Codecademy Logo

Malware, Password, & Physical Attacks

Print Cheatsheet

Cybersecurity: What Is Malware?

Malware is malicious software inserted into a system to cause damage to systems or data or to gain unauthorized access to a network.

Some examples of malware are:

  • Viruses
  • Adware
  • Spyware
  • Scareware
  • Trojan horses
  • Rootkits
  • Ransomware
  • Worms
  • Fileless malware

Malware: Viruses

A virus is a type of self-replicating malware that attaches itself to other programs and executables without the permission of the user.

An image showing an email advertising "Click here for a free Pro Account!!!!". The email window has lots of evils bugs behind it.

Malware: Worms

A worm is a type of self-replicating malware that copies itself from computer to computer without user intervention.

A worm could replicate so much that it overloads your client’s system. By doing this, the worm could bring down the system and violate availability.

Malware: Spyware

Spyware is malware downloaded without a user’s authorization which is used to steal sensitive information and relay it to an outside party in a way that harms the original user.

The key word here is “spy”. Clicking suspicious links or downloads could result in spyware.

Malware: Adware

Adware is unwanted software designed to throw advertisements up on your screen. This malware is usually more annoying than dangerous.

Cybersecurity: Password Attacks

In Cybersecurity, a password attack is any attack that attempts to hack into a password-protected asset, like an account or encrypted file.

Authentication & Authorization

Authentication is who you are. Logging in with a username and password is an example of authentication.

Authorization is what you can do. Only being allowed into non-VIP sections of the site is an example of authorization.

An image showing that Authentication is when you log in and Authorization is what you are allowed to do.

Cybersecurity: Plaintext Data

Plaintext data is data that is stored in its original, readable format. This term is often used when referring to sensitive data to differentiate between secure data that is encrypted or hashed versus insecure data that is unencrypted and unhashed.

Brute Force Algorithms

  • A brute force algorithm solves a problem through exhaustion: it goes through all possible choices until a solution is found.
  • The time complexity of a brute force algorithm is often proportional to the input size.
  • Brute force algorithms are simple and consistent, but very slow.
# pseudocode that prints all divisors of n by brute force
define printDivisors, n
for all numbers from 1 to n
if the number is a divisor of n
print the number

Cybersecurity: Plaintext Attacks

In Cybersecurity, plaintext attacks refer to attacks that attempt to exploit password storage techniques that do not use encryption. This is usually exploiting security misconfigurations or insecure designs.

Cybersecurity: Password Spraying

Password Spraying refers to a type of brute force attack in which a threat actor tries common passwords on multiple usernames.

Cybersecurity: Offline Password Attacks

An offline password attack refers to when a threat actor does NOT interact with a service’s authentication service.

Cybersecurity: Online Password Attacks

An online password attack refers to when a threat actor interacts with a service’s authentication service. These will often be detectable by looking at audit logs and seeing successful and failed logins.

Cybersecurity: Dictionary Attacks

In Cybersecurity, a dictionary attack is a type of brute force attack where a threat actor starts with a list, or “dictionary”, of plaintext passwords and runs through each item in the list to find a correct password or hash.

Rainbow Tables

A rainbow table is a massive table of common passwords and password-hash combinations used by attackers to break into accounts. One common technique we can take to protect ourselves from rainbow table attacks is the use of salts.

An image showing that adding the salt "abc" to the end of the password "p@ssw0rd" changes the hash stored in the database. This means that an attacker who has stolen the hash won't find a match in their rainbow table and discover the user's password is "p@ssw0rd".

Salts

A salt is a secret random string that is combined with a password prior to hashing specifically to defend against the use of rainbow tables.

Rainbow tables are large lookup databases that consist of pre-computed password-hash combinations which correlate plaintext passwords with their hashes.

An image showing that adding the salt "abc" to the end of the password "p@ssw0rd" changes the hash stored in the database. This means that an attacker who has stolen the hash won't find a match in their rainbow table and discover the user's password is "p@ssw0rd".

Cybersecurity: Physical Attacks

In Cybersecurity a physical attack refers to an attack that uses physical means to carry out the attack. This can include an attacker’s physical body as well as physical devices given to victims.

Cybersecurity: Skimming

In Cybersecurity, skimming refers to a physical attack technique which uses a fake card reader in order to skim, or copy, a smart card’s data. This can include ID cards, credit cards, and other smart cards.

Skimming is an example of a physical attack because skimmers rely on proximity to smart cards or installation on public card readers like ATMs.

Cybersecurity: Card Cloning

In Cybersecurity, card cloning refers to a physical attack technique which an attacker makes copies of an existing smart card. Card information might be gained by an attacker by using another attack known as “skimming”.

Malicious Flash Drive

A malicious flash drive refers to a physical attack method where a malicious flash drive or a malicious Universal Serial Bus (USB) cable is inserted into a victim’s computer. This attack preys on a victim’s ignorance and trust in devices.

These malicious devices are typically loaded with malicious programs that expose and compromise the victim’s computer upon insertion. The malware will be run such that the victim is unaware of the malicious activity on their computer.

Prevent Adversarial AI Attacks

Methods of preventing adversarial artificial intelligence (AI) attacks include:

  • Keeping machine learning (ML) algorithms secret
  • Training algorithms to detect and block adversarial AI attack attempts

Adversarial AI

Adversarial artificial intelligence (AI) is a method used to identify vulnerabilities and attack vectors to circumvent security systems.

Cybersecurity: Tainted Trained Data

A tainted training data attack is an adversarial artificial intelligence (AI) attack technique that ruins public machine learning (ML) algorithms by supplying them with bad, or “tainted”, data.

In some cases, the victim of this attack may be tricked into unknowingly training their algorithms with the tainted data.

Supply Chain Attack

A supply-chain attack is a cyber attack that attempts to harm an organization by targeting vulnerable parts of its supply chain.

One of the more recent real-world examples of a supply-chain attack affected a company known as SolarWinds.