Networking Fundamentals, 3rd Edition page 451

Copyright Goodheart-Willcox Co., Inc. 451 Chapter 15 Network Security Th e macro virus may infect a template fi le like normal.dot and then execute when the user presses a certain combination of keys. Stealth Virus Often, virus creators want their viruses to go undetected by antivirus software. To accomplish this, they may use one or more stealth techniques. For example, sparse infector viruses will only do whatever illicit activity they are programmed to do in- termittently. Th at makes it harder to detect the viruses. In other circumstances, the virus might be encrypted. Th ere are many techniques a virus creator can use to make it harder to detect the virus. Worm A worm is essentially a rapidly spreading virus, as illustrated in Figure 15-4. Most of what is termed a virus today is actually a worm. A typical virus cannot spread automatically. Th ere are many examples of famous worm programs, including ILOVEYOU, MyDoom and Storm Worm. Worms are typically spread through e-mail. Figure 15-4 E-mail is the most common method of transmitting a worm. Using this method, the worm multiplies at an exponential rate. Origin of worm 5 more PCs infected Each PC infects 5 more ... 25 more PCs infected Each PC infects 5 more ... 125 more PCs infected Each PC infects 5 more ... A worm can infect many PCs across the globe very rapidly. (workstation icons) RedlineVector/Shutterstock.com Goodheart-Willcox Publisher Ransomware Ransomware functions initially as a worm then either disables system services or encrypts user fi les. Th e perpetrator or originator of the malware then demands a ransom to release those fi les or services. Th e fi rst known ransomware attack was the 1989 PC Cyborg Trojan, which only encrypted fi lenames with a weak symmetric cipher. Th e notion of using public key cryptography for these attacks was introduced by Adam Young and Moti Yung in 1996. One of the most widely known examples of ransomware is the infamous CryptoLocker. First discovered in 2013, CryptoLocker utilized asymmetric encryption to lock the users’ fi les. Several varieties of CryptoLocker have since been detected. Logic Bomb A logic bomb is a type of malware that initiates malicious activity after some logical condition has been met. Th is can be a specifi c date or time or some condition occur- ring. One example of a condition-based logic bomb is one in which an employee of a 4.4 NET 4.4 NET

Previous Page Next Page

Networking Fundamentals, 3rd Edition Page 451 (473 of 720)

Resources and Downloads

Help