Cybersecurity Awareness Month : Malware Basics

As National Cybersecurity Awareness Month comes to a close, please enjoy this article to help you brush up on your Malware basics. Additionally, check out our other cybersecurity articles from this month on Smart Devices and Deepfakes.

Have you ever experienced sporadic odd behavior on your computer and wondered what was going on?  Malware (malicious software) encompasses a wide range of software that is designed to disrupt, damage, or gain unauthorized access to a computer system.  You may not even realize your computer has been infected or that you’ve been targeted for monitoring and exploitation.  Some forms of malware are capable of using your computer’s processing power and accessing your Internet connection to assist hackers trying to generate income, steal personal information, or perpetrate destruction.

Malware Warning Signs:

  • Computer is running slow.
  • Computer or applications are constantly crashing.
  • Icons for unknown applications or strange windows are popping up.
  • Browser is taking you to websites you did not try to access.
  • Password no longer works even though you know it is correct.
  • Programs are opening and closing automatically.
  • Your usual homepage is not appearing.
  • Unknown programs start up when you turn your computer on.
  • Files are missing or new files appear.
  • Storage space is depleted.
  • Pop-up window appears indicating your computer has been encrypted and a ransom is being demanded to get your files back.
  • Your contacts are receiving spam emails from you that you did not send.
  • Credit card charges or bank withdrawals that you never made occur.

Antivirus software is designed to detect, neutralize, and remove malware. Such software and other system analysis tools can monitor and scan for threats and vulnerabilities on your company or personal network and endpoints.

Security Best Practices:

  • Install a trusted antivirus software on your personal equipment, and keep it up-to-date.  It should typically be updated daily.  Many ISPs (Internet Service Providers) offer free antivirus software if you’re paying for Internet access.
  • Don’t forget to consider your phone and other mobile devices.
  • Keep all software including your web browser up-to-date.
  • Regularly backup your data.  Periodically, verify that you can restore the files.
  • Avoid clicking on any pop-up advertisements.
  • Never click on any links embedded in a suspicious email.  Instead, open a browser and hand type the website address.
  • Avoid using public charging stations or cables that do not belong to you.

Malware is constantly evolving and a pervasive threat.  Malware categories, some listed below, are varied and inventive in their design and intent.

Types of Malware

 

Virus

 

A virus attaches itself to a host program or file and has the ability to replicate itself.  Similar to its biological counterpart, it spreads from one computer to another.  When the host program is run or opened, the virus is activated.  Once the virus infects a computer, it can infect other computers on the same network.

When a file with a virus attached is copied onto a memory stick or is sent via the Internet, the virus goes with it.

Worm

 

A standalone process that often relies on security vulnerabilities on a target computer and does not require human activation to spread.  Worms are self-replicating, do not need to attach themselves to a software program, and infect networks.

Worms may modify and delete files, inject additional malware, steal data, install a backdoor to allow a hacker to gain control, or keep copying themselves to deplete system resources, such as hard drive space or bandwidth.

 

Ransomware

Software that infects, locks, or takes control of a system with the intention of extorting money from the owner in order to restore the system to its original working order.  Typically, data is encrypted then a ransom is demanded with the promise of decrypting the data upon payment.  Criminals and their promises cannot be trusted; consequently, it is important to have a backup of your data to protect against this threat.

 

Spyware

 

Often installed on a machine when downloading a file, program, or application.  When you click the install wizard, you may overlook giving consent.  Spyware gathers data and shares it with third-party companies for marketing purposes and has been associated with identity theft.

Keylogger

A type of spyware used to record keystrokes made on a computer.  Typically, keystrokes are stored in a file and can be manually or automatically sent to an attacker.

Keyloggers may be installed when you click on a link or attachment in a phishing email, visit a malicious site, or open a file attachment on an infected site.  As you type, they intercept data, such as passwords, PIN codes, and account numbers.

Adware

 

Advertising-based malicious code that often ends up on your machine without realizing you gave consent when you clicked through an install wizard.  Adware may show up as extra components, such as toolbars, in the browser.  When advertisements you may not normally see are displayed or clicked, revenue is generated for the developer.  In addition, your personal information may be sold.
 

Trojan

Trojans are disguised as legitimate programs, such as games, disk utilities, or even antivirus software and do not self-replicate.  They require execution by the target and are designed to deliver malware, steal data, or plant a backdoor on a system.  A backdoor enables an attacker to access a system by bypassing its security.
 

Botware

 

 A bot is a software robot or program that performs an automated repetitive task. Botware is self-propagating malware that infects its host and connects back to a centralized server that functions as the command and control center for a botnet.

Comprised of the words robot and network, a botnet is a group of computers connected together to perform a task and requires a large number of infected devices to do the work directed by a command and control center.  Botnets steal the computer resources of infected devices, which are often referred to as “zombies.”  You may not even realize your computer is part of a botnet and has been hijacked by a hacker.

Botnets are used to facilitate phishing and spam attacks in addition to launching DDoS (Distributed Denial-of-Service) attacks, which typically target websites and online services.   DDoS attacks overwhelm the target with more traffic than it can handle with the intention of rendering it inoperable.

Rootkit

 

Software that provides constant administrator-level access to a computer or network without being detected.  Even a reboot does not exterminate the rootkit.  The root portion of the word originated from the traditional top-level directory name of a file system.  Kit refers to the software components, such as utilities, scripts, libraries, and other files, that are used to implement the tool.  If access is gained, a hacker can perform any operation and may attempt to hide traces of unauthorized access by modifying or hiding certain files and ending active processes.

Author Sasha Aronson

More posts by Sasha Aronson

Leave a Reply