I promise this isn’t a lecture about being safe when you’re storming the city on a Friday night. But just as you would always pay attention to your surroundings and make smart decisions, the same applies to the digital world. People hardly realize just how many threats there are when using electronic devices, especially when said devices are connected to the Internet. Information security, as it is commonly referred to in computer science, is vital to your life as a college student because you share so much online and all that information is ultimately vulnerable to possible attacks.
If you’re lost, let me fill you in on some vocab words to get us started. In information security a “threat” is anything that is potentially harmful. A “vulnerability” is a weakness in a system, which can be anything from a flaw in a piece of code to an easily guessable password. Another word that you’ll need to know to best understand this article is “exploit.” To exploit means that an attacker is targeting a vulnerability. Also, I wanted to point out that I am purposefully capitalizing Internet because it refers to the specific international network of networks as opposed to some arbitrary network of interconnected devices. This distinction isn’t that big of a deal anymore because the Internet is so prevalent, but in the IT world it is almost always capitalized.
Okay, now that we’re all on the same page, I’ll leave you to educate yourself on some of the most common – yet often overlooked – security threats and vulnerabilities that a college student could face at any given time.
Malware. Even if you have no idea what this is, you can probably tell by just reading the name that it’s not good. Malware is short for malicious software, and enters your computer without your knowledge. It then infects your system, hides itself, and does its damage. There are several types of malware that behave differently, and I’ll cover the most common.
Viruses. A virus in computer science is actually very similar to a virus in the natural word: an infection that replicates itself on the same host. When referring to a computer virus, the “infection” is malicious computer code and the “host” is any computer-like device (which, incidentally, is still called a host in computer science). The virus reproduces by inserting itself into a computer file and does its damage when the infected file is opened. Much like a biological virus, a computer virus needs human interaction to infect other machines, so the virus usually gets in through an e-mail attachment or a file saved on a USB and then quickly spreads within that computer. Therefore, you should always be wary of any files you might open, especially those sent from unknown or untrusted sources. Most computers with basic security software do a scan of any attachments before allowing you to open them, but still be aware of what you’re opening and from whom.
Worms. I think I can confidently say that worms are pretty much universally grody. No one has ever bragged about having a worm – except maybe a pet worm. Do people do that? Anyway, the same goes for worms on your computer. A worm is a malicious program that enters your computer by exploiting a vulnerability. Once it gets in, it searches for the same opening on other devices attached to the network. Once it finds a similar vulnerability, the worm sends copies of itself to the other computers, and the process repeats. Worms can do anything from deleting files to allowing an attacker to remotely control your computer. Not a fun time.
Spyware. I’ve always just assumed that spyware is short for spy software. It sounds super cool, but make no mistake: it’s not. Spyware is tracking software that enters your computer without notice, and collects and distributes personal information. Often, spyware can change privacy or system security settings and track usage. Some of the biggest signs of spyware include a slow computer, new browser toolbars or menus, a different homepage, and/or more pop-ups.
Social Engineering. Contrary to popular belief, this is not a program in your college’s School of Engineering, so don’t go changing your major. Social engineering is the broad term for gaining information through people, and usually involves psychological and/or physical tactics to persuade individuals to provide information or do something that they wouldn’t normally do. There are a bunch of different methods, and I personally think their names are hilarious.
Spam. Okay, this one isn’t that funny, but it’s one of the most common vehicles for malware distribution, bombarding you with annoying and unwanted e-mails. In case you wanted to know, spim refers to spam targeting instant messaging users. That’s kind of funny, right?
Phishing. I don’t know who decided on the spelling of this word, but I’d like to think it’s the same person who made “phat” cool in the mid-80s. Phishing is carried out through an e-mail or pop-up that claims to be from a legitimate source. Totes legit, right? Wrong. The hope is that you will give up private information, and it can be pretty convincing. Your campus IT services might periodically send out e-mails warning you about known phishing scams, but you should always be on the lookout, and the general rule of thumb is to never give information to any individual or organization that you don’t know or trust.
Pharming. I promise this is a real thing! Pharming is essentially the same as phishing but automatically redirects you to a fake site where you would enter your log-in information and the attacker would then use your credentials to impersonate you on the real site. A while ago PayPal customers were affected by a pharming scam, where they were told that their account information had to be provided to “resolve technical difficulties,” and when someone clicked the link, they were redirected to a fake site.
Also, just for kicks and giggles, there are other social engineering approaches such as spear phishing (targeting people through personalized e-mails), whaling (targeting ”big fish” like celebrities and wealthy people), and vishing (phishing via the phone). Computer scientists think they’re hilarious.
Web Application Attacks. This is a very broad category of attack, and I don’t want to get too detailed for fear of putting you to sleep, so I’ll just say that they target users browsing the Internet.
Drive-by download. No actual automobile is needed for this kind of attack, but in a drive-by download your computer gets infected just by visiting a website. Usually to avoid being obvious, an attacker will essentially hide the malicious code in a thing called a ”zero-pixel” that is an embedded page with dimensions of zero by zero, so it’s effectively invisible. When you visit an infected site, your browser automatically downloads the script – a chunk of code – and is directed to the attacker’s website so that you download the malware. This is why some browsers will ask if you want to view only the secure content to avoid the possibility of this type of attack.
Cookies. You’ve probably seen this word a lot from using your browser, and it’s true that they’re not inherently bad. Ideally, they are merely files stored on your computer that a website can retrieve later to make it easier for you browse the site. Cookies store information such as usernames, purchase history, and search history. When you visit that site again, it will have all that information ready to go, which is convenient for both you and the organization to track your preferences. That said, even the most harmless thing on the Internet becomes awful if given enough time, and cookies are no exception. Some sites use cookies from advertisers or other third-parties. Have you ever noticed when you search for something random and then later an ad on another page is oddly similar? Yeah, that’s due to third-party cookies. Even worse, cookies with the best intentions can be stolen and used to impersonate the person who viewed a site. So pretty much the question remains: who stole the cookie from the cookie jar?
(All information is from the Security+ Guide to Network Security Fundamentals by Mark Ciampa.)