Cyber Attacks And The Best Antivirus To Fight Them Off
Modern type of virtual threats
Cyber attacks are like attempts to make changes in computer system work or networks, to deactivate them, to cause damages, and even to delete information or programs stored there or which they send.
Just imagine one situation: a group of qualified computer criminals using the Internet to intercept control over many computers and unite them into networks. These computer networks, known as botnets, launch a huge amount of destructive programs that created against some country. In few minutes official websites of military, financial and commercial institutions, ATM machines and telephone lines stop working absolutely. Aircrafts cannot take off; security computers of a nuclear power plant get out of order. How will people react? What will they do? What will you do in this case?
Such situation looks like a scenario of a fantastic movie. However, according to Richard Clark (a coordinator on security problems, antiterrorism protection and US infrastructure protection) it can possibly happen in real life with anyone. Furthermore, attacks have been already conducted. Perhaps, you were there as well.
Why do criminals activate attacks? How do attacks work? How to protect ourselves?
We are going to look upon these burning issues and find good solutions to stay defended.
People use these virtual instruments because of different reasons. For example, terrorists or governments can get into computer networks of enemies and steal secret data or damage equipment that is controlled by these networks. In 2010 William J. Lynn (a former US Deputy Secretary of Defense) admitted that “enemies” many times were attacking US secure computer networks and stealing “thousands of files… including weapon projects, operation plans, secret service information.”
Computer culprits use such-like methods to steal intellectual property or financial data from united networks or personal computers. According to reports of some resources, each year, owing to frauds in the Internet, scammers make a large profit of billion dollars.
For the purpose of attacks realization hackers use a whole army of computers to which they got access. In 2009 one company that always worries about information security exposed a criminal gang that was controlling the global network of two millions of computers from a distance. Many of those computers belonged to private persons. In pursuance of recent evaluation of Organization for Economic Co-operation and Development (OECD) one out of three computers connected to the Internet is controlled by a hacker.
What do you think about your computer?
In concordance with some data, in 2011 hackers knew more than 45,000 vulnerable places in computer programs. Using these vulnerabilities, criminals try to install malicious software on somebody’s computer behind owner’s back. Hackers use accessible computers to implement cyber attacks.
How do hackers organize attacks? Sometimes it goes after one click when opening a simple, at the first sight, letter. From the moment of infecting just one computer by a harmful program to the first unsanctioned equipment shutdown can pass away about five months. All this time the virus examines the company infrastructure, defines the most vulnerable places and hits in the most sensitive and critical point. Nobody notices anything during this attack.
Current attacks on infrastructure are not just boldness of enthusiasts that trying to assert themselves by means of inbreak of any website or infecting other computers. Cyber crimes are very good branched business with own customers, investments, division of zones of responsibilities and various instrument for realization.
Competitors interested in lowing profits or reputation losses may be customers. It happens often when customers or final beneficiaries are governmental bodies such as domestic or external intelligence organizations of other countries.
Here are examples of famous attacks:
• Titan Rain (2004-2007) that caused damages to chain of US security, energy and defense departments.
• Author Operation. American Google and Yahoo, Adobe Systems, Symantec, Juniper Networks Rackspace, Northrop Grumman and Morgan Stanley were victims of the attack.
• Attacks on Exxon Mobil, ConocoPhilips and Marathon Oil led to data breach on world reservoirs of oil, investment plans.
Computer worms – harmful programs that automatically spreading from one computer to another through the Internet. These viruses get names as other deleterious programs, for instance, Slammer. Hackers often use worms for executing attacks inside of any network. Let’s examine few examples of such worms in computer history.
2003. The computer worm Slammer quickly was spread in the Internet damaging almost 75,000 computers in ten minutes. The Internet speed has fallen close to zero: ATM machines and many websites stopped working; airplanes could not take off, and even computers and computer-controlled security systems on one nuclear power station were disabled.
2007. A whole series of attacks happened in Estonia. They were directed on governmental computer system, mass media, and also on bank institutions. Most of those attacks were conducted from networks (botnets) that contained more than one million of computers in 76 countries. All these machines attacked mentioned targets by sending avalanches of false information requests.
2010. The hi-tech computer worm Stuxnet attacked control systems over the production process on a nuclear power station in Iran.
Interactive maps of current cyber attacks in real time
There are many interesting resources demonstrating ongoing cyber attacks all over the globe in real time, so let’s study some of them.
“Find out where you are on the Cyberthreat map” - it is a colorful practical map for reviewing and it is created by Kaspersky.
“Top Daily DDoS Attacks Worldwide” - The resource Top Daily DDoS Attacks Worldwide produced by Google does not fall behind in demonstrativeness from competitors – everything looks great and informatively. There is also a gallery of “nice attacks” and a sampling news frame on attacks.
“FireEye Cyber Threat Map” - The map designed by FireEye. This map by itself is less informative, but it is colorful and also you can subscribe for putting on a mailing list to know about recent big attacks.
“Cyberfeed Live Botnet Map” - The project by AnubisNetworks shows the statistic of infecting including the rate of botnets (zeus, andromeda and more).
“Real-time Web Monitor” - Developers from Akami do not trail away and the service Real-time Web monitor proves that. By the way, they also have other visual maps and columns.
“Norse Live Attack Map” - Once the American company Norse put many honey pots, opened ports and other goodies and made the resource Norse Live Attack Map, where the company showed that the whole world carves up their honey pots (especially China).
The map shows visually attacks around the world.
Even the large news portal Daily Mail made a reference in its article to the resource Norse Live Attack Map. Actually it stands to mention, this map is developed qualitatively, beautifully and really it can give useful information.
“Security Tachometer” - is from the large European telecommunication company Deutsche Telecom. Slightly palish sober-sided overviews frighten away, however, it has advantages – few types of statistics. It helps to set sensor devices to track down attack’s activity.
“Global Activity Maps” - the ATLAS project by Arbor Networks is a good service; users are able to download attack, scan and botnet reports in different formats, if the service is visually poor though.
“Global Botnet Threat Activity Map” - the map by the famous company Trend Micro. Optically it is meagerly, just few graphs on botnets.
“Internet Malicious Activity Maps” - the work by Team Cymru Research. Developers made moves of daily activity; as a result, it came out cheap and stingy.
“F-Secure Global Maps” - visually colorful and variegated maps by the company F-Secure – Globe and VirusMap.
“Frontier Threat Map” - one more good map by FortiNet. Animations look like in video games.
“ThreatCloud World Cyber Threat Map” - the new resource designed by CheckPoint.
It is effectively to react on the attack that was realized than to carry out an emergency operation. More important still do not let malicious programs damage the computer system severely. It is hardly possible to fight focused attacks off if there are no preventative measures, good antivirus software downloaded from official websites, considered scenarios of ant-crisis acts, trained and informed employees.
Significant steps for computer protection of users:
1. Install an antivirus program on your PC, and also a firewall, and a program that detecting spyware. Regularly update these programs with new security methods for your computer operating system.
2. Think carefully before opening any link or an attachment in an electronic letter or in an instant message, even if they are from your friends. Pay close attention to a message which you do not expect and where is a request for private information or passwords.
3. Never startup unknown programs.
4. Use passwords that, at least, consist of eight signs, including numbers. Time after time change them. For each account create a different password.
5. Business and financial operations through the Internet execute only with those companies that have good reputation and use encrypted connection for data transmission.
6. Do not send own confidential information or your accounts when using unprotected Wi-Fi connection, for example, in public places.
7. Turn off your computer if you do not need to work on it.
8. Always create reserved file copies and make sure that they can be stored safely.
As it was said before, hackers often penetrate into systems of different big private companies and governmental institutions.
In this case official organizations have to be ready for cyber attacks and know what to do for prevention.
1. Employees have to be instructed about how to respond if they received a suspicious letter. Workers are supposed to know that infected files can be in simple office documents (PDF, Word, Power Point, Excel and so on) or in a link for an outer web resource in an electronic letter: if they are opened, it will cause damages to company’s infrastructure.
2. Work urgent organizational and technical measures out for lowering of possible attacks:
- limit accessibility of business servers and systems (access to the Internet, electronic mails and others) in technological infrastructure.
- reconsider organizational management of administrative staff with privilege access rights.
- block possibilities for downloading of executed files from the Internet and startup of illegal software on working computers of employees.
- work on long-term and system security methods.
Is there a chance that cyber attacks disappear?
Taking into consideration the fact that all people and countries depend on computer technologies increasingly, apparently, there will be more and more cyber attacks. For this reason many countries try to strengthen their information security, and some conduct large-scale reliability tests of own computer network. “By the long stretch of the imagination, and also having time and money, any persistent opponent can always get into an attacked system,” Steven Chabinsky (deputy assistant director for the FBI’s Cyber Division) said.
There are many antivirus instruments protecting against cyber attacks: some are better and some are not. The top software solutions are designed by Intel’s McAfee security division, Kaspersky Labs and Symantec. Simulated attacks on systems that were under Kaspersky and MacAfee protection broke into them in 2 day. Symantec showed the best result: it could hold the line for couple days. Although reliable antivirus programs are good to detect possible threats, it is more important to keep an eye on what is going on a company network or your own one.