Viruses
More Viruses
Trojans & Worms
The Human Factor
Other Indirect Attacks
100
True or False: A virus is a type of malware executable program that attaches itself to another program on your computer.
True
100
True or False: No viruses are able to turn off anti-virus software.
False
100
What is the largest class of malware?
Trojans
100
What is phishing?
Phishing attempts to trick victims into giving up private information like usernames, passwords, credit card information, etc.  They do this by sending the user an email or instant message that appears to come from a trusted institution like a bank or credit card company. The visible url will look authentic but when the user clicks on it it will instead send them to a site controlled by the hacker.  Attackers will send these messages to millions of users because even if only a small percentage of them are fooled into giving up their information it can be very lucrative.
100
This type of malware threatens the confidentiality of data on a computer.  It monitors user activity and gathers information about the user.  This data may be used simply for advertising but it can also monitor usernames, passwords, and credit card numbers.  They are usually downloaded as part of some freeware application.
Spyware
200
How do viruses spread from host to host?
They copy themselves onto other machines they come in contact with. They can be spread on a flash drive, over the network, or by any other means that computers share files.
200
What type of virus is able to target multiple operating systems?
Cross-platform virus
200
Who created the first worm and what was it called?
Robert Morris did in 1988 and it was called the Morris Worm.
200
What is the difference between phishing and spearphishing?
Spearphishing is a variation of phishing.  These attacks are targeted for a specific user.  Usually these people will have an exceptionally high level of access or a large amount of resources the attackers are looking to steal.  To execute these targeted attacks, hackers will research their victim looking on social media and other data sources.  They will then craft a targeted email that appears to come from a trusted source (like a friend or a colleague) and will include information that is targeted directly for the victim.
200
This is what you call  a group of infected computers controlled by a single controller.
Botnet (short for robotic controlled networks. Botnets can be used for all types of attacks including denial of service attacks, spam attacks, and to distribute malware.  In 2007 a botnet called Storm became the second most powerful supercomputer in the world.
300
When was the first virus written?
1971
300
What do you call a virus that can act like both a system infector and a file infector?
Multipartite virus
300
What are trojans?
Trojans are software that is disguised as a useful program but actually contains malicious code.  The outward appearance of the code tricks users into running the program.  Once it is running the program can execute commands to the host computer with the implicit authorization of the user. 
300
What is social engineering?
Social engineering is the art of getting authorized people to carry out the actions for unauthorized people.  It is often very successful and that is due to the fact that most people want to be helpful, especially if the person making the request appears to be valid.
300
What is a logic bomb?
A logic bomb is a piece malware that executes based on a certain condition.  It can be time-based (these are called time bombs) or event-based.  Many logic bombs start with an organizational insider.  For example, a disgruntled employee may create a  program or a piece of code that is designed to start deleting company files if he is ever terminated.  Or the code may execute under other types of conditions.  Logic bombs can be very hard to detect.
400
What are the three main types of viruses? 
System infectors, file infectors, data/macro infectors
400
What is a macro infector?
These are viruses that infect office program macro files. Macros are basically recordings of user actions designed to make repetitive actions more efficient. It is possible for viruses to infect these files though and insert their own instructions.
400
How are worms different than viruses?
Worms are self-contained programs that replicate themselves and send to other computers, usually using your address book.  They differ from viruses in that they do not need a host program to exist.  They are standalone programs.
400
Name two other ways humans can unwittingly counter data security measures put in place.
Examples include: 1. Leaving a workstation unattended 2. Losing a device with sensitive data 3. Putting an infected USB drive in a drive
400
When hackers send this, they will often include an unsubscribe button.  When users click on the button, it can then install a worm or virus on your machine.
Spam
500
What is a system infector?
A virus that usually infects system start up processes. It allows the virus to take control before the computer can finish loading the protective measures like anti-virus.
500
What is a file infector?
This is a type of virus that attaches itself to files, traditionally focusing on .exe or .com files. Lately, though, there has been a substantial increase in Linux and Mac-focused viruses. Same thing for mobile Oss like iOS and Android.
500
What was the first known Trojan and when was it released?
The first known Trojan was called Animal and it was released in 1974.  All it did was replicate itself inside the directory structure of the machine.  Today's trojans can open back doors, steal sensitive info and many other things.
500
In class we mentioned a famous hacker who was considered the “king” of social engineering. Who is this person?
Kevin Mitnick
500
What do Polymorphic, stealth, slow viruses and retro viruses have in common?
They all attempt to avoid detection by attacking a host's countermeasures like anti-virus software.
M
e
n
u