1 00:00:00,380 --> 00:00:03,620 Most of what we've discussed in this course focuses on security and 2 00:00:03,620 --> 00:00:05,650 privacy while online. 3 00:00:05,650 --> 00:00:08,980 Some attacks are considerably more aggressive, targeting your system and 4 00:00:08,980 --> 00:00:10,920 hiding from detection. 5 00:00:10,920 --> 00:00:14,770 Malware can be considered any program on your device with malicious intent. 6 00:00:15,820 --> 00:00:18,440 While infection does occur less frequently, 7 00:00:18,440 --> 00:00:21,260 even the passive varieties can lead to serious consequences. 8 00:00:22,430 --> 00:00:25,470 This video will discuss the various approaches that hackers may take 9 00:00:25,470 --> 00:00:31,220 in order to gain access, not just to an account or two, but to your whole system. 10 00:00:31,220 --> 00:00:34,980 Once access is gained, these malicious programs can do anything from take 11 00:00:34,980 --> 00:00:39,700 complete control, encrypt your data and demand a ransom to decrypt. 12 00:00:39,700 --> 00:00:42,450 Search for sensitive files and data, like passwords and 13 00:00:42,450 --> 00:00:46,770 bank records, hide in the background and transmit all your actions. 14 00:00:46,770 --> 00:00:51,462 Or even lay dormant until called on to participate with other infected computers 15 00:00:51,462 --> 00:00:54,783 in a coordinated attack, without your even knowing it. 16 00:00:54,783 --> 00:00:58,250 Email attachments are something we use all the time, so naturally, 17 00:00:58,250 --> 00:01:00,840 they make a great delivery mechanism for malware. 18 00:01:01,900 --> 00:01:05,720 Detecting dangerous attachments is particularly tricky because the programs 19 00:01:05,720 --> 00:01:08,820 often use an infected computer's contact list. 20 00:01:08,820 --> 00:01:13,240 Meaning, that attachment you got from a co-worker may not be trustworthy. 21 00:01:13,240 --> 00:01:16,147 Verify the sender when possible. 22 00:01:16,147 --> 00:01:20,019 Be especially cautious if the attachment requires installation. 23 00:01:20,019 --> 00:01:23,490 Look for other inconsistencies, like spelling and grammar mistakes. 24 00:01:24,540 --> 00:01:29,150 Root kits and key loggers are programs that can get installed at the system level 25 00:01:29,150 --> 00:01:31,510 and make them hard to detect and harder to remove. 26 00:01:32,720 --> 00:01:37,480 Root kits allow unauthorized access to your computer, or even your cellphone. 27 00:01:37,480 --> 00:01:41,827 A key logger is a specialized root kit that records every key you press, and 28 00:01:41,827 --> 00:01:44,795 potentially sends that record over the Internet. 29 00:01:44,795 --> 00:01:47,855 Could be installed from an e-mail attachment. 30 00:01:47,855 --> 00:01:50,257 Some manufacturers, like Lenovo, 31 00:01:50,257 --> 00:01:55,297 have included root kits in their devices before selling, do your research! 32 00:01:55,297 --> 00:01:59,572 Keyloggers track your keyboard activity, so they're no match for 33 00:01:59,572 --> 00:02:04,973 even the strongest passwords, but 2-factor auth can offer some protection here. 34 00:02:04,973 --> 00:02:08,355 Found USB drives can seem harmless enough. 35 00:02:08,355 --> 00:02:11,819 You see one on the ground, and like searching through a lost wallet for 36 00:02:11,819 --> 00:02:15,300 a way to return it to its owner, you plug the drive into your computer. 37 00:02:16,310 --> 00:02:19,540 Even without manually installing anything suspicious, 38 00:02:19,540 --> 00:02:21,960 your system could be compromised. 39 00:02:21,960 --> 00:02:24,654 This is actually a fairly well-known technique for attackers. 40 00:02:24,654 --> 00:02:27,787 That takes advantage of the fact that many computers 41 00:02:27,787 --> 00:02:31,562 would automatically trust anything plugged into the drives, 42 00:02:31,562 --> 00:02:34,709 essentially passing the responsibility onto you. 43 00:02:34,709 --> 00:02:38,314 Don't trust anonymous drives found on the ground. 44 00:02:38,314 --> 00:02:41,339 Be cautious of drives given to you for free. 45 00:02:41,339 --> 00:02:44,960 There are devices available that can scan drives, if you suspect anything. 46 00:02:46,130 --> 00:02:49,930 We've explored different methods used to get your system infected. 47 00:02:49,930 --> 00:02:53,310 Whether it's something you download, something that's already installed on your 48 00:02:53,310 --> 00:02:57,220 device, or even something you or someone else could plug in directly. 49 00:02:58,230 --> 00:03:02,940 We've also seen what an infected system can do, whether it's take full control, 50 00:03:02,940 --> 00:03:07,660 record every action, or use contact info to send malware around. 51 00:03:07,660 --> 00:03:11,840 There are even variations that can take control of webcams and spy on people, 52 00:03:11,840 --> 00:03:14,710 a problem that can be addressed with a sticky note over to the camera. 53 00:03:15,840 --> 00:03:19,800 This is not to frighten you, but to simply introduce these concepts as risks and 54 00:03:19,800 --> 00:03:22,220 instill a healthy suspicion. 55 00:03:22,220 --> 00:03:25,926 Malware could be full course on its own, and we've really only scratched 56 00:03:25,926 --> 00:03:29,410 the surface, but suffice is to say, be mindful of what you install.