Computer Security - Types Of Computer Security Problems

TYPES OF COMPUTER SECURITY PROBLEMS

As the need for high levels of computer security became increasingly apparent to business owners, many began to earmark additional dollars for security technology and for staff to oversee security measures. By then, the most popular form of attack was the denial of service (DOS), which simply overloads a network system until it crashes. For example, a DOS attack on online auction giant eBay in February 2000, which involved sending the site a barrage of fake requests for Web pages, caused eBay's system to crash. Similarly, CERT's Web site was shut down for two days after a myriad of fake information requests overloaded its system. A DOS known as a worm began gaining significant media attention in 2001. In July of that year, the worm entitled Code Red began attacking Microsoft Internet Information Server systems. Code Red infected servers running Windows NT 4, Windows 2000, Windows XP, and IIS 4.0, and it replaced Web site content with the phrase "Welcome to www.worm.com Hacked by Chinese!" The damage caused by the Code Red worm was estimated at $1.2 billion. As Alex Salkever stated in a May 2001 BusinessWeek Online article, these types of attacks are commonplace. "According to a study released last week by scientists at the University of California-San Diego's supercomputing facility, more than 4,000 DOS attacks happen each week. The most sophisticated and serious last for days as dozens, hundreds, even thousands, of hijacked 'zombie' computers pour forth an unceasing barrage of Web-page requests, all unbeknownst to the machines' owners."

Mail bombs behave in the same manner. However, they target a network's mail server with the goal of shutting down e-mail service by overloading the system. Hackers targeting networks may also attempt to gain access to secure areas containing sensitive data, such as credit card numbers or social security numbers. A security breach of this type can cause serious damage to a business or institution since data files can be not only copied, but also deleted. AOL became victim to this type of attack in the late 1990s when teenagers from Wichita, Kansas, successfully hacked AOL's network and used the credit card numbers they found there to purchase video games.

Other types of attacks on computers include viruses and Trojan horses. A virus is a program designed to affix itself to something within a computer, such as a file or boot sector, and begin reproducing itself. A file virus, like the Friday the 13th virus that originated in the late 1980s, attaches itself to an executable file—one that controls applications—and begins overwriting parts of the file. Roughly two-thirds of all virus attacks involve boot sector viruses, which are harder to detect than file viruses because they make no discernible impact on a system until they actually attack. Boot sector viruses are quite often designed to overwrite an entire hard drive. A virus also might be designed to use all of a computer's resources and prompt it to crash. Two of the most popular transmission methods for viruses are floppy disks and e-mail. For example, the "I LOVE YOU" and the "Love Bug" viruses that appeared in May of 2000 were circulated via e-mail. The resulting damage to individuals, companies, and institutions was judged to be nearly $10 billion. Like viruses, logic bombs attack computer files and hard drives. Quite often, hackers use a Trojan horse to gain initial access to computers. Trojan horses are disguised as harmless programs, but once executed might release a virus or even a worm.