Malware

From Clinfowiki
Revision as of 00:13, 18 November 2015 by RoniMV (Talk | contribs)

Jump to: navigation, search

Software that gets installed on your computer by bundling with other downloadable programs, emails, files sharing or exploiting security holes in the system [1]. The severity of malware infection varies from simple advertisement pop-ups to stealing of important information from your computer like data and passwords [2].

Types of malware: Spyware, Trojan horses, Viruses, Worms

References

  1. Runciman, B. (2011). Malware Response. ITNOW, 53(6), 34-36. http://itnow.oxfordjournals.org/content/53/6/34.short
  2. https://ist.mit.edu/security/malware


Malware cont'd

Malware is a word derived from two words :malicious and software. It refers to any type of programming intended to cause harm. Malware can exist in many forms and the most common are viruses, worms, spyware and Trojan horses.

The effects of a malware infection can range from corrupt files, altered or deleted data, disclosure of confidential data, disabling hardware, denial of legitimate user access and even hard drive crashes. The consequences of a malware infection can be devastating for the individual or organization and can result in compromised systems, lost or stolen data, slow down of systems, wasted resources and loss of users and client confidence. Often malware is designed to send itself from the user’s email account to all contacts in their address book.

Types of Malware

The main types of malware are:

Viruses are programs that self -replicate within computers and across networks and alter files or data. While they usually require the user to action the executable file in an e-mail attachment for example, some can execute as embedded programming in the e-mail message itself.

Worms are a virus variant that can infect a computer without any user interaction. A worm doesn't alter files, but resides in active memory and duplicates itself thereby slowing the system down. Worms use parts of an operating system that are automatic and usually invisible to the user.

Trojans are malicious coding hidden in within innocuous programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. A Trojan horse may be widely redistributed along with a virus.

Spyware is programming that installs onto your computer and secretly gathers information to relay to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program. Although not malicious in intent, spyware is often installed without consent and even without the user's knowledge sometimes as a result of clicking in a deceptive pop-up window.

Browser hijackers are programs that alter the computer's browser settings so that it redirects to Web sites the user had no intention of visiting. Most browser hijackers alter default home pages and search pages to those of their customers, who pay for that service because of the traffic it generates. Poorly coded browser hijackers may also slow down the computer or cause browser crashes.

Blended Threats

Blended threats combine characteristics of more than one type of malware to maximize the damage they cause and the speed of contagion. Although each type of malware has defining characteristics, the distinctions between them are becoming blurred because blended threats are becoming increasingly common.

hybrid virus - one that combines characteristics of more than one type of virus to infect both program files and system sectors. The virus may attack at either level and proceed to infect the other once it has established itself.

hybrid virus/worm - malicious code that combines characteristics of both those type of malware, typically featuring the virus’ ability to alter program code with the worm's ability to reside in live memory and to propagate without any action on the part of the user.

How bad is the malware problem?

2003 was the worst year to date for malware attacks and indications are that the number and severity of attacks will only increase. Some statistics:

  • Code Red infected every vulnerable computer on the Internet within 14 hours; Slammer did the same in 20 minutes. An IM exploit could spread to half a million computers in just 30 seconds (Symantec Security Response)
  • In 2001, one in 300 e-mails contained a virus; for 2004, that number is predicted to be one in 100 (MessageLabs)
  • Attacks increased tenfold in the past ten years, from 1,334 reported attacks in 1993 to 137,529 in 2003 (CERT Coordination Center)
  • 20-40 new or variant virus threats were reported daily to TrendMicro in 2003
  • The number of attacks between January and June, 2003 exceeded 70,000 -- double those of the previous year (Reuters)
  • Ninety-two out of 300 randomly selected companies suffered a major (more than 25 computers affected) virus attack in 2003 (Computer Virus Prevalence Report)
  • Companies in the above survey reported that 11% of their computers were infected in any given month (Computer Virus Prevalence Report)
  • Spyware is responsible for about a third of all Windows application crashes (Scott Culp, Microsoft)
  • Viruses cost businesses around the world $55 billion in 2003, up from $13 billion in 2001 (TrendMicro)

What are the future trends for malware distribution?

Although most widely distributed malware of recent years has arrived via e-mail attachment, infected Web sites and program downloads are having an increasing impact. There are concerns that almost every Web site has serious vulnerabilities that allow a hacker easy access. As security isn't in-built for Web applications, an attacker can often hack into a site by viewing a Web page's source, grabbing some information from the commented code, and entering it into the address bar.[1]

References

  1. Marshall Brian ‘How Computer Viruses Work’ http://computer.howstuffworks.com/virus.htm