Types of computer viruses and protection techniques (theory)

Types of computer viruses

  • Salami shaving - A technique where small amounts of money are siphoned off from numerous transactions without being noticed.
  • Denial of service attack - An attack that floods a network or service with excessive requests, causing it to crash or become unavailable.
  • Trojan horse - A malicious program disguised as legitimate software that allows unauthorized access or control of a system.
  • Trapdoors - Hidden vulnerabilities or backdoors intentionally left in software to allow unauthorized access.
  • Mail bombing - Flooding a user's email inbox with a massive volume of messages, often to overload or disrupt their email service.
  • Software piracy - The unauthorized copying, distribution, or use of software without proper licensing.
  • Piggybacking - Gaining unauthorized access to a system by exploiting an already authorized session or connection.
  • Phishing - A scam where attackers trick users into revealing sensitive information, such as passwords or credit card numbers, via deceptive emails or websites.
  • Defacing - Unauthorized modification of a website, often to display malicious or misleading content.
  • Hijacking - Taking control of a user's session, system, or communication channel without permission, often for malicious purposes.
  • Rootkits - Malicious tools designed to hide the presence of malware and allow persistent unauthorized access to a system.
  • SQL injections - A code injection attack that exploits vulnerabilities in an application's database query to execute malicious SQL commands.
  • Dialer exploits - Malicious programs that manipulate modem settings to connect to premium-rate numbers without the user's consent.
  • Spyware - Software that secretly gathers information about a user's activities, often for malicious purposes like identity theft.
  • Keyloggers - Malicious programs that record keystrokes to capture sensitive information, such as passwords and credit card details.
  • Crimeware - Malware designed specifically for illegal activities, such as stealing data or conducting financial fraud.
  • Adware - Software that displays unwanted advertisements, often bundled with legitimate programs and used to generate revenue.

Protection techniques

  • Firewalls - Systems that monitor and control incoming and outgoing network traffic based on predetermined security rules.
  • Antivirus software - Programs designed to detect, prevent, and remove malware from systems.
  • Intrusion detection systems (IDS) - Tools that monitor network or system activities for malicious behavior and policy violations.
  • Penetration testing (pen-testing) - Simulated cyberattacks conducted by ethical hackers to identify vulnerabilities in systems or networks.
  • Encryption - Converting data into a secure format that is unreadable without a decryption key, ensuring data privacy and security.
  • Multi-factor authentication (MFA) - Enhancing security by requiring multiple verification methods before granting access to a system.
  • Patch management - Regularly updating software and systems to fix vulnerabilities and improve security.
  • Security awareness training - Educating users about best practices to recognize and avoid potential security threats.
  • Vulnerability scanning - Using automated tools to identify weaknesses in systems, networks, or applications.
  • Network segmentation - Dividing a network into smaller parts to limit access and contain potential breaches.
  • Access control - Restricting user access to systems or data based on roles and permissions to minimize risks.
  • Data backups - Regularly creating copies of critical data to ensure recovery in case of data loss or corruption.
  • Secure coding practices - Writing software with security in mind to minimize vulnerabilities and exploits.
  • Web application firewalls (WAF) - Protecting web applications from attacks like SQL injections and cross-site scripting.
  • Endpoint detection and response (EDR) - Monitoring endpoints like computers and mobile devices to detect and respond to security incidents.
  • Penetration testing frameworks - Tools like Metasploit or Burp Suite are used for ethical hacking and security testing.
  • Security Information and Event Management (SIEM) - Platforms for real-time analysis of security alerts generated by network hardware and applications.
  • Zero trust architecture - A security model that assumes no user or device is trustworthy by default, enforcing strict access controls.
  • Physical security - Protecting physical infrastructure, such as data centers and devices, from unauthorized access or tampering.