Principles of Cybersecurity, 1st Edition page 46

Copyright Goodheart-Willcox Co., Inc. 46 Principles of Cybersecurity Software Vulnerabilities Malware often exploits vulnerabilities in software. Hackers use uncorrected vulnerabilities to cause harm or steal private information. It is important to under- stand software vulnerabilities. Zero-Day Vulnerability A zero-day vulnerability exists in software when it was released and remains unknown until it is exploited by hackers. Because it is unknown to the developer, there is no immediate fi x or patch usually available. It is diffi cult to protect against an unknown vulnerability. The best defense is to keep the system and software patched. Also, monitor forums and support logs for announcements about zero-day attacks so immediate action can be taken. Many software develop- ers have bug-bounty programs in place to try to identify zero-day vulnerabilities. An example of a zero-day attack occurred in March of 2017. Cisco discovered that 318 types of its devices had a zero-day vulnerability in the fi rmware. This allowed the possibility of a remote attacker accessing a device without having login credentials and being able to take full control of the device. Firmware Firmware is essentially software that is embedded in hardware. An example of this is the wireless router software used to confi gure and manage wireless net- works. Manufacturers occasionally release patches for fi rmware. Cybersecurity technicians should not forget about updates on devices with embedded fi rmware. Routers, switches, computers, and many IoT devices are only updated through their fi rmware. Failure to update these devices can cause serious harm. For example, the Food and Drug Administration (FDA) issued a safety communication on certain models of cardiac pacemakers. The fi rmware addressed the vulnerabilities of cyber- attacks that could interrupt the functionality of some pacemakers. If the pacemakers were to be hacked, the safety of individuals wearing them would be at risk. Other Security Threats There are many security threats beyond malware. These include keyloggers, adware, cookies, and social engineering. It is important to understand each of these threats. Keyloggers A keylogger is technology that tracks a user’s keystrokes on the keyboard. In some cases, screenshots of the screen can be recorded. Keyloggers can be hardware or software based. A hardware keylogger is a small device that plugs into the com- puter, as shown in Figure 2-8. The keyboard is plugged into the back of the device. A software keylogger is a program that runs in the memory of an operating system. Keyloggers run in stealth mode. Often, they will not appear as a running application or process on the system. This is a challenge for cybersecurity techni- cians to detect the intrusion. Adware Adware is software installed on a computer that collects data on the user, such as what sites he or she visits, and then redirects advertising sites to the web browser. Adware is not always considered malware. Some adware is advertised when you install a program or visit a site. However, many adware programs are installed without your permission or knowledge. Adware can cause problems with the multiple pop-up windows on browsers. It also raises security and privacy concerns about your web surfi ng. CompTIA Security+ 1.6 CompTIA Security+ 2.5 CompTIA Security+ 1.1 MTA Security Fundamentals 1.2

Previous Page Next Page

Principles of Cybersecurity, 1st Edition Page 46 (58 of 634)

Resources and Downloads

Help