Issue link: https://cp.revolio.com/i/359333
22 | THE DATA CENTER JOURNAL www.datacenterjournal.com SECURITY AGAINST WHAT? In a perfect world, no one would need a lock. e fact that cars, houses, safes and so on all have some kind of locking mechanism speaks to the pres- ence of threats. In the same vein, networks must also address threats—albeit digital ones rather than physical. Here are some terms that you'll likely encounter when discussing threats to a network; the order has nothing to do with the threat level or potential for wreaking havoc on computer systems. Malware: A catchall category for soware de- signed to cause you all sorts of headaches, malware seeks to steal, change or destroy data on your network. In some cases, it can even damage or destroy hardware by, for instance, overheating a processor. Common types of malware include trojan horses ("trojans"), worms, viruses and spyware. Although these soware types have technical distinctions in terms of their purpose, capabilities and method of propa- gation, they are oen virtually interchange- able. e network-security novice is likely safe using the term malware to describe this malicious code. Hacker: Hackers are individuals or groups of individuals whose goal is to gain unauthor- ized access to your network or data. eir purposes are manifold; some might wish just to spy on you, some wish to wipe out your company. ey can employ a range of methods, including malware, and probably aren't typically what you would think from television portrayals—guys who sit at a computer typing furiously or making a couple educated guesses at your passwords. Zero-day exploit: According to Dr. Vincent Berk, CEO and cofounder of network-security company FlowTraq, a zero-day exploit is "an attack that is generally unknown to the public. e 'zero-day' moniker therefore refers to soware and antivirus vendors being unaware of the possibility of the attack. A zero-day is scary because the susceptibility to it may be widespread, po- tentially leading to massive compromise of systems." e danger of zero-day exploits varies from case to case, and Berk notes that some examples may enable remote attacks whereas others are only available to existing system users. Backdoor: An alleged tool of the NSA, back- doors are oen hidden means of bypassing standard "front-line" security. "We also see the term backdoor used when soware or hardware manufacturers leave behind a way into their product to recover lost au- thentication credentials. Such backdoors, when discovered, are considered very bad, and oen load to bad security breaches," said Berk. DoS/DDoS: Imagine taking a trip to your local coffee shop only to find a line of hooligans leading out the door of the establishment. Denial-of-service (DoS) attacks don't nec- essarily aim to destroy a system so much as to consume available resources, making legitimate use impossible—like that group of hooligans that want to hurt the coffee shop by preventing real customers from conducting business. A DoS attack can come from a single source; those that involve multiple sources are called distrib- uted DoS (DoS) attacks. Berk notes, "Most types of DDoS attacks disable a service by overloading the DNS system (so that cus- tomers cannot find the service), or using up all available connection slots (so that customers cannot connect to the service). ese attacks usually involve large volumes of packets, and may be hard to stop. More- complex DDoS attacks will try to overload the service application by making smaller numbers of very complex queries, and thus overloading disk or CPU systems that the service runs on." Botnet: Egemen Tas, VP of engineering for Comodo, describes a botnet as the "cyber-muscles of cybercriminals used in DDoS attacks. ey are one of the biggest threats to the security of the Internet if not the biggest." Specifically, botnets involve a group of computers (oen in many different physical locations) that have fallen under the control of a hacker. ink makeshi cloud computing for criminals. e term bot is short for robot and refers to a computer running in a pseudo-au- tonomous fashion. Users of compromised machines may be unaware that their equip- ment is part of a botnet. Spam: Electronic junk mail—you know it when you see it. In addition to more benign advertisements for Viagra and weight-loss pills, spam can be a medium for "phish- ing" attacks designed to steal your bank or other credentials as well as for stock-mar- ket schemes and other kinds of fraud. Social engineering. is term refers to attacks that target not the network proper, but the users. e so-called Nigerian scam may be the most well known, but phishing and other duplicitous schemes are also included. Social-engineering schemes have increased in sophistication, but they are still oen given away by lousy spelling and grammar as well as "too good to be true" claims. (No, you're really not on some glowing list of individuals that can be blindly trusted with millions of dollars from some dead politi- cian or businessman in Africa.) Spear phishing. You have probably identified your share of "phishing" emails simply because they didn't apply to you: for instance, a message purporting to be from PayPal may have failed to pull the wool over your eyes simply because you don't have a PayPal account. ese types of broad scams aim to make money through sheer volume. But imagine what a more studious scam- mer might accomplish by doing a little research: perhaps he reads a little about your company or finds your name, address and phone number in an Internet search. rough just a little tailoring, targeted phishing scams (called spear phishing) can be much more convincing, possibly netting even veterans who have deleted hundreds of messages that supposedly "value you as a regguler Banking customer" (from a better-written example). Spear-phishing attacks can be much harder to spot than their simpler brethren, but they are equally dangerous. Although these terms don't cover every kind of threat to a network, they are some of the most common ones you're likely to hear bandied about in a news article or moderately technical discussion of network security.