: Summary Report on a Malicious Code Attack Malicious code is the term used to describe any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a computer or system without the owner’s knowledge or consent. Upon entering the system, there are much exploitation of vulnerabilities, like viruses, worms, Trojan horses, spyware, adware, and rootkits. Malicious code is an application security threat that cannot be efficiently controlled by conventional antivirus software alone. Malicious code can either activate itself or activate after a user perform an action, such as clicking on something or opening an email attachment. Malicious code describes a broad category of system security terms that includes attack scripts, viruses, worms, Trojan horses, backdoors, and malicious active content. The Spamhaus Project is a cyber attack that is described as the largest in history apparently starting over an argument over spam. The prolonged denial-of-service assault is targeting The Spamhaus Project; a nonprofit European filtering service that helps organizations to fight spam by weeding out unwanted emails has gone after CyberBunker, a Dutch data-storage company that offers hosting to any websites/content "except child porn and anything related to terrorism." On March 18, 2013, Spamhaus added CyberBunker (whose servers shows “cb3rob...

Words: 728 - Pages: 3

Premium Essay

Malicious Code Attack

...A Trojan horse (also known as a Trojan) is one of several kinds of malware you might find on your computer after a successful virus attack. Trojans are a particularly sneaky kind of malware because they look harmless or even beneficial and trick you into installing them on your system. Trojans fall into the category of “social engineering” attacks because they trick people. Trojans are typically used by cybercriminals for online fraud and theft. Antivirus software and anti-malware help protect you by keeping Trojans off your computer system by recognizing that they’re actually malware. But don’t rely on antivirus software alone. It is called a Trojan horse because the Greeks won the Trojan War by building a hollow horse, filling it with soldiers and leaving it for the Trojans, supposedly as a gift. A Trojan priest was suspicious of the “gift” and said to “beware of Greeks bearing gifts” but the Trojans ignored him and brought the horse through the gates into the city. Later, when the Trojans were asleep the Greek soldiers jumped out, captured the city and burned it to the ground. And so the “Trojan horse” came about. In the world of viruses and malware, cybercriminals create viruses or malware that look harmless or useful but actually aren’t. Just like the Trojan horse, it’s really hiding something that’s meant to attack you once it’s inside your system. Antivirus and security software helps protects you by looking inside the “horse” to see what’s really there. And if your...

Words: 411 - Pages: 2

Free Essay

Dfdgfg

...Report Volume 17 Custom Report SHARE THIS PAGE Symantec blocked a total of over 5.5 billion malware attacks in 2011, an 81% increase over 2010. Web based attacks increased by 36% with over 4,500 new attacks each day. 403 million new variants of malware were created in 2011, a 41% increase of 2010. SPAM volumes dropped by 34% in 2011 over rates in 2010. 39% of malware attacks via email used a link to a web page. Mobile vulnerabilities continued to rise, with 315 discovered in 2011. Only 8 zero-day vulnerabilities were discovered in 2011 compared with 14 in 2010. 50% of targeted attacks were aimed at companies with less than 2500 employees. Overall the number of vulnerabilities discovered in 2011 dropped 20%. Only 42% of targeted attacks are aimed at CEOs, Senior Managers and Knowledge Workers. In 2011 232 million identities were exposed. An average of 82 targeted attacks take place each day. Mobile threats are collecting data, tracking users and sending premium text messages. You are more likely to be infected by malware placed on a legitimate web site than one created by a hacker. Introduction Symantec has established some of the most comprehensive sources of Internet threat data in the world through the Symantec Global Intelligence Network, which is made up of more than 64.6 million attack sensors and records thousands of events per second. This network monitors attack activity in more than 200 countries and territories through a combination of Symantec products and services...

Words: 44470 - Pages: 178

Premium Essay

Software Threat Analysis and Mitigation

...damaging code, denial of service, reducing company productivity. There are many different products, services, and procedures that can provide differing levels of protection against these threats. Threats and Counter Measures A buffer overflow attempts to disrupt the function of an application by providing more data to the program than it was designed to handle. This overflow can cause the application to shut down, but it can also cause more malicious effects. Overflow attacks can corrupt program variables causing the program to behave in a way it was not designed to, these attacks can also overwrite software instructions (Gregory, 2010). Malicious software is a generalized term encompassing many forms of code with varying degrees of damage done to a host system. Some of the more common forms are viruses, worms, Trojan horses, spam, spyware/adware, and bots. All of these malicious codes attempt to gain access to your system to degrade your ability to perform as normal. Viruses attempt to corrupt your system so it is unusable, but must be activated by the user accessing a program with the virus attached. Worms are similar to viruses but do not require a user to access the infected program. Trojan horse files are code hiding behind a false name. Accessing the file will activate it and then the code will execute, stealing data, destroying files, are propagating itself by sending out false emails. An ongoing battle is waged against these forms of malicious code by anti-virus...

Words: 1151 - Pages: 5

Premium Essay

Attack Prevention Paper

...Attack Prevention Paper Introduction Cyber-attacks which are exclusively performed for the only objective of information collecting vary from monitoring the activities which a user makes to copying vital documents included in a hard drive. While those which do harm generally involve monetary thievery and interruption of services. Cyber-attacks are a slowly growing situation which is based on technology. The secret to avoiding this kind of attack is in the applications and programs which one uses for protection which identifies and informs the user that an attack is certain generally known as Cyber Warfare. As stated in the 1st explanation. However dependence and reliance aren't the only items which technology provides. Or an effort to monitor the online moves of people without their permission as the sophistication of cyber criminals continues to increase; their methods and targets have also evolved. Instead of building the large Internet worms that have become so familiar, these criminals are now spending more time concentrating on wealth gathering crimes, including fraud and data theft. An online article from Cyber Media India Online Ltd., suggests that because home users often have the poorest security measures in place, they have become the most widely targeted group. Cyber Media states that 86% of all attacks are aimed at home users (2006). As attacks on home users increase, new techniques are surfacing...

Words: 951 - Pages: 4

Free Essay

Sql Injection Attacks: Techniques and Protection Mechanisms

...Nikita Patel et al. / International Journal on Computer Science and Engineering (IJCSE) SQL Injection Attacks: Techniques and Protection Mechanisms Nikita Patel  Department of Info. Tech. Patel College of Science & Technology Bhopal, India Fahim Mohammed Department of Computer Science Research Scholar NIT Bhopal, India Santosh Soni  Department of Computer Science Patel College of Science & Technology Bhopal, India         Abstract--  When an internet user interacts in web environment by surfing the Net, sending electronic mail messages and participating in online forums lot of data is generated which may have user’s private information. If this information is captured by third party tools and techniques; it may cause a breach in end user privacy. In the Web environment, end user privacy is one of the most controversial legal issues. In this paper issues related to information leakage through SQL injection attacks are presented and protection mechanisms are also discussed.   Keywords: - Privacy, Security, Code Injection, SQL Injection, web application security, Malicious Code, Vulnerability. I. INTRODUCTION As the Internet is growing day by day, most of the people are not aware of security and privacy. Internet is a widespread information infrastructure; it is basically an insecure channel for exchanging information. Web security is the set of rules and measures taken against web security threats. Web privacy is the ability of hiding end user’s information...

Words: 1951 - Pages: 8

Premium Essay

Assignment 1: Identifying Potential Malicious Attack

...Assignment 1: Identifying Potential Malicious Attack CIS 333 Assignment 1: Identifying Potential Malicious Attack Potential malicious attacks and threats that may be carried out against the network include illegally using user accounts and privileges, Stealing hardware and software, Running code to damage systems, running code to damage and corrupt data, modifying stored data, stealing data, using data for financial gain or for industrial espionage, performing actions that prevent legitimate authorized users from accessing network services and resources, and/or performing actions to deplete network resources and bandwidth. Threats to the network can be initiated from a number of different sources, hence the reason for network attacks being classified as either external or internal network attacks/threats. Individuals carry out external threats or without assistance from internal employees or contractors. A malicious and experienced individual, a group of experienced individuals, an experienced malicious organization, or inexperienced attackers (script kiddies) carry out these attacks. Such attackers usually have a predefined plan and the technologies or techniques to carry out the attack. One of the main characteristics of external threats is that they usually involve scanning and gathering information. Users can therefore detect an external attack by scrutinizing existing firewall logs. Users can also install an Intrusion Detection...

Words: 1068 - Pages: 5

Free Essay

Auditing and Compliance Lab 4

...1. What is a PHP Remote File Include (RFI) attack, and why are these prevalent in today's Internet world? RFI stands for Remote File Inclusion that allows the attacker to upload a custom coded/malicious file on a website or server using a script. This vulnerability exploits the poor validation checks in websites and can eventually lead to code execution on server or code execution on website (XSS attack using javascript). RFI is a common vulnerability and all website hacking is not entirely focused on SQL injection. Using RFI you can deface the websites, get access to the server and do almost anything. What makes it more dangerous is that you only need to have your common sense and basic knowledge of PHP to execute this one. 2. What country is the top host of SQL Injection and SQL Slammer infections? Why can't the US Government do anything to prevent these injection attacks and infections? The U.S. is the top host of SQL Injection and SQL Slammer infections. Cybercriminals have made vast improvements to their infrastructure over the last few years. Its expansion is thousands of websites vulnerable to SQL Injections. Malicious code writers have exploited these vulnerabilities to distribute malware so quick that the government cannot contain such a large quantity. 3. What does it mean to have a policy of Nondisclosure in an organization? It is a contract where the parties agree not to disclose information covered by the agreement. It outlines confidential material...

Words: 1109 - Pages: 5

Premium Essay

Attack Prevention Paprer

...Attack Prevention Paper Introduction Cyber-attacks which are exclusively performed for the only objective of information collecting vary from monitoring the activities which a user makes to copying vital documents included in a hard drive. While those which do harm generally involve monetary thievery and interruption of services. Cyber-attacks are a slowly growing situation which is based on technology. The secret to avoiding this kind of attack is in the applications and programs which one uses for protection which identifies and informs the user that an attack is certain generally known as Cyber Warfare. As stated in the 1st explanation. However dependence and reliance aren't the only items which technology provides. Or an effort to monitor the online moves of people without their permission as the sophistication of cyber criminals continues to increase; their methods and targets have also evolved. Instead of building the large Internet worms that have become so familiar, these criminals are now spending more time concentrating on wealth gathering crimes, including fraud and data theft. An online article from Cyber Media India Online Ltd., suggests that because home users often have the poorest security measures in place, they have become the most widely targeted group. Cyber Media states that 86% of all attacks are aimed at home users (2006). As attacks on home users increase, new techniques are surfacing, including the use...

Words: 951 - Pages: 4

Premium Essay

2012 Us Cost of Cyber Crime Study Final6

...third annual study of US companies. Sponsored by HP Enterprise Security, this year’s study is based on a representative sample of 56 organizations in various industry sectors. While our research focused on organizations located in the United States, many are multinational corporations. For the first time, Ponemon Institute conducted cyber crime cost studies for companies in the United Kingdom, Germany, Australia and Japan. The findings from this research are presented in separate reports. Cyber attacks generally refer to criminal activity conducted via the Internet. These attacks can include stealing an organization’s intellectual property, confiscating online bank accounts, creating and distributing viruses on other computers, posting confidential business information on the Internet and disrupting a country’s critical national infrastructure. Consistent with the previous two studies, the loss or misuse of information is the most significant consequence of a cyber attack. Based on these findings, organizations need to be more vigilant in protecting their most sensitive and confidential information. Key takeaways from this research include:  Cyber crimes continue to be costly. We found that the average annualized cost of cyber crime for 56 organizations in our study is $8.9 million per year, with a range of $1.4 million to $46 million. In 2011, the average annualized cost was $8.4 million. This represents an...

Words: 9057 - Pages: 37

Premium Essay

Computer and Virus

...Electronic crime has been responsible for some of the most financially devastating victimizations in society. In the recent past, society has seen malicious editing of the Justice Department web page (1), unauthorized access into classified government computer files, phone card and credit card fraud, and electronic embezzlement. All these crimes are committed in the name of free speech. These new breed of criminals claim that information should not be suppressed or protected and that the crimes they commit are really not crimes at all. What they choose to deny is that the nature of their actions are slowly consuming the fabric of our country's moral and ethical trust in the information age. Federal law enforcement agencies, as well as commercial computer companies, have been scrambling around in an attempt to educate the public on how to prevent computer crime from happening to them. They inform us whenever there is an attack, provide us with mostly ineffective anti-virus software, and we are left feeling isolated and vulnerable. I do not feel that this defensive posture is effective because it is not pro-active. Society is still being attacked by highly skilled computer criminals of which we know very little about them, their motives, and their tools of the trade. Therefore, to be effective in defense, we must understand how these attacks take place from a technical stand-point. To some degree, we must learn to become a computer criminal. Then we will be in a better position to defend...

Words: 1225 - Pages: 5

Premium Essay

Project Part 2 It Security

...Description: Malicious Code and Activity Task Base on the premise that there is a mix of computers running Windows 2000, Windows XP, Windows Vista, Windows 7, and Mac OS X, you must research and devise a plan to thwart malicious code and activity by implementing countermeasures and prevention techniques for dealing with viruses, worms, logic bombs, Trojan horses, and other related forms of intentionally created deviant code. Introduction Malicious software is written with the intent to damage or infect the system of Richman Investment. Malicious code or software is a threat to any internet-connected device or computer. The main goal of the attack is to affect one of the three information security properties which are Confidentiality, Integrity, and Availability. Confidentiality is affected if the malicious software is successful at disclosing private information. Integrity is compromised if the malware can modify database records either immediately or over a period of time. Availability is affected if malware can erase or overwrite files or inflict considerable damage to storage media. SSCP® Domain Affected Malicious Code and Activity This domain examines the types of Malicious Code and Activities that can threaten the confidentiality, integrity, and availability of a system or information. The SSCP is expected to be familiar with the various types of Malicious Code and know how to implement effective countermeasures to prevent malicious code from operating...

Words: 953 - Pages: 4

Premium Essay

Are Closed Digital Training Networks Vulnerable to Hackers?

...Are Closed Digital Training Networks Vulnerable to Hackers? Thinking Like a Hacker: Infiltration Seemingly, one of the things that a closed digital training networks would be almost invulnerable to is infiltration. Typically when one hears the word infiltration it conjures up images of a hacker sitting in a dark room, slumped over a keyboard of course, hacking into a Defense Department computer thousands of mile away. It is important to realize, especially with respect to a closed digital training network, that an insider attack is much more likely to occur. In his definition of an insider attack Einwechter describes that it is “a crime perpetrated by, or with the help of, a person working for or trusted by the victim.” (2002). In the case of a closed digital training network like the one this student works with the attacker might be the students, other instructors, or fellow contractors, essentially anyone who has access to the systems. Thinking like a hacker, how would one infiltrate closed digital training network? Well, sometimes one not even need to be a hacker to stumble upon unauthorized or restricted documents. Usually the weaknesses of a closed network are going to lie with access and account rights. Granting proper account rights consists of the administrator weighing what kind of access is appropriate to give to the type of user. In a larger environment where an administrator is in charge of hundreds of systems this task might be very difficult. As stated...

Words: 2338 - Pages: 10

Free Essay

Cyber Attack Prevention

...Cyber-Attack Prevention As cyber-criminals become cleverer with the cybercrimes, more and more individuals are in danger of a cyber-attack. The threats become more intense and damaging as technology grows. Often times, home users think computing and surfing the Internet is safe when at home. It is a necessity to be aware of the prevention methods whether at home or at work. To further the comprehension of cyber-attack prevention, an article is chosen and an evaluation is the article. The evaluation of an article will include a stance on the quality of the material, selections of various aspects, descriptions of each aspect, reasons for an individual viewpoint, and an example. Article Summary Home users need to practice prevention methods when using the Internet at home. Cyber-criminals’ methods and targets have evolved (Damico, 2009). Several home users may not be aware that any connection to a network is networked activity and requires some measure of protection. According to the Damico (2009) article, a prevention system must identify and stop malicious attacks before they do damage and have a chance to infect a system. It is not only imperative to use prevention methods, but also it is imperative to understand prevention methods. Technology prevention methods will no longer be adequate to protect against the modern cyber-criminals of today. Material Quality The quality of the material is credible. The article is valid. The author uses more than one in-text citation...

Words: 722 - Pages: 3

Premium Essay

Nt1310 Unit 7

...in AODV protocol, the malicious flooding attacker floods the route request packets through the victim node symbolizing as setting up a path. Following the path establishment, the attacker floods data packets through the victim node for paralyzing the node. As the packet size of these data packets is much larger than the route request packet, the victim nodes get congested easily. The attackers consume the battery power of the victim node, thus separating them from the network. Hence, the malicious flooding attack leads to denial of service (DoS) attack on the victim node. Thus, there is worsening in the act of processing the valid packets at the victim node. As the malicious flooding attack congests the victim node as well as the entire network, it is very harmful to the mobile ad hoc network. Also it is very difficult to avoid this attack when it is caused by the multiple attackers. The flooding and packet dropping attacks preventing the network service availability result in ineffective secure routing....

Words: 595 - Pages: 3