Trojan Horse, Spyware, Viruses and Worms. All are likely familiar with some of the most common security threats in computing systems. Although they go by different names, they all fall under the same cyber security category — Malicious Software, aka, “Malware”.
Understanding the nature of this threat to your Computer's Security is the first step to preventing malware from infiltrating and taking down your business.
Individual malware programs often include several malicious functions and propagation routines.
For example, a specific malicious program may be capable of being spread via an email attachment and also as files via P2P networks. The program may also have the ability to harvest email addresses from an infected computer, without the consent of the user. With this range of functions, this program can be also called as an Email-Worm, a P2P-Worm or a Trojan-Mailfinder.
Here are some of the most common type of malware impacting this days:
Protecting your system from the destruction of malware requires a multi-layered defense that includes several ongoing IT security actions such as:
A particularly interesting finding in a research of this year(2018) is that 90% of the malware analysed was labelled by AV solutions with generic labels, such as “trojan.generic”. This is malware for which the security controls that provide data to various virus submission portals have only AI based heuristic verdicts at time of submission. The recommended remediation for these files is to re-image the system or to restore from a known good backup.
Understanding the nature of this threat to your Computer's Security is the first step to preventing malware from infiltrating and taking down your business.
Let’s start with what is a Malware ?
“Malware” is short form for “Malicious software”. It is a computer programs that is designed to infiltrate and damage computers without the user’s consent. Malware encompasses any software program created to perform unauthorized actions on another user’s computer, tablet, or smartphone. “Malware” is the general term covering all the different types of threads to your computer safety such as Viruses, Spyware, Worms, Trojans, Rootkits and so on.
Individual malware programs often include several malicious functions and propagation routines.
For example, a specific malicious program may be capable of being spread via an email attachment and also as files via P2P networks. The program may also have the ability to harvest email addresses from an infected computer, without the consent of the user. With this range of functions, this program can be also called as an Email-Worm, a P2P-Worm or a Trojan-Mailfinder.
What are the types Malware out there today?
Here are some of the most common type of malware impacting this days:
- Trojan Horses: These are the most malicious malware programs. They are designed to make a user think they are using a safe program, such as an antivirus scan. However, they are actually programmed to steal personal and financial data. They not only infect the end-user’s device, but also break into websites and modify them to help infect more victims.
- Viruses: This is a contagious piece of code that infects software, replicates itself, and spreads within the computer and to other computers that share software.
- Worms: This is a malicious program that replicates itself throughout a computer network and destroys information, including operating and data files saved on the host PC.
- Adware: This is software that delivers advertisements to the target's computer, which is programmed to examine which Internet sites the user visits frequently, and to present and feature related advertisements on them.
- Spyware: This malicious software that infiltrates your device and spies on you by tracking your internet activities. This allows the hacker to gather information about your system without you knowing.
- Ransomware: This is an advanced type of malware that restricts access to a computer system until the user pays a fee. Typically, a pop-up appears on the screen warning that you have been locked out of your computer and can access it again only after paying the cyber-criminal a ransom for the restriction to be removed.
- Mobile Malware: This malicious software infiltrates computer systems through apps via email and social media.
How can we be protected from Malware attacks?
Protecting your system from the destruction of malware requires a multi-layered defense that includes several ongoing IT security actions such as:
- Security risk analysis
- Proactive intrusion prevention
- Anti-virus and anti-spyware installation
- Managed firewall
- Web filtering
- Spam filtering
Coming to Why is Malware still a big Threat ?
A particularly interesting finding in a research of this year(2018) is that 90% of the malware analysed was labelled by AV solutions with generic labels, such as “trojan.generic”. This is malware for which the security controls that provide data to various virus submission portals have only AI based heuristic verdicts at time of submission. The recommended remediation for these files is to re-image the system or to restore from a known good backup.
The problem emerges when this is combined this with another finding of research - the most dangerous forms of malware, in terms of potential for significant loss of confidential or regulated data, have certain key characteristics and capabilities:
- Packed: They can navigate through static analysis with the use of “packing” technology.
- Evasive: They avoid detection by dynamic analysis with evasion behaviors.
- Stealth: They compromise a host and use stealth behaviors on the victim’s system such as by masquerading as trusted system files to remain undetected.
- Theft: They steal credentials by monitoring user activity or accessing credentials to gain subsequent access to protected data applications and systems.
The various research and analysis found that one in 12 malware submissions displayed all four of these behaviors.
Security tools simply provide a binary assessment (good vs. bad) combined with a generic label do not have the ability to determine what behavior is engineered into the malware and are unable to establish the specific malicious intent.
This leads to incomplete remediation.
Very helpful article for any lay man , a must read for anyone , shows your dedication and hard work on this .Keep up the great work!!
ReplyDeleteThanks alot for your kind words and appreciation.
DeleteWill continue to do same kind of work in future too.
This Article is really very helpfull.
ReplyDeleteAs goin deep in malware it ensures us to deal with it safely.
Thanks for your kind words Sanket.
Delete