hello and welcome to P C Security Intermediate course.
In this lesson, I will be talking about types of the attacks on operating system.
you'll learn what kind of attacks are directly towards directly. So no two programs under arrest. But just toe s is ah,
And then I will be talking about how the
text on the authentication are performed
and what types of malware is attacking operating system and again. And then and then in the end, I will be talking about exploits off bags in the OS.
So when we talk about the attacks in the US, we have first attack we have is authentication because
if you can pick some of these
authentication details like,
um, their user name and password, and you can replicate the environment from which this person is getting logged in on another computer,
especially if there is, um, way to allow people to log in remotely outside the office,
Then you can log into system like your that person and do whatever you want. So this is why you need their user name and password.
Just not to forget. These things are mostly used
for smaller and medium businesses. So small companies, because larger companies, they do have additional levels of protection. So, for example, you cannot just log into system from any
PC you have toe have certain agent running there and that. Then, during first initial set up of a PC, that agent has to contact
some of some some service on the server, then get some key to unlock it, and so on and so on. So there are multiple ways to prevent somebody to unauthorized that is unauthorized to log into the system.
Then we have malware. And when we talk about this, we have malware that is attacking directly of braking system, like backdoors exactly doing. But their name is they're creating backdoor for somebody to logging
to the operating system without having the proper. He was a name and password. So you just about put bypassed the authentication.
Then we have ransomware
and ransomware is very well known thing. I'm sure that you have all heard about it. Basically, somebody installs a piece off malware on your PC. The ways they're doing it is usually through fishing where there are other methods as well,
and then they encrypt all the files on your PC, So if you're working in a big company of the encrypt, just one PC doesn't matter. But what brands were usually dies. It can spread through network, in fact, other PC's.
And then when they have infected everything, including servers and backup storage and
the encrypted everything, then they ask you for money to pay in order for them to unlock your he sees. What you see here on the screen is a typical, however ransomware that is attacking just one PC. But there are more, more, more, more complex self for solutions for for rent somewhere. But you're
much more sophisticated.
Then you have Trojans and Georgians. There's basically software that is, Ah, presenting is a completely legitimate software but is allowing whoever created to do some things with the operating system. I'm not going to go into detail Trojans, because the use of trojans has
M, and their technology of trojans has advanced a lot in past years. Older, they're different kinds of them in there,
let's say a breed on on their own, so they just exist and
they're usually difficult to detect. But then you have loaders which are even more difficult to detect Because
but loaders do, is they? They're very small. They're very good at hiding, and they do nothing by themselves. But what they do is they load. This is by their cold loaders. They load software that is then going to do some damage to your operating system. So
they're just a small piece off something that can go
online on the Internet and download something some, some payloads that is then going to infect your PC.
So basically, if you catch a loader, it's a two step infection. 1st 1 is just to have loader, and then you drop something with that loader onto the PC.
This is just the simplification off the loader, but you get the idea. So all these things are, uh,
typical types of malware that I targeting directly the operating system. And then we have targeting the operating system without actually having to use malware.
doing using malware when they're doing using some kind of code. But essentially, exploits are, let's say, bugs in the operating system,
and these bugs are there,
uh, simply because whoever wrote the operating system made a mistake
with that mistake being exploited. This is why it's called. It's exploit.
Ah, cybercriminals confined the way to atl East. If nothing else, penetrate the barrier off authentication of over the wise, and then when they're in there, that could do whatever they want. Essentially.
Okay, so let's talk about the authentication. So authentication is about stealing passwords if you remember,
and it's about stealing password hashes. It's about shoulder surfing. It's about social engineering.
So still, password hashes is something that,
is usually done by penetrating the server. And then you have password hashes. And then you can enter somebody's BC and do whatever he wants from that. BC
onda, uh, to prevent against these things, it is, in general, needed to have a certain
let's a protection on on on on the level off servers and network. So it's nothing to do with them,
with BC Security itself, but shoulder surfing and social engineering things that can be prevented by simply explaining people things that they shouldn't do when they are using their PC. For example, shoulder surfing. It's not really think that you should worry about when you're in your office,
but when you're on the airport or somewhere in the meeting. Yeah, you should make sure that nobody is looking what you're typing when you're typing in your password.
Also, social engineering is a thing that,
like somebody calls you by phone and says, Okay, I'm Mark from I t support. I'm not feeling well, so I'm working from home. But can you, you know, just give me something and then they get your passwords and then it's over.
So how how our mother attack spread their spread, usually through fishing, as they said,
It's, ah simple way. You receive a male. There is attachment. You open it, you infected. Then somebody has to get physical access to a PC
if you leave it unattended and they can steal it. But they can also insert, insert the Melber and then return it so you don't know that benefits have been done,
and also they can use infested or or hacking us bees. And the typical way to do it is like they just give it away to people as a like a marketing tool.
But it actually contains Marber. So I have seen situations in people with people who just got something free or you buy extremely cheap USB online from untrusted source.
You know when the offer is too good to be true, like you buy one terabyte USB for Ah, I don't know. $20
today and and or $10 you. So this is a bargain, and then you get the device and it's actually doesn't have more than one megabyte or a couple megabytes of memory. But it's enough for them to drop the payload on your PC.
Okay, so, as they said,
exploits operating system have huge number of embedded vulnerabilities, and also there is something called first day attack. So if you have some embedded vulnerability, the only way to protect yourself is toe update your operating system with the patch that fixes it.
Fix the first day attacks are those
which happened when somebody has found a vulnerability but has assured the to beat anybody but and then used it
to attack the operating system for which there is no patch for the vulnerability and then you're attacked. So
this is pretty much it.
Most of the protection against these things are going to be explained later, so the question for you at the end of this lesson is, which meant that is not used for passport death. Is it use off infected us bees? Is it shoulder surfing
or is it social engineering?
And the correct answer is
infected US bees. It's used for spreading the malware, but not for getting your password.
Okay, so in this lesson, you have learned about types of attacks, the target operating system of a PC, and the next lesson I'm going to talk in detail about protecting user authentication.