Free Essay

What Is Malware

In: Computers and Technology

Submitted By smorin711
Words 3391
Pages 14
Table of Contents

What Is Malware? ..………………………………………………………… 3
History of Malware …………………………………………………………. 4
Types of Malware …………………………………………………………… 5
How to Prevent Malware …………………………………………………… 7
Attacks on Mobile Devices …………………………………………………. 9
Conclusion …………………………………………………………………. 11
References ……………………………………………………………………. 14

What is malware Malware, short for malicious software, is any type of software that is used in order to disrupt regular computer operations, gather sensitive information, or gain access to private computer systems. Malware is not something new to computers; it is as old as software itself. Programmers have been creating it for as long as they have been creating legitimate software. There are many different reasons as to why a programmer would create such malware. Some programmers create malware for reasons as simple as pranks and experiments or more serious and organized Internet crime malware. There are many different types of malware that will be explained later but one must know that each type of malware attacks a computer in a different way and causes different levels of damage. (What is Malware, 2014) Creating malware is a very vicious thing to do. It attacks an individual’s computer without the knowledge of the user and before they know it, personal information is stolen and the computer is damaged. What would make someone want to create such a thing? In the earlier stages of software development, programmers wrote malware mainly for pranks that were played on fellow co-workers, or to simply “show off” one’s technical skills. (What is Malware, 2014) Now a days, programmers have figured out that they can make a pretty decent amount of money by successfully exploiting malware to their advantage. Programming malware has now become a way to defraud individuals and organizations of all sizes for financial gains. These, so called, criminals have gone to the extent of stealing individuals personal banking information to transfer money from the user’s bank accounts into their own accounts. They are also able to attack corporations with distributed denial of service attacks and ask for money in exchange for an end to the attack. Malware has transformed through out the years into harmful and destructive software. (What is Malware, 2014)
History of malware Malware had its start in the 1980s where most viruses were found in universities. Computers and systems were infected through floppy disks at this point. The most notable malware “included Brain (1986), Lehigh, Stoned, and Jerusalem (1987), the Morris worm (1988), and Michelangelo- the first headline grabber- in 1991” (Landesman, 2014). As the mid-90s rolled around, malware was infecting business networks more frequently. Towards the end of the 90s malware was making its way into home computers and emails. Once attackers found successful ways to target home users, they were able to write malware that would go after their personal information. It wasn’t until the early 2000s that worms (a type of malware) were making news headlines for attacking Internet services and emails. Some of the most famous worms included, “Loveletter- the first high-profile profit-motivate malware (May 2000), the Anna Kournikova email warm (Feb 2001), the March 2001 Magistr (which, like CIH before it, also impacted hardware), the Sircam email work in July 2001 which harvested files from the My Documents folder, the CodeRed Internet worm in August 2001, the Nimda-a Web, email and network worm in September 2001” (Landesman, 2014). Throughout the 2000s, malware became strictly a profit-motivated tool. Internet users experienced an immense amount of out-of-control popups and other Javascript bombs. The Internet soon became a ticking time bomb for pop ups and unwanted ads. Phishing and other credit card scams started to take off during the 2000s as well. The advancement in malware during the 2000s seemed to be too speedy for protection software to keep up. As technology began to standardize, many types of malware were able to find sturdy ground to advance on. The viruses that were written to attack Microsoft Office products were able to gain greater distribution through email. With the increase use of broadband Internet, Internet worms became more viable. The easiness to distribute these worms accelerated with the increase in use of the Web. Since 2007 until now the number of unique and creative malware has continued to grow exponentially. Programmers have become so creative with the creation of malware. There is simply no limit. Now that user’s have switched to mainly using handheld devices, there is no telling what forms of malware will be created.
Types of malware Malware comes in many forms. The most common types of malware are viruses, worms, spyware, Trojans, zombies, and rootkit. Each form of malware attacks a user’s computer in a different way. Some forms of malware are easy to manage and remove, others are more difficult and sometimes result in the destruction of a computer or stolen personal information. It is best for computer users to understand the difference between the types of malware in order to identify it quickly and address the problem within a timely manner. A virus is the most well known form of malware. Viruses are very similar to human viruses in the sense that they are able to self-replicate. The most interesting aspect of a virus is that its main purpose is not to cause damage, but to replicate itself onto another host so it is able to continue to spread throughout the computer. This is accomplished when a virus attaches itself to a piece of software and continues to reproduce once the software is run. Viruses mainly spread when software or files are shared between computers. Surprisingly, damage is not always the main side effect of a virus infection. (What is Malware, 2014) Worms are very similar to viruses in certain ways. What differentiates the two is the fact that worms are network-aware. When dealing with viruses they have difficulty transferring from computer to computer, worms do not. Worms are able to do this because they constantly seek for new hosts on the network and infect them. Unlike viruses, worms are able to infect computers globally within seconds. For this reason alone, controlling or even stopping worms is very difficult (What is Malware, 2014). Spyware is a type of software that “spies” on you. It tracks a user’s activity on the Internet in order to gather information and send advertisements based on the information received. This form of malware does not have any form of infection mechanism. Once the spyware is successfully installed on the user’s computer it is able to collect passwords, usernames, credit card numbers etc. (Gard, 2014). Trojans are considered the most dangerous form of malware. Their main purpose is to discover the user’s financial information or to take over the computer’s system resources. Trojans come disguised in many forms. Some of the most common disguises are in videos, games, pictures, and even known software packages. In each specific case the disguise is created to tempt to user to run it on their computer (Gard, 2014). A zombie functions similarly to spyware. The way that these two types of malwares infect a computer is the same, however the ways they are used are different. A zombie’s purpose is not to collect personal information from computers. Its main purpose is to stay dormant in a computer until the hacker acts on it to do something, turning them into zombie machines. Once this is accomplished the attacker is able to issue commands so all computers infected instantaneously sends network requests to a target host, overwhelming the host with traffic. (What is Malware, 2014) Lastly, a rootkit is considered one of the hardest forms of malware to detect and remove. It is designed in order to allow other forms of malware to get personal information from the user’s computer without them knowing. Experts say the only way to completely remove it from the user’s computer is to completely wipe the hard drive and reinstall everything from scratch. (Gard, 2014)
How to prevent it The effects of malware can range from simply being an annoyance to computer crashes and even identity theft. The act of removing malware is much more difficult than avoiding it. There is no expert training required to avoid malware. One must be careful and make sure that the documents or files being downloaded from the Internet are from trustworthy sites. The Internet is a very tempting place and it is sometimes hard to avoid certain promotions or ads. But when you click on ads from unknown websites, most likely you are downloading malware onto your computer. If you are unsure a website is legitimate or not the best thing to do is to leave the site and research the software the website is asking you to install. This allows you to look further into the software that is being “recommended” for installment from a website. If there is actual information about the software and what the software is used for then you are always able to revisit the initial site and install it. If it turns out that it was not legitimate software you successfully avoided a potentially harmful malware. When dealing with e-mails that may be spam, approach them with caution. When an email contains links or attachments make sure that the sender is a trusted person or company. If the sender is unknown avoid even opening the e-mail and delete it right away. (Phelps, 2010) Pop-up windows and illegal file-sharing services also come with the risk of harmful malware. Certain pop-up windows will try to corner you into downloading software or running a free “system scan”. Most of the time these types of pop-ups will include messages that inform you there are viruses on your computer currently. The user must close the pop-up without clicking anything inside the window. When downloading files illegally there is very little quality control on these sites. For this reason, it is easy for attackers to disguise a piece of malware as an album or movie to tempt you to download it. (Phelps, 2010) The first step in preventing malware is to be aware of the different forms it comes in. Know that attackers understand what works on user and what doesn’t. They know how to target a user and fool them into downloading something that is infected with malware. Fortunately, there are other ways to prevent viruses and malware then simply being aware. Installing and running anti-virus software is one of the most effective things you can do to prevent infection and attacks against your computer. There are software programs that directly target malware, spyware, and adware that strengthen your security software. Firewalls, boot the effectiveness of a computer’s anti-virus software. By continuously filtering what goes in and out of the user’s computer, it acts as an additional safeguard against outside threats. (Hooper, 2014)

Attacks on mobile devices Malware is now taking on a new form and attacking smartphones. Smartphones are mini computers that are handheld and just as easily infected by malware. Although the new platform of smartphones presents different challenges for hackers, malware writers are meeting these challenges head on. The mobile malware sector is in fact, growing at a more rapid pace technologically as well as structurally.
Mobile hackers are no longer lone hackers but part of a serious business operation. According to securelist.com, “There are various types of actors involved in the mobile malware industry: virus writers, testers, interface designers of both the malicious apps and the web pages they are distributed from, owners of the partner programs that spread the malware, and mobile botnet owners”
(Chebvshev&Unuchek, 2014). With the advancement in technology comes the advancement of malware. As stated before, there are many more participants in the creation and execution of malware now that devices have become more complex. Mobile malware is capable of doing everything computer malware does along with many other things. Mobile malware installs itself on an individual’s mobile device and from there is able to hack into e-mails, send out spam e-mail to all your current contacts, gain access to personal photos and videos, delete files and dates stored on the device, and ultimately initiate system-wide crashes. (Drew, 2014) Android remains a leading target for malicious mobile malware attacks. In 2013, 98.05% of all malware detected was targeted towards android. Thus proving the vulnerability of its structure as well as the popularity of the mobile OS. One of the most effective malware that attacks android was detected in mid-July 2013, Trojan-SMS.AndroidOS.Svpeng.a. It is explained as being “focused on stealing money from the victim’s bank account rather than from his mobile phone. It cannot act independently and operates strictly in accordance with commands received from the C&C server. This malicious program spreads via SMS span and from compromised legitimate sites that redirect mobile users to a malicious source” (Chebvshev&Unuchek, 2014). Once Svpeng is installed it is capable of collecting information about the smartphone, such as country, service provider, and operating system language, and then sends the information gathered to the host via the HTTP POST request. This is done in order to figure out the secure number of banks the individual uses. Currently, this type of attack is only taking place on clients with Russian banks. This does not mean it won’t soon transfer globally. In Russia, banks offer a servicer where the individual can transfer money from their bankcard to their mobile phone account. The customer is required to send text messages from their phone to a specific bank number in order for the transfer to occur. Sveng then sends out the corresponding messages to the SMS services of tow banks in order to infect the phone and find out the account balance. (Chebvshev&Unuchek, 2014) On top of all of this, android users globally encounter other forms of malware such as phishing, likejacking, and forcible redirect more than any other cellphone user. This, of course, is one of the biggest problems when dealing with an open source system. Tony Danova explains, “Clearly, allowing any number of third-party developers t infiltrate the system may ultimately lead to some malicious software floating around. Of course, sticking to Google Play and official app markets is likely the safest route” (Danova, 2014).
The iPhone does not experience this form of attack because Apple has a very closed business model. With Apple’s locked-down software, they only experienced 14% of all forms of malware attacks compared to Android’s 71%. However, experts predict that with the constant growth of iPhone users, attackers will develop malware for Apple devices. Apple limits its users to strictly use Apple-approved aps; because of this they have been able to stay clear of the mobile malware attacks. Unfortunately, this may not last for long. Recently U.S. courts rules that jail breaking the iPhone is now legal. This will give hackers the opportunity to create effective malware that will attack iPhones.
(Chebvshev&Unuchek, 2014) (Drew, 2014) Point of sale devices are being targeting by a recently identified piece of malware that has, in fact, already taken control of thousands of payment cards. The majority of these attacks are occurring in the United States. Adam Greenberg explains, “On May 23, Arbor Networks researchers discovered Soraya, a piece of malware that combines memory scraping techniques found in Dexter, a POS malware, with form grabbing abilities seen in Zeus, a Trojan that impacts PCs running windows” (Greenberg, 2014). The fact that this malware uses multiple techniques in the malware is very uncommon, according to Matt Bing and Dave Loftus who are security research analysts with Arbor Networks. As stated before, this malware has most likely already compromised thousands of payment cards. Bing and Loftus were able to gain access to payment card data from a command-and-control server and were able to determine that more than 65 percent of the cards were issued in the United States. Greenberg goes on stating that, “more than 21 percent of cards were issued in Costa Rica and more than 11 percent of cards were issued in Canada, according to the post, which adds that nearly 64 percent of compromised cards were debit cards and nearly 35 percent were credit cards” (Greenberg, 2014). This clearly presenting a large threat for credit and debit cardholders. The fact that a malware of this type is able to compromise such a large amount of cardholders is frightening. The creator of Soraya still remains unknown. There is no evidence to connect any one programmer to the creation of it. Fortunately, researchers have been able to gain a general idea of where some of the infection exists. They were able to send the cards that were compromised to the major card providers and from that they will receive information regarding the common point of purchases associated with the cards. (Greenberg, 2014)
Conclusion
Malware attacks on users of mobile banking accounts will continue to grow. Programmers are developing more complex and destructive software that are gaining ground. Mobile devices that lack a secure operating system will continue to be targeted by malwares of all types. It is not a predictable topic. There is no exact way to tell what device will be targeted next or what the programmers will target.
A distinct industry has developed and is now more focused on extracting profit. User’s personal information and bank information is what programmers are after. They are creating software that is difficult to track and spreads quickly, allowing them to remain under the radar. Malware programming will continue to grow as technology advances and users become more reliable on their hand held devices. User’s need to be made aware of the risks that come with using mobile devices or even online sites to make transactions. Using personal banking information through mobile devices and online websites is a risk within itself.
Before downloading any software or apps you must be sure that the site you are on can be trusted. Users must be aware of the ways malware tricks the user. Make sure that you are always on a trusted site before downloading anything. Make sure that the software being recommended to download is legitimate. If you receive e-mails from known or unknown senders and the message contains links or files attachments, do not click or download for they are most likely spam and may possibly contain a form of malware. The best advice is to be aware. Mobile device users and Internet users must become educated of the threats in order to avoid and prevent possible damage to their devices and personal information.

Bibliography

Chebyshev, V., & Unuchek, R. (n.d.). Mobile Malware Evolution: 2013. securelist.com.
Retrieved June 28, 2014, from https://www.securelist.com/en/analysis/204792326/Mobile_Malware_Evolution_2013

Danova, T. (2014, January 22). Nearly 100% Of Mobile Malware Attacks In 2013
Targeted Android Devices. Business Insider. Retrieved June 28, 2014, from http://www.businessinsider.com/nearly-all-mobile-malware-in-2013-targeted-android-devices-2014-1

Drew, J. (n.d.). Mobile Phones are Under Malware Attack –
TopTenREVIEWS. TopTenREVIEWS. Retrieved June 28, 2014, from http://anti-virus-software-review.toptenreviews.com/mobile-phones-are-under-malware-attack.html

Gard. (2014, June 28). A List of Malware Types and Their Definitions | FBI Ransom,
Virus. The Truth About Malware. Retrieved June 28, 2014, from http://www.malwaretruth.com/the-list-of-malware-types/

Greenberg, A. (2014, June 3). Soraya malware targets payment card data on POS devices and home computers. SC Magazine. Retrieved June 28, 2014, from http://www.scmagazine.com/soraya-malware-targets-payment-card-data-on-pos-devices-and-home-computers/article/349880/

Hooper, C. R. (n.d.). Ten Ways to Prevent Viruses and Malware –
TopTenREVIEWS. TopTenREVIEWS. Retrieved June 28, 2014, from http://anti-virus-software-review.toptenreviews.com/ten-ways-to-prevent-viruses-and-malware.html

Landesman, M. (n.d.). A Brief History of Malware; The First 25 Years.About.com
Antivirus Software. Retrieved June 28, 2014, from http://antivirus.about.com/od/whatisavirus/a/A-Brief-History-Of-Malware-The-First-25-Years.htm

Phelps, J. (2010, November 16). How to Avoid Malware. PCWorld. Retrieved June 28,
2014, from http://www.pcworld.com/article/210891/malware.html

What is Malware?. (n.d.). What Is Malware?. Retrieved June 28, 2014, from
http://www.websitedefender.com/what-is-malware/

Similar Documents

Premium Essay

Wk 3 Lab

...Week 3 Lab Part 1: Web and Database Attacks & Malware and Malicious Software Learning Objectives and Outcomes Upon completing this lab, students will be able to: * Identify web application and web server backend database vulnerabilities as viable attack vectors * Develop an attack plan to compromise and exploit a web site using cross-site scripting (XSS) against sample vulnerable web applications * Conduct a manual Cross-site Scripting (XSS) attack against sample vulnerable web applications * Perform SQL injection attacks against sample vulnerable web applications with e-commerce data entry fields * Mitigate known web application and web server vulnerabilities with security countermeasures to eliminate risk from compromise and exploitation Overview This Lab will demonstrate a Cross-site Scripting (XSS) exploit and an SQL Injection attack on the test bed web application and web server using the Damn Vulnerable Web App (DVWA) loaded on an Apache Web Server on “TargetUbuntu01” Linux VM server. They will first identify the IP target host, identify known vulnerabilities and exploits, and then attack the web application and web server using XSS and an SQL Injection to exploit the web application using a web browser and some simple command strings. Assignment Requirements Watch the Demo Lab in Learning Space Unit 5 and then answer questions 1-10 below. Lab Assessment Questions & Answers 1. Why is it critical...

Words: 1054 - Pages: 5

Free Essay

Pc Structure and Logic

...What are 4 security measures that can be implemented to restrict access to a computer? 1. Something the user knows 2. Something the user has 3. Something the user is 4. Something the user does What advantage does a wired network have over a wireless network in terms of security? The advantage that a wired network has over a wireless is that they do not have to worry about the network working properly and taking the time to troubleshoot. What is WPA and how can it help your wireless network’s security? WPA (Wi-Fi Protected Access) is a secure network versus the WEP (Wireless Equivalent Privacy). It supports a key length from 8 up to 63 alphanumeric characters or 64 hex characters, and supports the use of a RADIUS authentication server in corporate environments. What is the difference between a MAC address and an SSID? It is the serial number of the device and an SSID is the ID for your WIFI connection. Write a complex password and explain why it is a good password. d@wu4bw is a good password because it is 7 characteristics, there isn’t a word in this password, and it has a special character in the password and has a number. What is the purpose of a firewall? It is to protect in bound threats or against unauthorized inbound and outbound traffic. Describe each of the following malware. Spyware- Software that spies on system activities and transmits details of Web searches or other activities to remote computers. Adware-Software that displays pop-up...

Words: 584 - Pages: 3

Free Essay

Malware Lifecycle

...Today we will come to understand how to find, interpret, and explain the materials released by major antivirus vendors about new malware threats. In addition we will show how you will be able to document the malware lifecycle; in addition to explaining the threats that the malware creates both at the current time and how they may change. One of the sites that we have taken a look at is McAfee.com, the portion of information we are looking at today is the virus definition, what it is a how it will affect you the consumer. One virus we will be looking at will be RDN/BackDoor-FBSA!a!EFA0D651938C. This is a Trojan detection. Unlike viruses, Trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include e-mail, malicious or hacked Web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc. The indication of having this infection would mean your machine would have the files, registry, and network communication referenced in the characteristics section. However not to worry the following is a plan of attack as per instructions of McAfee: Please use the following instructions for all supported versions of Windows: 1. Disable Windows System Restore. For instructions, please refer to: http://www.mcafee.com/us/downloads/free-tools/disabling-system-restore...

Words: 772 - Pages: 4

Free Essay

How Two Banks Stopped Scams, Spams and Cybercriminals

...follows • Malware • Malicious software • Unprecedented of Spam Malware, short for malicious software, is software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. 'Malware' is a general term used to refer to a variety of forms of hostile or intrusive software. Malware includes computer viruses, ransomware, worms, trojan horses, rootkits, keyloggers, dialers, spyware, adware, malicious BHOs, rogue security software, and other malicious programs; the majority of active malware threats are usually worms or trojans rather than viruses. In law, malware is sometimes known as a computer contaminant, as in the legal codes of several U.S. States. Malware is different from defective software, which is a legitimate software but contains harmful bugs that were not corrected before release. However, some malware is disguised as genuine software, and may come from an official company website in the form of a useful or attractive program which has the harmful malware embedded in it along with additional tracking software that gathers marketing statistics. Software such as anti-virus, anti-malware, and firewalls are relied upon by users at home, small and large organizations around the globe to safeguard against malware attacks which helps in identifying and preventing the further spread of malware in the network. 2) In what ways has...

Words: 830 - Pages: 4

Free Essay

Lab 3 Questions

...Removing Malware: Tools and Techniques Devan A. Dunham American Military University, ISSC342, Instructor Peter Mylonakos In the digital world, there are many tools and techniques to harm your computer, but there are also the same for protecting your computer as well. Malware, or malicious software, is software that is intended to damage or disable computers and computer systems. It is very dynamic and can be hard to detect sometimes because it may disguise itself as something that should be running on your computer. For example, after installing a program, Jim doesn’t realize that the executable file he downloaded was infected with malware named “Wajam” but disguised itself as “Software Updater” under Control Panel. It ran in the background and updated itself automatically without Jim’s knowledge. So how would Jim detect and remove this virus? First, Jim should always be aware what is running on his computer. On Windows machines specifically, opening the Task Manager and taking a quick look at processes will give the user a good outlook on what is running on the computer. Users should look for anything suspicious or unknown processes and do further research upon discovering them. Another simplified way to discover malware is to use an anti-virus program. There are many available to users and doing a quick internet search will yield thousands of programs, but sticking with reputable programs will serve its purposes. Scanning for malware and other viruses is as simple as click...

Words: 579 - Pages: 3

Premium Essay

Malware: Evil Software

...Malware: Evil Software Malicious software, or Malware for short, is designed to access computer systems secretly without the owner’s knowledge or consent. Malware is a general term used by professionals in the computer industry to describe a variety of hostile, invasive, or aggravating software programs. Software is considered to be malware based on the suspected intentions of the designer rather than any particular features the software may or may not have. Malware, also known as computer containment, has grown to include computer viruses, worms, Trojan horses, spyware, dishonest adware, crimeware, and other malicious and unwanted software programs. Symantec published in 2008 that “the release rate of malicious codes and other unwanted programs may be exceeding that of legitimate software applications”. According to F-Secure, “As much malware was produced during 2007 as in the previous 20 years altogether.” Malware has become the most common pathway on the Internet for criminals to access users: especially through e-mail and the World Wide Web. The frequency of malware use for organized Internet crime, along with the inability of anti-malware protection products to protect against the incessant stream of newly produced malware, has encouraged a new mind-frame for business owners who operate on the Internet. Business owners acknowledge that a large percent of Internet customers will always be infected for one reason or another, and they need to continue doing business...

Words: 1653 - Pages: 7

Premium Essay

Computer Ethic - Target Breach

...in which millions of credit cards and customer personal information was stolen by malware that was installed onto their network. This information was to be sold on the black market to others for their illegal use. Target Corporation was indeed made aware that there was some peculiar activity within the network before the information was stolen. Their million dollar malware software, monitored by FireEye, picked up on the attack several days before any information was removed from the Target Corporation servers. Target Corporation could have easily prevented the majority of the attack and reduced if not eliminated the amount of credit cards and personal information that was stolen. The fact that Target Corporation was warned of the initial breach, as well as an additional breach, and did not respond for two weeks is unfathomable and unethical. The Target Corporation has a duty to secure any and all credit card and personal information that they collect from their customers. I believe that in this case Target Corporation did not act accordingly and should be held liable. Target Corporations lack of response and inability to take action goes against all ethics and how the situation should have been handled. Target Security Breach In mid 2013 Target Corporation hired a security firm, FireEye, to install a malware detection tool and monitor their network. This malware detection tool was estimated to cost around $1.6 million (Businessweek.com) and seemed...

Words: 2925 - Pages: 12

Premium Essay

Nt1310 Unit 3 Assignment 1 Antivirus

...Antivirus is used to detect and remove virus in a computer, smartphones, tablets and other technical devices. Before knowing about the antivirus lets first study why antivirus is use and how it is used and what it is. Now the first question arise is what is the need to use antivirus so the answer is computer virus yes because of computer virus we use antivirus. A computer virus is a mischievous computer program. It enters in the computer without the permission or without the knowledge of user and even run without the permission of user in the computer. Computer virus are very dangerous and mischievous that they automatically copy the date and pasted it to memory over memory its transferring power is to much that it copy the data over network and network very quickly it sometime damage the computer program also computer virus is too dangerous it can create lots of loss to the user. The user who don’t pay attention to the virus and don’t listen about it it’s a great mistake they are doing. The person who are working on the computer whether the small work or the big should have the knowledge of computer virus. Virus is like our enemy and pre protection from enemy is good. And to protect computer from virus antivirus is use. Virus are off different type boot sector virus, macro...

Words: 1444 - Pages: 6

Premium Essay

Ibm Zone Truated

...Maryam Ahmadi CIM 220 Section B Professor Ali Niknam March 20, 2015 IBM Zone Trusted Information Channel (ZTIC) 1. What are some common types of malicious software, or malware? What best describes the ‘man-in-the-middle’ type attack? * The common types of malicious software or malware are adware, bot, bug, ransomware, rootkit, spyware, Trojan horse, virus, and worm. A ‘man in the middle attack’ is one in which the attacker intercepts messages in a public key exchange and then retransmits them, substituting his own public key for the requested one, so that the two original parties still appear to be communicating with each other. 2. Provide some examples of each type of authentication factor. What are your personal experiences with each? * Personal factor is a personal question that may be used to recover passwords. An authentication factor is a piece of information or process used to verify the identity of a person requesting access to a restricted asset or area. I have never encountered this personal experience in my life thus far with using technology. 3. Can you think of any drawbacks of the ZTIC device? * The drawbacks that the ZTIC device would be a transaction is initiated on a computer with malware installed, the security of the transaction is compromised. Not even a padlocked areas of the internet that would otherwise be secure can protect against this. 4. How might malicious attackers try to get around devices like the ZTIC? *...

Words: 475 - Pages: 2

Premium Essay

Is3340 Unit 4 Assignment 1

...Identifying Types of Malware Infection 1) You notice that your computer is getting slower each day. You have terminated unneeded programs, disabled unneeded services, and have recently defragmented the disks. Your computer has plenty of memory but it still seems slow. Since it only started getting slow within the last two weeks, you suspect a malware attack. You have carefully examined each of the programs running but there are no unusual programs. However, you do notice that there is substantial disk activity, even when no programs are running that should be using the disk. What kind of malware do you think is present in your computer? Rootkit and likely another type of malware – Closing all programs and still seeing disk usage would suggest that a rootkit has installed and is actively hiding the actual program running. The rootkit would hide the program while a virus or worm is likely behind the scenes wreaking havoc. 2) You download a new program to display the current weather on your desktop. Since you installed the weather application you noticed a lot of network activity and your computer is getting slow. When you terminate the weather application your computer speeds up. What kind of malware do you think is present in your computer? Trojan Horse – Acting as a useful program, it actually infects and runs amuck inside of the pc and network. 3) Within a week after ordering a new widescreen television (TV) from an online retailer, you start getting many email...

Words: 407 - Pages: 2

Free Essay

Computer Security

...Computer Security: Worms and viruses Nowadays, in the domain of computer sciences, there is a big problem to face: Worms and viruses. Being in the technology is a good thing, but being n the technology without knowing how to avoid the consequences of the technology is worse. Viruses and worms affect the computer and damage, or in other words corrupt some files that are important to the good functioning of the computer. Viruses have many ways of penetration that computers user ignore, and that’s what makes the damage even more severe. First of all, let’s start by defining a viruses and a worm. A virus is a malware program (not a computer program), that auto run, and replicates by adding copies of their code into other computer program, any other type of data that it comes across. This will create an overall corruption of your database and your computer. In reality, there are three categories of computer infections malwares and we defined the first one which is viruses. The two second malwares are worms and Trojan horses. In a questions of codes or designs they are all similar, but the differences come in the way these three categories act. Contrarily to viruses that need a human action to spread, such as sharing files, running an infected program, and so on, worms have the ability to auto spread themselves, which mean that they don’t require the action of a human. They can travel by themselves by taking advantages on files and other information’s that runs through the system. A Trojan...

Words: 1076 - Pages: 5

Free Essay

Information Security

...ask? In the form of malware that is targeting your financial institutions. Though, the machines creating this malware do not have to target the institution, rather your Internet browser. By changing what you see in the browser, the attackers now have the ability to steal any information that you enter and display whatever they choose. This has become known as the Man-in-the-Browser (MITB) attack. AD Copyright SANS Institute Author Retains Full Rights Analyzing Man in the Browser Attacks | 1 Analyzing Man-in-the-Browser (MITB) Attacks GIAC (GCFA) Gold Certification Author: Chris Cain, cicain08@gmail.com Advisor: Dominicus Adriyanto Accepted: December 22nd 2014 Abstract The Matrix is real and living inside your browser. How do you ask? In the form of malware that is targeting your financial institutions. Though, the machines creating this malware don’t have to target the institution, rather your Internet browser. By changing what you see in the browser, the attackers now have the ability to steal any information that you enter and display whatever they choose. This has become known as the Man-in-the-Browser (MITB) attack. No one is safe from a MITB once it is installed, which easily bypasses the security mechanisms we all rely on. By infecting the browser and changing what is displayed we now have to wonder what world we are living in? Take the Red Pill and learn how this attack occurs to better allow you to hide from malware that target us every...

Words: 5973 - Pages: 24

Premium Essay

Comm 520 Written Assignment 3 Key

...can be vulnerable to malware. Vulnerabilities differ depending on how the computer or device is used and what software is installed. For each of the scenarios below, select the most likely type of malware that is present on the computer or device. Select from: a. Virus b. Worm c. Trojan horse d. Rootkit e. Spyware Suspected malware scenarios: d 1. You notice that your computer is getting slower each day. You have terminated unneeded programs, disabled unneeded services, and have recently defragmented the disks. Your computer has plenty of memory but it still seems slow. Since it only started getting slow within the last two weeks—you suspect malware. You have carefully examined each of the programs running but there are no unusual programs. However, you do notice that there is a substantial disk activity, even when no programs are running that should be using the disk. What kind of malware do you think is present in your computer? c 2. You downloaded a new program to display the current weather on your desktop. Since you installed the weather application, you noticed a lot of network activity, and your computer is getting slow. When you terminate the weather application your computer speeds up. What kind of malware do you think is present in your computer? e 3. Within a week after ordering a new widescreen television (TV) from an online retailer, you start getting many e-mail messages advertising products related to TVs. What kind of malware do you think is present...

Words: 319 - Pages: 2

Free Essay

Bm Zone Trusted Information Channel (Ztic)

...Chapter 8 Securing Information Systems Case 1: IBM Zone Trusted Information Channel (ZTIC) Tags: Malware; personal banking applications; hardware security solutions. Summary: More and more attacks to online banking applications target the user's home PC, changing what is displayed to the user, while logging and altering key strokes. In order to foil these threats, the IBM Zurich Research Lab has introduced the Zone Trusted Information Channel (ZTIC), a hardware device that can counter these attacks in an easy-to-use way. L= 3:07. URL: http://www.youtube.com/watch?v=mPZrkeHMDJ8 Case Online banking is growing in popularity due to its convenience and ease of use. However, as with any transactions that take place over the Internet, online banking transmissions are vulnerable to various forms of malicious attacks. Although phishing is still a common method hackers use to commit bank fraud, another method that is difficult to combat is a 'man-in-the-middle' attack, referred to in the video as a 'manin-the-browser' attack. Banking transactions are traditionally conducted via two-factor authentication (T-FA). An authentication factor is a piece of information or process used to authenticate or verify a person's identity or other entity requesting access under security constraints. Two-factor authentication is a system in which two different factors are used in conjunction to authenticate. Authentication factors are classified into three groups: human factors (biometrics, for example...

Words: 748 - Pages: 3

Free Essay

Crowdstrike Matewr

... TRADITIONAL SECURITY SOLUTIONS ARE NOT ENOUGH Your current security measures only solve part of the problem. They are focused on detecting malware, but advanced attacks now rely on sophisticated techniques that go beyond malware. YOUR SECURITY SYSTEMS CAN’T STOP WHAT THEY CAN’T SEE. WHY CURRENT TECHNIQUES ARE FAILING: Traditional approaches only address the 40 percent of breaches that use malware They don’t enable proactive hunting to find and block adversary activity Most security tools only address part of the cyber ‘kill-chain’ When existing approaches fail, they provide no visibility, resulting in ‘silent failure’ IT’S TIME FOR A NEW APPROACH FALCON: THE BREACH PREVENTION PLATFORM Cloud Delivered NEXT-GEN AV EDR MANAGED HUNTING Continous Breach Prevention CrowdStrike has revolutionized endpoint protection by combining three crucial elements: next-gen AV, endpoint detection and response (EDR), and a 24/7 - managed hunting service — all powered by intelligence and uniquely delivered via the cloud in a single integrated solution. Falcon uses the patented CrowdStrike Threat Graph™ to analyze and correlate billions of events in real time, providing continous breach prevention and five-second visibility across all endpoints. WHY CROWDSTRIKE? Prevent Attacks – Both Malware and Malware-free – that Your Existing Security Tools Can’t Stop 5-Second Visibility to Discover and Investigate Current and Historic Endpoint Activity ...

Words: 535 - Pages: 3