Components of Web Design 12 – Security Threats – U21-M1

With how the internet is continuously striving forwards in terms of creating advancements that allow for new ways for the platform to be utilised for the benefit of the population (although they vary in usefulness). This also means that with the internet as of now there are groups/individuals who are out there how have developed new methods in order to disrupt the flow of a website, or have been able to enhance an already existing method for the same purpose. Meaning that there can be benefit of knowing what is out there.

(Distributed-Denial-of-Service – DDoS): It is a type of DoS attack where unlike the latter which attacks a system/resource through just one computer and connection to the internet a DDoS is different. It is different in the sense that is involves the use of multiple computers connection to different internet connections, with each of the computers used being considered compromised as they are often infected with some form of harmful Trojan virus. As the systems used within a DDoS attack are infected it means that unlike a DoS attack the systems on the hackers end are also pre-emptively effected before the attack making them useless afterwards. Within DDoS attacks there are different types of attacks which utilise different methods in order to achieve a similar result. Which are below up to SQL Injection.

Traffic Attack: A type of DDoS attack where in which a massive quantity of TCP (Transmission Control Protocol), UDP (User Data Packet), and ICPM (Internet Control Message Protocol) data packets are sent to the attack target.

Bandwidth Attack: This DDoS involves the overloading of the target through sending the user large amounts of junk data, hence resulting in a loss of available of bandwidth for the user or a complete DoS.

Application Attack: Attacks the application layer of the targets system by removing the free resources which are within the aforementioned layer, meaning that any services which utilise that layer will become unavailable due to it being depleted.

SQL Injection (Structure Query Language): It is type of security exploit which involves the addition of SQL code into a input box within a web form in order to access a websites resources and make changes to the data on a website. As a majority of website forms exclude any method of blocking incorrect inputs of data into name/passwords text inputs, it can allow for a simple request to be made to the websites database allowing for all of the information contained within to be download potentially. The main reason SQL Injection is such a hazard for web design is that it exploits most of the automated tools that have come to popular prominence in modern web design, especially since on the opposite end of the spectrum is the creation of automatic SQL injection software that negates the time needed to manually input the statement into the website input box.

Ransomware: This is a sub-category of malware where it acts in a similar fashion to the central category where it involves the planting of malicious software onto a persons computer or other area containing personal/ important data (website). However it separates itself with the end result as the most common utilisation of Ransomware is for the purpose of excluding the victims access to their computer/website, with the hacker through encrypted means gains the victims attention (possibly through messaging) with a demand for some sort of result. The most common of which being monetary gain as it is incredibly rare for a Ransomware attack to require anything else, when meeting the demands of the hacker there is never the demand for physical currency instead opting for virtual currency such as Bitcoin as they allow for the hiding of identities.

Trojan: Another type of malware that works in a different way to Ransomware, as the name implies (being associated with the Trojan horse from history) it works by disguising itself as legitimate/safe software that is most commonly given through some method of social engineering. This usually fools the average person into believing that it is completely safe, which will often result in the victim downloading the software and executing it without proper safety precautions. After the software has been activated it immediately gets to work on ensuring that it can’t be removed easily if at all, this often includes the trojan disguising itself as another piece of software by name, not displaying as a running task with task manager, and not allowing the user to find the trojan easily as it will often move the another location (mostly with crucial software such as Windows32). This trojan almost acts as a spy within the computer as it allows a hacker to view all of the victims data and what they are doing, this also includes the ability to manipulate the data on the victims computer (Deleting, Denying access, Copying).

Worm: A worm is a type of malware which works differently than the other two mentioned as it works autonomously meaning that it does not require any form of interaction with a person in order to begin damaging a users system. How it works is by attaching itself as a downloadable piece of software within malicious or untrustworthy websites, once it has been downloaded it begins self-replication essentially copying itself indefinitely until one of two outcomes occurs. The worm has been correctly removed with all lingering traits being removed as well since it can replicate off of a copy, or has taken up all of the space within a victims storage devices (HDD, SSD). Along with replicating itself it will also delete software and other data on any available storage format (can be transferred through portable media) meaning that if the worm is given the opportunity to escalate the computers OS could be at risk of deletion. Whilst it disguises itself in a similar fashion to a trojan, it is also similar to ransomware where the only to realistically detect it is recognise a significant change of available storage on a users computer, as worms are very hard to detect/be notified of otherwise.