There are many necessary technical services required for operating an internet. The required services are routing, addressing, domain naming, and database management. Without these services, the internet is not possible. These services of the internet are also primary targets for cybercriminals.
Cybercriminals use a different technique to capture data stream over a network. These techniques put in dangers all sensitive data, like username, password and credit card information. These techniques included botnets, DDoS, hacking, malware, pharming, phishing, ransomware, spam, DNS Spoofing, and Man-in-the-Middle. Criminals also used these techniques for monitoring and recording all information coming across a network. Following is the short explanation of the above technique.
Botnets
Botnets are largely undetected because it is a collection of software robots, or 'bots', that creates a group of infected computers known as “zombies” that are remotely controlled by the originator of the robots. You may be one of them and you may not even know it
Distributed denial-of-service (DDoS)
A distributed denial-of-service attack or a DDoS attack is an attack when an infected user gets a network of zombie computers to sabotage a specific website or server. The attack occurs when the malicious user tells all the zombie computers to connect to a particular server or a website again and again. That increase the volume of traffic on that specific server or a website resulting overloading that slow the server and website for legitimate users, sometimes the website or server shuts down completely. By using a malicious user computer the attacker can take advantage of security vulnerabilities and weaknesses and could take control of your computer. The attacks are "distributed" because the attacker is using several computers to launch the denial-of-service attacks.
Hacking
Hacking is an expression used to explain actions taken by someone to gain unauthorized access to a computer. This is a process by which cybercriminals gain access to any computer connected to the internet.
Pharming
Pharming is a type of online fraud. It's meant to point the user to a malicious and illegitimate website by redirecting the legitimate URL. Even if the address is entered correctly, it can still be redirected to a fake website.
Phishing
Phishing is easy to execute and its required very little efforts therefore many cybercriminals use phishing. Criminals sent fake emails, text messages and created a website looking authentic. They use email, messages, and website to steal personal and financial information from users. This is also known as spoofing.
Ransomware
Ransomware restricts access to the users own computer and files. It is a type of malware that displays a message and demand payment to remove the restriction from computer and files. The email contains a malicious attachment and pop-up advertisement is the most common type of ransomware infection.
Spam
Spam is another common method of sending information out and collecting it from unsuspecting people. The spam distributes unsolicited messages, advertising or pornography to the addresses that are easily available on the Internet through like social sites, company websites and personal blogs.
Spoofing
This technique is often used in conjunction with phishing in an attempt to steal information. Domain Name Service (DNS) translates an IP address into name and Domain name into IP address, such as www.networkustad.com, into its numerical IP address and vice versa. If a DNS server does not know the IP address of the required domain, it will request another DNS server. Using DNS spoofing, the cybercriminal introduces fake data into a DNS resolver’s cache. These attacks develop a weakness in the software of the DNS system that causes the DNS servers to forward traffic for a particular domain to the criminal’s computer, instead of the valid owner of the domain.
Man-in-the-Middle attack.
They also use irregular devices, for example, unsecured Wi-Fi devices and access points. If the criminal installs unsecured Wi-Fi near a public place, unsuspecting individuals may sign in to these devices and the packet sniffer copies their personal information.
Packets forgery or packet injection interferes with an established network communication by constructing packets become visible just they are the part of a communication. It allows a criminal to interrupt or catch real packets. With this process, a criminal can hijack an authorized connection or denies an authorized person able to use assured network services. This is called a man-in-the-middle attack.
No comments:
Post a Comment