Ponto Cyber

Blog Details

  • Home
  • Lesson 1 – Introduction to Computers and Operating Systems and Security

Lesson 1 – Introduction to Computers and Operating Systems and Security

  1. Threat Landscape
  2. Hardware and Software
  3. Types of Operating System

 

Trojan Attacks

The most frequent attack indicated in the chart is a Trojan attack. The name is a historical reference to the battle of Troy, when the Greeks were said to sidestep the defenses of the Trojans by tricking them into wheeling a wooden horse full of enemy soldiers into their own city. This is an umbrella term that covers several attack types, including the following:

  • Exploit Trojans 
  • Downloader Trojans 
  • Ransom Trojans 
  • Backdoor Trojans 

While Trojans will behave differently depending on the type, the common trait of this approach is that a user inadvertently introduces malicious code into the organization and triggers it behind the defensive walls. The best defense against trojan attacks is to practice vigilant internet usage. Some guidelines are to never click on an unsolicited email with unexpected attachments, and always examine domain names and links before clicking on them. Be particularly vigilant with misspellings, such as zeroes that have been replaced with O’s, a trick used to lure an unwary user into bringing the horse behind the gate. Below you’ll find an example of a potentially malicious email, along with a list of general warning signs to be aware of.

Ransomware Attacks

The second most common type of attack from the previous data is ransomware. Recall that ransomware is an approach to cybercrime that is designed to cause disruption to services. This approach is featured frequently in the news due to the scope of impact. It is not uncommon for these attacks to occur on a national scale, with infrastructure and vital services being the target. Recent examples include:

  • Ireland’s Health Service’s Executive (HSE) in 2021.
  • Critical Ukraine infrastructure in 2022. 
  • Costa Rica, which declared a state of emergency when 30 institutions of government were held to ransom. 

The methodology behind these types of attacks is to gain access to a system and lock out the legitimate owner until a demand has been met. One approach to best mitigate against this type of attack is to ensure that no external actors gain access to your system. Best practices for achieving this include the following:

  • Use strong passwords. A strong password is one that is difficult to guess and typically would include a mix of characters, numbers, and symbols. 
  • Keep your system up-to-date with the latest security patches.
  • Ensure that only people with authorization for a system can use its system. 

Botnet Attacks

Next is Botnet attacks, which represent 13% of the documented attacks in the chart above. A bot can be defined as an online software program that performs automated and repetitive tasks. They are a means of creating a Denial of Service to an organization. If a Trojan attack is a subtle attempt to circumnavigate an application’s defenses, a bot attack could be described as a full scaling of the walls, as depicted below.

A diagram depicting a bot attack.

These attacks are orchestrated so that a system is plagued with innumerable requests for information and services. These requests can come from any capable devices on the Internet of Things (IoT) that have an IP address. The IoT relates to devices online and will be covered in more detail later. 

This type of attack can be coupled with the trojan attack, when some of the code maliciously embedded in a system is used to make the request of another system. In this way, an attacker makes use of someone else’s digital resources to negate the resources of a targeted victim. One defensive approach to mitigate against these types of attacks is to monitor network traffic for suspicious activity. If a particular source is identified as making repeated calls that impact the operations of a system, then this address can be blocked. However, more sophisticated approaches must be employed when a variety of compromised systems are used. 

Conclusion

As you may have concluded, cybercrime is a broad field that encompasses a variety of means of extorting money from an organization. This ranges from stalling business activities to removing items of value, such as user information. 

In this reading, you became familiar with the most common cyberattack approaches that affect real organizations and how they can be implemented. You were also made aware of some actions that can be taken to mitigate the risk of such attacks occurring.

Explaining the threat landscape

Threat number One: Poor password protection  

Vulnerability: poor password

Passwords are the first step in protecting a business, as they offer a legitimate way for an authorized user to gain access to a system. Using an oversimplified password poses a severe risk to an organization. 

Risk: Brute force attack 

A brute force attack involves running through a list of common passwords in an effort to see whether a password can be guessed to gain access to a system.

Attack: Ransomware

Once an external party has gained access to a system, it is possible for them to make internal changes that could have very harmful side effects for a business. One potential danger might be locking the account owner from the system until such a ransom is paid. 

Mitigation: Choose strong passwords, and never use the same passwords for different applications. 

Threat Number Two: Malware 

Vulnerability: Poor cyber hygiene

Cyber hygiene is the practice of maintaining the health and security of a system and includes such habits as regularly updating software and scanning for malware and other unwanted elements. Poor cyber hygiene opens the door for malware, which is one of the oldest forms of carrying out a cyberattack. It involves getting a legitimate user within a system to trigger some code from within the system that is designed to alter the system in some unintended way. Malware often requires a user within a system to click on a link. This is often achieved by sending an email with a link or an attachment and directions to click on it to claim a reward.

Risk: Trojans 

A trojan is an umbrella term for several attacks that can be executed by unsuspectingly clicking on a link containing malware.

Attack: Malware 

Malware can be designed to perform any number of ill effects on a system once executed. It is a blanket term that can encompass theft of information, disruption of services, or application of ransomware. Injecting it into a system by unsuspectingly clicking on a link can be very harmful. 

Mitigation

Generally, practicing good cyber hygiene can mitigate against malware. Be careful when clicking on external links, and always check email addresses to ensure that they originate from a trusted source. Watch the language used in emails, which is often an indicator of a dubious source and can be identified through poor grammar and spelling. The image below provides an example of a potentially malicious email:

Threat Number Three: Virus 

Vulnerability: Outdated Software

When software is first released it is prone to bugs or flaws in it that were not identified previously. Once these bugs are discovered, a patch to close or fix them will typically be released in the form of an update. This is why it is so important to always keep your software updated. 

Risk: Virus  

Outdated software builds up an increasing risk of viruses as more and more bugs are found with the application.

Attack: Exploiting software bug 

Outdated software can leave an opening in your firewall that a malicious actor can exploit. Depending on the flaw any number of attacks may be released. 

Mitigation

Enable automatic updates on your software if available or check for updates and install them on a regular basis.

Conclusion 

In this reading, you have observed an example of how you might create a report to express potential threats toward a business that is going online. The example includes three potential security flaws and the risks they pose and explains how attacks might be implemented. It also provides possible mitigating steps for each one.

Hardware versus software

Previously, you discovered which hardware components are essential in building a computer. Have you ever wondered how interacting with the information displayed on your computer, tablet, or smartphone actually works? Consider a movie set where there are actors, directors, and staff who operate equipment like cameras. These individuals are like the ‘hardware’ of the film. But everyone needs instructions to fulfill their role; they get this from the script, which serves as the film’s ‘software’.

Introduction

Hardware makes the physical device operate, and software gives instructions so that the hardware knows what to do and how to do it. This interdependent relationship allows you to interact with your computer. In this reading, you’ll be introduced to software aspects that are necessary to run a computer. 

What are hardware and software?

Software correlates to any virtual programs that are run on the computer. These include operating systems, programs such as Microsoft Word and Excel, or internet browsers. The hardware installed on your computer determines which of these software applications can run and where it should run. 

Broadly speaking, software systems consist of two overarching categories: 

  1. Application software
  2. System software

Application software is responsible for running specific applications like Microsoft Word or Excel. System Software relates to running the actual hardware itself. An example of this would be device drivers or operating systems like Windows or Mac. An operating system can run on a PC, Mac, phone, or other devices. You’ll explore operating systems in more detail at a later stage.

Hardware

Application and system software makes the hardware function as intended. Hardware is typically the long-lasting aspect of a computer. It is possible to update your hardware by adding additional features like more RAM or installing SSDs. There may be a slight improvement, but it mostly retains its original state from when it was first purchased. The way you interact with your computer can be improved by buying better monitors or keyboards. Hardware has a certain life span, and components tend to age and wear down over time. 

Software

Contrary to this, software runs consistently over time but changes constantly with patches and updates for programs that are regularly being released. Generally, these releases relate more to security issues than improving performance. As a program matures and is used widely, various flaws and bugs are detected. Once it’s reported, fixes are rolled out. This is why you are regularly prompted to upgrade your system. 

Recall that hardware and software are interdependent to work. A computer is just a heap of plastic and silicon without an interface to receive input commands. Note that you are able to automate software to run continually. Some examples include sensor lights or traffic light sequences. If a program is compatible, it can run on various types of hardware.

If a software upgrade is not working well, a workable solution is to upload an older version and restore it to a functional previous state. 

Conclusion 

This reading taught you what software is and how it relies on hardware to run. While there is a distinction, ultimately, hardware and software depend on each other. You can’t interact with hardware without having some software to interpret and execute your commands. Equally, software needs somewhere to be housed. Computer programs and applications cannot exist without some substance to ground them. You’ll gain some more insight when you explore different operating systems.

Types of operating systems

Introduction

Previously, you became familiar with the various hardware and software components that comprise a computer, and the functions they serve. To manage these elements, you would need some software that will oversee the interactions between the software, hardware, and human operator, as well as scheduling the executions of the various tasks required. This is where operating systems enter the picture.

An Operating System (OS) is a term for software that oversees the interaction between hardware and software operations and provides a means through which a human can interact with the system. Systems will have different needs and functionalities, so there are several variations of operating systems that can run the application. By the end of this reading, you’ll be able to describe several different operating systems and identify their advantages and drawbacks.

Types of Operating Systems

There are numerous operating system types, in this reading, you will learn about the five variations, and what distinguishes them from one another. The categories are:

  1. Batch Operating Systems 
  2. Time-sharing Operating Systems 
  3. Distributed Operating Systems
  4. Network Operating Systems 
  5. Real-Time Operating Systems 

While the fundamental principles of what each OS does is the same, the way that each achieves this end is different. Let’s examine what distinguishes each approach. 

Batch Operating Systems (BOS)

A BOS allows multiple users to work in tandem by compartmentalizing each user’s actions and only allowing one user control at any given time. Users cannot communicate with one another and when the task is complete, control is passed to the next user. The advantage of this approach is that it allows many users to work on large projects at the same time.

The rationale behind this approach is that large projects are broken into smaller, more manageable chunks and hence do not require being loaded into memory all at once. Another advantage is that similar types of jobs that are queued to run will be run together. This is quicker as it reduces the overhead in loading and queuing the resources that are mutual to each task. The challenge is in coordinating many different users operating at once. This results in some tasks running slower because excessive time is spent waiting for the OS to free up the resources. 

Time-Sharing Operating Systems (TOS)

This approach is also known as a Multitasking System as it enables the execution of many different tasks. A TOS operates in a timed manner: a unit of time called a quantum is allocated to each task. These tasks are queued for the CPU, which will work on each one for a quantum before rotating to the next task. 

This approach is beneficial when the task load is running several small tasks. The major advantage of this approach is that it minimizes CPU wait time, and every user is given a fair time location. The disadvantage to this approach is that the rapid switching between tasks can result in some communication issues, with data being mixed up. 

Distributed Operating Systems (DOS) 

This approach to processing is a natural progression as internet communication improves. A DOS connects several dispersed CPUs to execute tasks. There is no central source and communication is achieved through using clear protocols on a communication network. 

The advantage of using a distributed approach is that it can scale up or down depending on the processing need. As the network is dispersed there is greater robustness to failure. A drawback is that it is still a relatively new approach and so the communication protocols are not well defined. 

Network Operating Systems (NOS) 

This type of operating system runs on a network and allows for the sharing of users, groups, securities, and applications. Typically, the network would contain one server-based OS that interacts with the OS of each individual device on the system. It is possible to have any number of devices on the network, and they can be of different types. For example, you could add a printer, digital thermometer, and several computers to one system and have them all interact. This type of approach would be considered tightly-coupled, as the devices utilize a shared network and demonstrate high interactivity with each other.

The advantage of this approach is that users can remotely log on, enabling easy upgrading as new devices and technology can be added to the existing network. It can however be costly to maintain and requires a centralized location for performing operations. 

Real-time Operating Systems (RTOS) 

An RTOS is a type of OS for applications that need real-time computations. While many approaches may share resources and operate under a time share, RTOS differs in that it prioritizes tasks by importance. This approach is event-driven with an emphasis on engaging and completing tasks as soon as they arise. This distinguishes RTOS from the other approaches mentioned, in which the priority of a task is determined by the time allocated. These operating systems are generally task-specific approaches and are commonly found in systems such as autonomous cars, air traffic controls, and more.

The advantage of this approach is that it can generate results with exceptional speed by using a priority queue that emphasizes completing a task reactively. The disadvantage is that it is very specialized and does not generalize well to performing a diverse range of tasks. 

Conclusion

In this reading, you’ve analyzed various categories of operating systems, specifically batch operating, time-sharing, distributed, network, and real-time systems. You’re now aware that each one has its advantages and disadvantages, and there is no single best approach. You should know that different operating systems exist for different tasks, and knowing how to distinguish between them will help with decision-making in future cases.