Malware – Who, What, When, Where, Why, and How
One of the largest threats to modern day businesses is the threat of a cyber attack. Both businesses and home users need to be on constant guard to avoid being targeted by a hacker or some form of computer virus. Viruses are not the only threat though, there are so many other types of software used for malicious purposes that we have taken to calling them all ‘Malware’ which is short for Malicious Software.
Who: Malware is created by anybody with sufficient knowledge of programming and computer vulnerabilities. Malware has been created by individuals in the interest of self profit, businesses in the interest of preventing piracy, and nations in the interest of defense. Targets of cyber attacks and malware are the general public, high profile individuals, and businesses. Different ways of getting to the targets are used depending on the target.
What: Malware consists of computer viruses, spyware, ransomware, adware, trojans, worms, rootkits, any pretty much any other piece of software that one could consider to be malicious. Today one of the most common forms of malware is adware. According to this article 5 percent of all web users are infected with some form of adware. The title of most dangerous likely goes to ransomware. Ransomware is a form of malware designed to infect user computers, encrypt all of the data so the user no is able to access any file on their PC. The software then holds it for ransom by displaying a message asking the user to make a payment to get their data back. Depending on how it spreads this malware can be crippling to businesses, completely destroying their ability to conduct regular business.
When: For all users and businesses malware infections happen any time they leave themselves open and vulnerable. Examples include disabling firewalls, disabling the anti-virus, not reading carefully through program installers, not updating software and operating systems to fix security holes, the list goes on seemingly forever.
Where: Thanks to the internet, anywhere. Any network connected computer can be targeted by malware remotely from any location on Earth as long as there is an internet connection at that location. Even non-network connected computers are vulnerable to attack through other mediums such as CDs and USB drives. A rather famous case of this is the Stuxnet computer worm that was deigned to cripple the Iranian Nuclear Program.
Why: Malware exists because someone stands to gain from it existing. People who develop malware can make great profits from it by serving ads the user, extorting them for their data, and selling their personal information (Such as SSN, Credit Card, Bank Info) to the highest bidder. Some develop malware for political gain or national defense but most do it for money.
How: There are many methods for malware to infect a computer. Sometimes, especially with targeted attacks, a developer will spend a very large amount of time researching their target, documenting all of the company processes and discovering vulnerabilities in their systems. They will then develop an exploit specific to the company that uses these weaknesses and vulnerabilities to attack a computer. Most of the time, however, cyber attacks happen due to poor user training and bad security practices. A few examples of poor user training include:
- Clicking on unknown/untrusted emails and attachments
- Disabling firewalls and anti-virus software
- Weak passwords
- Passwords used for multiple sites
- Leaving computers unlocked and websites logged in
- Clicking through installers without reading what they want to do
- Inserting unknown media such as CDs and USB drives into the computer
Good security practices prevent this from happening however. A few examples of good practices that prevent these user training problems include:
- Not providing administrative rights to users
- Enforcing strong password policies
- Forcing a user time out so the computer locks itself after a certain amount of time
- Disabling auto run so malware included on USB drives and CDs does not automatically start upon insertion.
Malware is and always will be a threat as computer security experts continue to strive to beat the hackers developing the malware. You can protect yourself by being aware of it and taking steps to prevent it from infecting your PC and spreading.