CYBER WAR

Cyberwarfare, (sometimes referred to as "cyberwar" and "cyber warfare,") is the use of

computers and the Internet to conduct warfare in cyberspace One U.S. agency, the Joint Forces
Commands, describes some of its attributes:

Cyberspace technology is emerging as an "instrument of power" in societies, and is

becoming more available to a country's opponents, who may use it to attack, degrade, and
disrupt communications and the flow of information. With low barriers to entry, coupled
with the anonymous nature of activities in cyberspace, the list of potential adversaries is
broad. Furthermore, the globe-spanning range of cyberspace and its disregard for national
borders will challenge legal systems and complicate a nation's ability to deter threats and
respond to contingencies.

There is debate on whether the term "cyber warfare" is accurate, with some experts
stating that "there is no cyber war," and that the word is "a terrible metaphor." Other
experts, however, contradict that stance, and point out that "the country was already in
the midst of a cyber war — and was losing it."[

Methods of attack
There are several methods of attack in cyber warfare; this list is ranked in order of mildest to
most severe.

• Cyber espionage: Cyber espionage is the act or practice of obtaining secrets (sensitive,
proprietary or classified information) from individuals, competitors, rivals, groups,
governments and enemies also for military, political, or economic advantage using illegal
exploitation methods on internet, networks, software and or computers.
• Web vandalism: Attacks that deface web pages, or Denial-of-Services attacks. This is
normally swiftly combated and of little harm.
• Propaganda: Political messages can be spread through or to anyone with access to the
internet or any device that receives digital transmissions from the Internet to include cell
phones, PDAs, etc.
• Gathering data: Classified information that is not handled securely can be intercepted
and even modified, making espionage possible from the other side of the world.
• Distributed Denial-of-Services: Large numbers of computers controlled by one person
launch a DOS attack against systems. The overwhelming number of attempted accesses
crowds out legitimate users who need to access the service.
• Equipment disruption: Military activities that use computers and satellites for
coordination are at risk from this type of attack. Orders and communications can be
intercepted or replaced, putting soldiers at risk.
• Attacking critical infrastructure: Power, water, fuel, communications, commercial and
transportation are all vulnerable to a cyber attack.
 • Compromised Counterfeit Hardware: Common hardware used in computers and
networks that have malicious software hidden inside the software, firmware or even the
microprocessors.

“Cyber crime is now a global issue. It has evolved significantly and is no longer just a threat to
industry and individuals but increasingly to national security. . . . Attacks have progressed from
initial curiosity probes to well-funded and well-organized operations for political, military,
economic and technical espionage," said by McAfee VP Jeff Green.

CYBER THREATS

Cyberterrorism is a phrase used to describe acts of deliberate, large-scale disruption of

computer networks, especially of personal computers attached to the Internet, by the means of
tools such as computer viruses.

Cyberterrorism is a controversial term. Some authors choose a very narrow definition, relating to
deployments, by known terrorist organizations, of disruption attacks against information systems
for the primary purpose of creating alarm and panic. By this narrow definition, it is difficult to
identify any instances of cyberterrorism. Cyberterrorism can also be defined much more
generally, for example, as “The premeditated use of disruptive activities, or the threat thereof,
against computers and/or networks, with the intention to cause harm or further social,
ideological, religious, political or similar objectives. Or to intimidate any person in furtherance
of such objectives.” This broad definition was created by Kevin G. Coleman of the Technolytics
Institute.[1] The term was coined by Barry C. Collin

Computer Virus:

A computer virus is a computer program that can spread across computers and networks by
making copies of itself, usually without the user’s knowledge. Viruses can have harmful side
effects. These can range from displaying irritating messages to deleting all the files on your
computer.
 VIRUS EFFECTS AND VIRUS RISKS

How does a virus infect computers?

A virus program has to be run before it can infect your computer. Viruses
have ways of making sure that this happens. They can attach themselves to other programs or hide
in code that is run automatically when you open certain types of files. You might receive an
infected file on a disk, in an email attachment, or in a download from the internet. As soon as you
launch the file, the virus code runs. Then the virus can copy itself to other files or disks and make
changes on your computer.

Who writes viruses?

Virus writers don’t gain in financial or career terms; they rarely achieve
real fame; and, unlike hackers, they don’t usually target particular victims, since viruses spread too
indiscriminately. Virus writers tend to be male, under 25 and single. Viruses also give their writers
powers in cyberspace that they could never hope to have in the real world.

MALWARE

Malware is a general term for any malicious software which comes in thousand of variants thus
malware is a threat to a PC. Among the variants of computer malicious software including Trojan
horse, spyware, computer worm, keylogger, rootkit, dialer, rogue security tool, adware and virus.
Some types of PC theats are easy to move. However some malware are tough to be deleted and you
need to use combination of few security tools to remove them such as antivirus, spyware removal
software, firewal and standalone PC infection remover.
Malware could cause damage to any infected computer such as loss of important documents

Trojan horses

Trojan horses are programs that do things that are not described in their
specifications The user runs what they think is a legitimate program, allowing it to carry out
hidden, often harmful, functions. For example, Troj/Zulu claims to be a program for fixing the
‘millennium bug’ but actually overwrites the hard disk. Trojan horses are sometimes used as a
means of infecting a user with a computer virus.

Backdoor Trojans

A backdoor Trojan is a program that allows someone to take control of

another user’s PC via the internet. Like other Trojans, a backdoor Trojan poses as legitimate or
desirable software. When it is run (usually on a Windows 95/98 PC), it adds itself to the PC’s
startup routine. The Trojan can then monitor the PC until it makes a connection to the internet.
Once the PC is on-line, the person who sent the Trojan can use software on their computer to open
and close programs on the infected computer, modify files and even send items to the printer.
Subseven and Back Orifice are among the best known backdoor Trojans.

Worms

Worms are similar to viruses but do not need a carrier (like a macro or a boot sector).They are
subtype of viruses. Worms simply create exact copies of themselves and use communications
between computers to spread. Many viruses, such as Kakworm (VBS/Kakworm) or Love Bug
(VBS/LoveLet-A), behave like worms and use email to forward themselves to other users.

Spyware

Spyware is a type of malware that is installed on computers and that collects information
about users without their knowledge. The presence of spyware is typically hidden from the user.
Typically, spyware is secretly installed on the user's personal computer. Sometimes, however,
spywares such as key loggers are installed by the owner of a shared, corporate, or public
computer on purpose in order to secretly monitor other users.

While the term spyware suggests software that secretly monitors the user's behavior, the functions
of spyware extend well beyond simple monitoring. Spyware programs can collect various types of
personal information, such as Internet surfing habits and sites that have been visited, but can
also interfere with user control of the computer in other ways, such as installing additional software
and redirecting Web browser activity. Spyware is known to change computer settings, resulting
in slow connection speeds, different home pages, and/or loss of Internet or functionality of other
programs. In an attempt to increase the understanding of spyware, a more formal classification of
its included software types is captured under the term privacy-invasive software.

Rootkit

A rootkit is a software system that consists of a program or combination of several programs

designed to hide or obscure the fact that a system has been compromised. Contrary to what its
name may imply, a rootkit does not grant a user administrator privileges, as it requires prior access
to execute and tamper with system files and processes. An attacker may use a rootkit to replace
vital system executables, which may then be used to hide processes and files the attacker has
installed, along with the presence of the rootkit. Access to the hardware, e.g., the reset switch, is
rarely required, as a rootkit is intended to seize control of the operating system. Typically, rootkits
act to obscure their presence on the system through subversion or evasion of standard operating
system security scan and surveillance mechanisms such as anti-virus or anti-spyware scan. Often,
they are Trojans as well, thus fooling users into believing they are safe to run on their systems.
Techniques used to accomplish this can include concealing running processes from monitoring
programs, or hiding files or system data from the operating system. Rootkits may also install a
"back door" in a system by replacing the login mechanism (such as /bin/login) with an executable
that accepts a secret login combination, which, in turn, allows an attacker to access the system,
regardless of the changes to the actual accounts on the system.

Boot sector viruses

Boot sector viruses were the first type of virus to appear. They spread by modifying the boot
sector, which contains the program that enables your computer to start up. When you switch on,
the hardware looks for the boot sector program – which is usually on the hard disk, but can be on
floppy or CD – and runs it. This program then loads the rest of the operating system into
memory. A boot sector virus replaces the original boot sector with its own, modified version
(and usually hides the original somewhere else on the hard disk). When you next start up, the
infected boot sector is used and the virus becomes active. You can only become infected if you
boot up your computer from an infected disk, e.g. a floppy disk that has an infected boot sector.
Many boot sector viruses are now quite old. Those written for DOS machines do not usually
spread on Windows 95, 98, Me, NT or 2000 computers, though they can sometimes stop them
from starting up