The network poltergeist.The IT industry isn't as boring and technically obsessed ob·sess v. ob·sessed, ob·sess·ing, ob·sess·es v.tr. To preoccupy the mind of excessively. v.intr. as many outsider believe. Viruses and malicious hacker A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes. threats in particular have been increasingly sensationalised in the popular press, squeezing the issues gradually into the public consciousness. Causing a big stir is the prevalence of Adware and Spyware which steal processing power and track users footprints around the Internet. This group of 'Grayware' applications has plagued home and SMEb users, and is now becoming an extremely serious matter for enterprises too--turning more invasive and sinister by the day. Security is the one aspect of IT that regularly grips imaginations, IT used to be a black art that' people over there' dealt with. Now it's at the boardroom level and everyone and their dog has an interest in how company data is being protected. Grayware You could well argue that Grayware--the collective term for the family of Adware, Spyware, Diallers, Hijackers, Key-Loggers and other 'Ghost' Programs that are perpetually installing themselves onto every PC on the planet--is the new Spam. Like Spam, Grayware been around for a while and in many forms it's pretty harmless stuff that irritates more than infiltrates Infiltrates Cells or body fluids that have passed into a tissue or body cavity. Mentioned in: Eosinophilic Pneumonia . Like Spam, its reached a stage where we all got it, its causing some extremely troubling effects, and it's time It's Time was a successful political campaign run by the Australian Labor Party (ALP) under Gough Whitlam at the 1972 election in Australia. Campaigning on the perceived need for change after 23 years of conservative (Liberal Party of Australia) government, Labor put forward a enterprises took it more seriously. Many of the most threatening impacts of Grayware, such as usage pattern tracking, invasion of privacy invasion of privacy n. the intrusion into the personal life of another, without just cause, which can give the person whose privacy has been invaded a right to bring a lawsuit for damages against the person or entity that intruded. and information theft can remain unseen and are all possible without the user having to consciously open, download or execute any applications. Just visiting a web site harbouring this technology is enough to become a victim. Unwitting use of Grayware can compromise valuable information such as credit card numbers, passwords, and even a users identity. Other than the generally familiar Adware and Spyware, here are some examples of Grayware threats in the wild: * Key Loggers--perhaps one of die most dangerous Grayware applications, installed to capture the strokes made on a keyboard. These applications can be designed to capture user and password information, credit card numbers, email, chat, instant messages, and more. * Dialler--used to control the PC's modem. These applications are generally used to make long distance calls or call premium numbers to create revenue for the thief. * Hijackers--can manipulate the Web browser The program that serves as your front end to the Web on the Internet. In order to view a site, you type its address (URL) into the browser's Location field; for example, www.computerlanguage.com, and the home page of that site is downloaded to you. or other settings to change favorite or bookmarked sites, start pages, or menu options. Some hijackers have the ability to manipulate DNS (Domain Name System) A system for converting host names and domain names into IP addresses on the Internet or on local networks that use the TCP/IP protocol. For example, when a Web site address is given to the DNS either by typing a URL in a browser or behind the settings to reroute DNS requests to a malicious DNS server A dedicated server or a service within a server that provides DNS name resolution in an IP network. It turns names for Web sites and network resources into numeric IP addresses. DNS servers are used in large companies, in all ISPs and within the DNS system in the Internet, a vital service . * Network Management Tools--designed to be installed implicitly for malicious purposes. These applications are used to change Tools network settings, disrupt network security, or cause other forms of network disruption. * Remote Administration Tools--allow an external user to remotely gain access, change, or monitor a computer on a network. * BHOs -DLL files that are often installed as part of a software application to allow the program to control the behavior of Internet Explorer Microsoft's Web browser, which comes with Windows starting with Windows 98. Commonly called "IE," versions for Mac and Unix are also available. Internet Explorer is the most widely used Web browser on the market. It has also been the browser engine in AOL's Internet access software. . Not all BHOs are malicious, but they can track surfing habits and gather other information stored on the host. * Toolbar A row or column of on-screen buttons used to activate functions in the application. Many toolbars are customizable, letting you add and delete buttons as required. Toolbars may be fixed in position or may float, which means they can be dragged to a more convenient location in the Trackers--installed to modify the computer's existing toolbar features. These programs can be used to monitor web habits, send information back to the developer, or change the functionality of the host. * Downloaders--installed to allow other software to be downloaded and installed without the user's knowledge. These applications are usually run during the startup process and can be used to install advertising, dial software, or other malicious code. They can also disable To turn off; deactivate. See disabled. existing desktop-based anti-virus programs, leaving the computer immediately prone to infection--duping the user into unwittingly switching it off. The most imperative step against this family of threats is user education, starting with established policies that prohibit downloading and installing applications that are not approved by the company. Jonathan Mepsted, Fortinel |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion