There are many dangers lurking on the Internet – malware in many different variants threaten PC systems and their data. And every day new variants of malicious software appear. In our TOP 10 network threats, we show you the methods hackers use to get their data and how you can protect yourself against them with hardware and software-based solutions. In addition, a few tips on how to minimize dangers through your own (surfing) behavior.
What dangers lurk on the WWW?
Viruses, Trojans& Worms
They have been around for decades and yet viruses, worms and Trojans still represent the biggest threats from the net to computer systems. And the mass of malware in circulation is increasing every day: around 350.000 new species appear on the net every day. The terms viruses and worms are often used interchangeably, but they are different types of malware.
The computer virus is the oldest malware. As early as 1974
"Rabbit" the first computer virus developed. Viruses are programs that can duplicate themselves and spread from computer to computer. Then steal or delete data on the affected systems. Most viruses are hidden in a program. As soon as the user executes this program, the virus spreads. The spreading of viruses is done by the user by unintentionally forwarding the infected files, e.g., to a third party. B. via e-mail or on data carriers such as USB sticks.
Worms are similar to computer viruses, but they do not rely on the user’s "assistance" and spread independently via networks and data media by mercilessly exploiting security vulnerabilities.
Trojans, unlike worms, do not reproduce on their own. They often pretend to be legitimate software and then nest themselves unnoticed on the computer. Trojans give hackers direct access to the computer, allowing them to manipulate, steal or delete data.
Web-based malware is caught by users especially when they use outdated web browsers. Often it is browser plugins that allow this malware to install itself on the computer. Many millions of Internet addresses are infected with web-based malware.
Spam, spyware and adware
Who hasn’t experienced it: the e-mail inbox is full of unwanted (advertising) messages?. These mails are not only annoying, but can also become quite dangerous. Because they are not always just advertising mails. Behind these messages there is often an infected file or a link to malicious software. Some of the e-mails are so well disguised that you have to look very closely. For example, real fake invoices are in circulation.
Spyware (spyware) spies on user behavior and data without the owner’s knowledge or consent. They are used to analyze the user’s surfing behavior, and the data obtained is used for commercial purposes. It is not uncommon for companies to develop spyware themselves in order to learn more information about their customers.
Those who catch adware (advertising software) are shown unwanted advertisements. Adware is often integrated into free programs and difficult to detect. The advertisements can also get onto the PC via infected websites. As a rule, adware does not cause any damage to the computer, but it is very annoying.
Phishing describes the attempt by hackers to obtain sensitive user data via fake websites, e-mails or instant messengers. In such e-mails, the user is requested to visit faked websites or to disclose secret access data. Known, trustworthy websites are imitated and the credulity of the user is shamelessly exploited. Sometimes the fake websites look so real that there is hardly any difference between them and the original. Usually, hackers target account or business-critical data when phishing. In the worst case, the bank account can be plundered in this way.
Botnets are a whole group of PCs that have been infected with malware and linked together to form a large network. These botnets not infrequently extend over several thousand computers. The malware used is called robot programs (bots). They are remotely controlled by hackers and abused for criminal acts. For example, they automatically send out masses of
Spam and spy out data. All this happens in the background, without the user having any idea that his computer has become a part of criminal structures. In addition to computers, mobile devices such as smartphones or tablets can also be affected by bots.
Constant availability of servers, applications and data is essential for businesses. This is exactly what hackers are after in a denial-of-service (DoS) attack. They try to attack websites and servers in order to make important data or complete systems inaccessible to the owner. This is mostly achieved by targeted attacks on servers, with the aim of completely overloading them. For this purpose, huge numbers of requests are sent to the server.
Ransomware ("ransomware") is in principle based on
DoS with the aim of extorting a ransom from the user. For example, the entire computer is paralyzed and at startup only an unavoidable request appears to transfer a certain amount of money in order to regain access. If the user does not comply with this request, data deletion is threatened.
Scareware ("scary software") describes malware that is intended to frighten and unsettle the user in order to induce him to perform certain actions. Widespread examples of scareware are fake error messages, supposed virus infections of the computer or programs that pretend to originate from government institutions. What all these deception attempts have in common is that they suggest a fear-inducing danger and offer a suitable solution to the problem. The unsuspecting user, who wants to protect his PC system with such a supposed solution, catches the malicious software.
Mining Trojans are in particular focus here. Once they have taken up residence on the PC, they abuse its computing power to generate digital currencies such as Bitcoins. The result: the PC reacts extremely slowly and can no longer be used productively. In addition, power consumption skyrockets.
Not only in constant use in the private sphere, but also an everyday occurrence in companies: smartphones and tablets. Security is often not taken as seriously as it is with computers. At the same time, these devices log into the company network and store sensitive company data. Android in particular is vulnerable to attacks. Because even in the Android Play Store you can catch mobile malware. In addition, the manufacturers of Android devices often deliver security updates and patches late, which again reduces security. Most types of computer malware can also be dangerous to mobile devices in a modified form. Specific forms of mobile malware are:
- Infected apps
- SMS& Instant Messenger Malware
- Advertising modules
- Exploits to gain root access to smartphones
- Cyber miners that fork computing power
How can I protect myself from attacks?
To protect oneself against threats from the Internet, one can resort to software- as well as hardware-based solutions. The latter play a significant role especially for companies and rather less for private users. In addition, the behavior of the user is also of crucial importance. Through its behavior, it can significantly contribute to the security of his system.
This includes the classic virus scanner, which should be mandatory for every computer. Although Windows already contains integrated virus protection in the form of Defender, it is highly recommended to install an additional third-party virus scanner. This is a targeted way to close the security gaps of Microsoft Defender. Proven free virus scanners for home users include Bitdefender Free Edtion, AntVir Free, avast Free or AVG AntiVirus Free.
Virus scanners: paid or free of charge?
Free antivirus programs usually offer a good basic protection, but often do not have all the security features. Entrepreneurs in particular should take advantage of advanced security packages. The antivirus suite should provide the most comprehensive protection against all threats possible . In most cases, Internet security software has even more comprehensive protection than a pure antivirus scanner. However, virus scanners and Internet security software should only be one pillar of enterprise IT security.