Bloomberg Anywhere Remote Login Bloomberg Terminal Demo Request


Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.


Financial Products

Enterprise Products


Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000


Industry Products

Media Services

Follow Us

Bloomberg Customers

Understanding Cyberspace Threats

Posted by: Rod Kurtz on February 4, 2009

SQL injection. Drive-by downloads. Social engineering. Rootkits. Malware. Rogueware. To the busy small business owner these words and phrases might sound like gibberish, but they’re actually terms that describe some of the more destructive security risks lurking in cyberspace today. Since the first step in helping prevent harmful hacker attacks to your company computers is getting up to speed with the ever-evolving threat landscape, here’s a brief overview:

Malware. Short for malicious software, it includes all forms of computer viruses, worms, Trojan horses, rootkits, spyware, dishonest adware, crimeware, and other malicious and unwanted software. When you see the word "malware" in a news story or threat report, keep in mind that it covers a variety of forms of hostile, intrusive, or annoying software or program code.

Rootkits. Popularized by the Sony digital-rights management case, a rootkit is a form of malware that allows an attacker to maintain a stealthy presence on an infected computer. Rootkits are typically used in spyware and other programs to avoid detection and allow another piece of malware to monitor traffic and keyboard strokes. A rootkit is considered the most insidious form of malware.

SQL injection. SQL injection is an attack technique used by hackers to insert malicious code into the database layer of a Web application. These types of attacks are typically used to plant harmful code into hacked Web sites and use that code to launch drive-by-downloads against end users.

Drive-by downloading. Drive-by downloading is a catch-all name for malware that gets installed on a computer when a user simply surfs to a (maliciously rigged) Web site. Over the past year, there has been a dramatic surge in these types of attacks where a hacker uses SQL injection to infect legitimate Web sites for use in drive-by download attacks. The exploits used in these types of attacks typically target unpatched vulnerabilities in desktop applications, so the best defense for this is to adopt safe browsing habits and ensure that all installed software programs are fully updated.

Rogueware, fraudware, or scareware. These are types of malware that attempt to trick computer users into buying useless and dangerous software. They typically generate a legitimate-looking pop-up warning that purports to be antivirus or antispyware software or a registry cleaner. These are fake warnings that claim the computer is infected with a large number of viruses and point the user to a Web site to pay for a virus cleaner. Rogueware/fraudware/scareware is such a big problem that Microsoft recently added removal detections for this class of attack and removed fake security software programs from 994,061 distinct machines, most in the U.S. and Europe.

Ryan Naraine
Security Evangelist
Kaspersky Lab, Americas
Woburn, Mass.

Reader Comments

Bevan Y. Howard

February 4, 2009 5:35 PM

I could not agree more in regards to the malicious malware marketing campaigns that are exercised all over the net. For example, I just recently started a new online small business called and I was doing some back linking and a pop up offer intrigued me on a random link directory site. I purchased it and it ended being nothing more than a virus and a company that kept my money and disappeared after further investigation the following week. This type of occurrence is completely unethical and quite ridiculous.


Bevan Y. Howard

Steve Jenson

March 5, 2009 9:09 AM

Yeah, unfortunately these kinds of businesses are all too common. With respect to registry cleaners, for example, our website,, gives all the basic info about what they are, who they are for, and when and why you would want to use them. We also provide a review of some of the top registry cleaners available on the market.

Registry Cleaners

Post a comment



Want to improve the way you run your business? Entrepreneurs, academics, and consultants from diverse industries offer practical advice on a variety of topics each business day.

To submit a tip for consideration, first check our archive of previous tips to make sure you're not repeating a tip someone has already contributed. Then send the tip to Small Business channel contributor Michelle Dammon Loyalka. Because of the volume of material she receives, she may not respond to each individual.

BW Mall - Sponsored Links

Buy a link now!