1.
Executive Summary Information technology is increasinglyplaying an important role in work and daily lives of citizens. Computers,communications, digital information software – the constituents of theinformation age are everywhere.And with the increasingly dependence onInformation Technology in recent times, we are exposing ourselves to a widerrange of information security attacks.There are many types of computer securitythreats in this world. Some are quite harmful while some are totally harmlessalthough annoying. There are also some which does not do any damage to yourcomputer, but has the capability to empty the numbers in your bank account.The Internet is no longer thesafe haven it was many years ago.
Malware is on the rise and can be found inall corners of the Internet. By simply navigating to a website or opening anemail, you are at risk of infecting your computer. A Research has been carried out to study on a couple of thesesecurity threats and I will like to elaborate more on 2 of such threats.Malware and (?). They are popular and once left unchecked could cause realtrouble. 2. Malware 2.
1 Description Malware is the abbreviation of the words malicious andsoftware. The term refers to software that is deployed with maliciousintention. To explain it in simple terms, malware is any piece of software that was written with theintent of doing harm to data, devices or to people.
Software thatdoes anything that itdidn’t tell you it was going to do can be considered as malware.Crime syndicates creates these malwares mainly with theintention to carry out cyber-attacks on financial institution because theseinstitutions operate software that track ownership of monetary assets. Malwareis frequently used to steal information related to monetary terms, such aslogin information, credit card and bank account numbers. Malware threat is on the rise due tothe large volume of new types created daily and the lure of money that can bemade through them. Malware was originally created as experimentsand pranks, but eventually led to vandalism anddestruction of targeted machines. Today, much of malware is created for profitthrough forced advertising (adware), stealing sensitive information (spyware),spreading email spam or child pornography (zombie computers), or to extortmoney (ransomware).
2.2 Nature of threat Malware is simple to deploy remotely and tracking the originof malware is difficult. Because of these 2 factors, there is a demand formalware providers to continuing supplying black markets both malware and theinformation that it has collected. There are many forms of Malware as software. It can bedeployed on desktops, servers, mobile phones, printers, or even programmableelectronic circuits.
Sophisticated attacks have confirmed data can be stolenthrough well written malware residing only in system memory without leaving anytraces in the form of persistent data. Malware has been known to disablesecurity protection mechanisms such as desktop firewalls and anti-virusprograms. Some of these malwares, if well written have the ability to bypassauthentication, authorization, and audit functions. It can configureinitialization files to maintain presence even after an infected system isrebooted. Upon execution, sophisticated malware may self-replicate and/or liedormant until summoned via its command features to extract data or erase files. Some of the more common types of Malware and their uniquetraits and characteristics are as follows: Virus: A virus is the most common type of malware, and it’ is known as a malicious program that can execute itself and spreads by infecting other programs or files. Viruses attach themselves to files and infect other clean files.
They spread quickly without control, damaging a system’s functionality, through deleting or corrupting files. Viruses normally exist in the form of an executable file. Trojans: Trojans disguises itself as a legitimate software, or is included in legitimate software that has been tampered with.
Once activated following installation, Trojans can execute their malicious functions Spyware: Spyware is malware designed to spy on you. It hides in the background and takes notes on what you do online, including your passwords, credit card numbers, surfing habits and more. Worms: Worms infect entire networks of devices, either local or across the internet, by using network interfaces. It uses each consecutive infected machine to infect more systems. A worm is a type of malware that can self-replicate without a host program; worms typically spread without any human interaction or directives from the malware authors. Ransomware: Also known as scareware, this kind of malware can lock down your computer and threaten to erase everything unless a ransom is paid to its owner. It is designed to infect a user’s system and encrypt the data. Cybercriminals then demand a ransom payment from the victim in exchange for decrypting the system’s data.
Adware: Normally not malicious in nature, they are really annoying by aggressively giving you advertisements through endless pop-ups. These can also undermine your security which can give a lot of other malware a way into the system. Slows down your computer too. Rootkit: It is a type of malware designed to obtain administrator-level access to the victim’s system. Once installed, the program gives attackers root or privileged access to the system.· Keylogger: It is a spy softwareinstalled on a computer, it can also be a spying device plugged onto acomputer. They save all text typed keys using a computer keyboard.
Thesekeylogger program have advanced features such as taking screenshots, sendingreports to email, storing browsing history or history of frequently accessedapplications. Keystrokelogging is when a piece of malware tracks every keystroke you make on yourcomputer’s keyboard. Based on the keystrokes, hackers will be able to identifyor guess login IDs and passwords to bank accounts and whatever other websitesyou may be visiting. Remote Administration Tools (RATs): Software that allows system to be controlled remotely. Initially built for legitimate use, but is now being exploited by cyber criminals. They allow intruders administrative access, allowing the attacker to do almost anything on an infected computer. Difficult to detect as they do not show up in list of running programs or tasks. Often these actions are mistaken as legitimate programs.
· Botnets: Short form for “Robotnetwork”. These are networks of infected computers under control of attackersusing command and control servers. They are highly versatile and adaptable.Able to maintain resilience through redundant servers and by using infectedcomputers to relay traffic. They are often behind today’s distributeddenial-of-service (DDoS) attacks. The attacker repeatedly loads a website withfake requests with the intention of making it unreachable. Browser hijacker: Software that modifies your web browser. 2.
3 Threat MitigationMalware can infect a computer or other device in many ways. Most ofthe time it usually happens completely by accident, installed by you yourself.Overlooking what you are doing and rushing through program installations thatinclude malicious software. Many programs install malware-ridden toolbars,download assistants, system and Internet optimizers, bogus antivirus software,and other tools automatically.
..unless you tell them not to.Some malware can be infected on your computer by taking advantage ofsecurity vulnerabilities in your operating system and software programs.Outdated versions of browsers, and often their add-ons or plug-ins as well, areeasy targets.
Another common source of malware is via software downloads that seemto be something safe like a simple image, video, or audio file, but in fact itis a harmful executable file that installs maliciousprograms.The only way to really stay protected or removean infection is by using anti-malware software, more commonly known as anantivirus. The best malware removal tools are included in the most advancedantivirus. Free software like AVG antivirus FREE have all you need to stay safefrom the most common threats.
They index the countless malwareapplications that exist and act as a barricade against infiltration.And if you do not install any third-partyantivirus or firewall programs, Windows offers its own built-in firewall andantivirus protection too. Many users make mistakes by turning off the built-infirewall and antivirus software provided with them. Unless you are using otherantivirus software with a firewall function, these features should never beturned off. The best protectionfrom malware continues to be the usual advice: be careful about what email attachmentsyou open, be careful when surfing and stay away from suspicious websites, andinstall and keep an updated and quality antivirus program.How do you knowif your system is possibly affected by these troublesome malwares? Listed beloware some symptoms and recommendations.
Apart from these recommendations, installationof anti-malware software or at least update your seemingly outdated software.SLOWDOWNDoesit take longer than normal for your operating system to boot up? Are someof your programs taking a long time to start?It is a known fact that malware hasthe tendency to slow down your operating system, your Internetspeed or the speed of your applications.If you notice something like thisand you’re not using any resource-heavy program or application, check for othercauses first. It may be a lack of RAM memory, a fragmented system, a lack ofspace on your hard drive or maybe a hardware issue affecting your drive. If you have already thoroughlyverified these possible causes and all seems fine, you can start considering apotential malware infection.
POP-UPSOne of the most annoying signs ofmalware is represented by the unwanted pop-up windows. Unexpected pop-ups whichappear on the system are a typical sign of a spyware infection.The main issue here is not onlyby the numerous pop-up windows that affect your Internet navigation, but alsobecause it is quite difficult to remove them from the system.Pop-ups are not only annoying,but they usually come bundled with other concealed malware threats, and whichcould be far more destructive for our systems.To avoidspyware andits impact on your systems, keep in mind a few security practices advisedearlier.· Do notclick any suspicious pop-up windows· Do notanswer unsolicited emails/messages· Becareful when downloading free applications3.CRASHESIf your programs or your systemcrash constantly or the infamous BSOD(Blue Screen of Death) appears regularly, it’s a clearwarning that your system is not working properly and you should check it up.It could be due to technicalincompatibility between your newly installed software and hardware, but theyhave been working fine before, it might be due to a malware attack.
4. SUSPICIOUS HARD DRIVE ACTIVITYAnother warning sign of apotential malware infection on your system is the hard drive activity.If you notice that your disk continues to exhibit excessive activity evenwhen you don’t use it and there is no program or download running at thatmoment, this could be the right time to check your system for malware. Thoughit could also be due to hardware failure of the disk too.5. RUNNING OUT OF HARD DRIVESPACERegarding the hard drive, youalso need to check if your physical storage space has been increasing lately orif some of your files disappeared or changed their names.This is another sign of malwareactivity, since there are numerous types of malicious programs which usevarious methods to fill up all the available space in the hard drive and causeit to crash.6.
UNUSUALLY HIGH NETWORKACTIVITYThere are cases where the user isnot connected to the Internet through his browser, and there is no program thatmay connect to online servers to download or upload any data, but high networkactivity can still be observed.7.NEW BROWSER HOMEPAGE, NEW TOOLBARSand/or UNWANTED WEBSITES ACCESSED WITHOUT YOUR INPUTHaveyou noticed that your home page has been changed and you don’t remember doingit yourself?Did a new toolbar pop out of nowhere and landed at top of your web browser?Have you tried to access your favourite blog, but you were redirected to adifferent address?This usually happens when youvisit a website and you accidentally click a link or a pop-up window. Thistriggers unwanted software to download and install on your device. Its effectsare not only annoying, but also malicious.
UNUSUAL MESSAGES OR PROGRAMS THATSTART AUTOMATICALLY· You seeprograms opening and closing automatically without your input· yourWindows operating system shutting down without reason· if younotice strange windows in the booting process· or ifWindows informs you that you’ve lost access to some of your drives.9. YOUR SECURITY SOLUTION ISDISABLEDIf your antivirussolution doesn’t seem to work anymore or if the Update module seems to bedisabled, then check to see what happened immediately!You should know that some typesof malware are especially designed to disable security solutions, leaving youwithout any form of defence. If you already tried rebooting your computer,close and open the security solution and all your troubleshooting efforts wereuseless, you could consider the malware infection scenario.10.
YOUR FRIENDS TELL YOU THATTHEY’RE GETTING STRANGE MESSAGES FROM YOUYourfriends telling you that they received suspicious emails from you or instantmessages from your social media account, which often include attachments orlinks?Firstly, you need to verifywhether those emails or messages were sent from one of your accounts (so checkyour Sent Items folder in your email/social media account). If there’snothing there, those messages could have been delivered from an applicationwhich is out of your control.If you discover the messages weresent from one of your accounts, take these steps:· Make sure you logged out from all your accounts. We access the same accountson our work computers, on our home laptops and of course, on our mobiledevices.
Since we log in to our favorite online accounts on so many devices, itcan happen that sometimes we forget to log out. Therefore, always make sure tolog out from your online accounts on all devices.· Set strong passwords for your accounts.
Don’t use the same password for all youraccounts! Even if you are hacked, having different passwords for each accountwill help you limit a potential loss. Make a habit of managing your passwords safely.· Use two-factor authentication. This authentication can significantlyincrease your control over your accounts’ security. Using two-factorauthentication means that, besides entering your credentials, you will alsoneed to enter a code sent to your phone.11. NEW, UNFAMILIAR ICONS ONDESKTOP + BATTERY LIFE DRAINS QUICKLY· If younotice unknown and new icons on the desktop of your computer without youinstalling it, you may have downloaded a piece of software that contains potentially Unwanted Programs).
Theyare considered to be malware and can do a lot a damage by collecting privateinformation, showing annoying ads or pop-ups on the desktop or adding toolbarson your browser.· Is yourlaptop battery life is draining fast? You may have lots of applications andprogram running, such as games or streaming services, or, the worst scenario,it could be a virus infection affecting your device. This mainly happenedbecause most of the devices didn’t receive the latest system updates, makingthem vulnerable to cyber attacks.· 12. YOU SEE UNUSUAL ERROR MESSAGES· If yousee unusual error messages saying that you have missing or corrupt filesfolders on your computer, it could be a warning sign that is infected withmalware. 13. YOU ARE UNABLE TO ACCESS THE CONTROL PANEL,TASK MANAGER, REGISTRY EDITOR OR COMMAND PROMPT· This isanother sign that your computer is vulnerable and exposed to potential cyberattacks.
To keep your PC safe and protected, it’s recommended to run a fullscan of your system using a good antivirus program. How Do You RemoveMalware?Aside from the most serious of malware infections, most areremovable with some simple steps, although some are easier to remove thanothers.Many common types of malware are actual programs like the legitimatesoftware you use every day. Those programs can be uninstalled, just likeanything else, from Control Panel, at least in Windowsoperating systems.Other malware, however, is more complex to remove, like rogue registry keys and individual filesthat can only be removed manually. These types of malware infections arebest removed with anti-malware tools and similar specialized programs. 3 ConclusionIt is no surprise that malwarewill continue to advance and automate some of its most effective manual attacktechniques.
As enterprise malware defence measures become more sophisticated,malware will inevitably find new methods to circumvent them. In order tocontrol and mitigate potential attacks, constant attention and action isrequired from enterprises. Enterprise security controls and technologies will needto be vetted constantly to ensure they are effective against current attacks.Changing security programs and controls when new attacks or vulnerabilities arediscovered is essential to stay ahead.Knowledge is our best weaponKnowinghow malicious software behaves on a regular system may just prove to bethe key element between staying safe andhaving your system wrecked or your online identity stolen.
Since welive in a connected and complex environment, online security doesn’t end withinstalling a series of security programs and forgetting about them. It’sessential that we also understand how malware behaves on the system, so we canmitigate its impact.In the end, it is our knowledgeof malware tools and methods that keeps us safe, because it is fareasier to prevent a threat from becoming reality than to take actionsagainst it when it’s already too late. 3 Citationhttp://www.itscolumn.com/2012/03/28-types-of-computer-security-threats-and-risks/https://www.nist.gov/sites/default/files/documents/itl/BITS-Malware-Report-Jun2011.pdfhttps://www.detective-store.com/blog_en/what-is-a-keylogger-and-how-does-it-work/The goal of malware(https://www.tomsguide.com/us/what-is-malware,news-18482.html)How malware works (http://searchsecurity.techtarget.com/definition/malware)https://heimdalsecurity.com/blog/warning-signs-operating-system-infected-malware/https://www.lifewire.com/what-is-malware-2625933(https://www.bullguard.com/bullguard-security-center/pc-security/computer-threats/malware-definition,-history-and-classification.aspx)https://blog.sitelock.com/2016/06/what-is-malware/