Malicious code, attacks and threats
Top ten threats
The course is part of this learning path
Before malicious software infects a computer, it needs to find its way into the system.
The route it takes is called a threat vector. There are many different threat vectors and it’s important you know what they are. So, how many do you know? Make a quick list before reading on and checking your ideas.
What are the types of threat vector?
Figure 1:Threat vectors
Visiting a compromised or malicious website
There are a few ways that visiting a site could lead to infection, such as:
- A program automatically downloading in the background.
- A malicious script running to steal information or redirect to other sites.
Downloading or installing software
You may unwittingly install malicious software that presents itself as legitimate. As a rule, you should only download software from legitimate and trusted sources, or trusted vendors, who have some liability and a privacy statement.
Installing infected media
This might be through an infected program on a USB drive. For example, someone might think they’re only copying a document from the removable drive to their computer. But, because of the autorun feature on the operating system which executes when removable media is connected to Windows, a malicious piece of software is executed. These types of infections can occur with any kind of removable media, like CDs, DVDs, back-up tapes and portable hard drives.
Opening email attachments
An email attachment can contain malicious software, that, when run, will infect a computer system. Care should be taken to ensure that any attachment doesn’t include a macro virus or that a downloaded link doesn't have a virus embedded within it.
Through ethernet, wireless and Bluetooth connections
PCs, Apple Macs, tablets, and mobile phones support multiple forms of communication. If all these communications services are turned on, an attacker could target the system even when it’s not being used.
For example, if Wi-Fi is turned on, the computer might act as a wireless access point for others to access the network. An attacker might break into the device over Bluetooth and then move from there into the corporate network over the LAN.
What steps could you take to secure these threat vectors? You’re going to explore some possible counter measure next so see if you recognise any of your ideas.
In this course on malicious software, you will learn about the various types of malicious code in detail, contrast the different types before looking at look at the countermeasures used to combat them. You’ll also encounter non-technical controls and see the OWASP top 10 security threats.
A world-leading tech and digital skills organization, we help many of the world’s leading companies to build their tech and digital capabilities via our range of world-class training courses, reskilling bootcamps, work-based learning programs, and apprenticeships. We also create bespoke solutions, blending elements to meet specific client needs.