Defeating the Threat of Malware
Throughout history, humans have constructed walls, palisades, moats and other barriers as defenses against malicious attacks, but invaders have also responded with improved technologies that can defeat these defenses. Just as medieval defenders built their walls higher and their moats deeper, software developers today also seek to create products that are safe from unauthorized intrusion through firewalls and other security measures while hackers and other criminal elements try to defeat them with various stratagems including the use of so-called "malware." Because malware can affect any consumer, identifying ways to defeat these programs represents a timely and valuable enterprise. To this end, this paper provides a review of the relevant peer-reviewed and scholarly literature concerning the different types of malware, typical proactive measures and tools that can be utilized against malware attacks and the technologies that are involved. Finally, a discussion and assessment concerning future trends in malware development is followed by a summary of the research and important findings in the conclusion.
Review and Discussion
Types of Malware
The term "malware" stands for "malicious software," which is an umbrella term that is used to refer to any software application that "runs on a computer without the user's knowledge and performs predetermined functions that cause harm" (May, 2012). This broad-based definition includes relatively benign software that merely collects consumer data but ranges to especially harmful software applications that can disable entire computer networks or worse. This continuum of maliciousness includes some of the most common types of malware which are described further in Table 1 below.
Variations of Malware
Adware specifically refers to programs that display pop-up advertisements. The subject matter of the ads is often based on surfing habits, but may also be tied to a specific advertiser.
This is a program that is designed to spread itself among files on a single computer or computers on a network -- usually the Internet. Often, crackers (hackers with malicious intent) create these programs just to see how far they will spread.
Similar to a virus, a worm spreads itself around a network. Worms, however, do so by making copies of themselves as they spread. They also may be capable of changing their profile to avoid detection.
The computer version assumes the appearance of something benign, such as an update or add-on to an actual program. Once on a computer, it may perform harmful functions such as erasing the hard disk or deleting all image files. Like spyware, a Trojan may also gather information and send it to the developer.
Cookies are small data files used by Web sites to store information on computers that can be used to detect personal information, such as recent visited sites.
Source: Adapted from May, 2012
These malware threats clearly range in their impact on computer users' operations, but in some cases, the harm caused by malware can extend far beyond an individual computer system. For instance, Perrow reports that, "Once your machine has been compromised [by malware], it can be used to send these threats to other machines; your machine becomes a member of a 'botnet,' after robots" (p. 252). While the malware threat continues to expand and become more difficult to detect and defeat, there are some proactive measures and tools that can be taken to help protect computers from malware and these issues are discussed further below.
Proactive Measures and Tools that can be Utilized against Malware
Beyond firewalls, encryption, password-protection and other antimalware software tools, there are also a number of proactive strategies used by the information society, including "trolling" communities of interest to gain fresh insights into what current malware is being developed and how these programs operate. According to Johnston (2009), "One strategy used by antivirus researchers to ascertain the skill sets of the 'thieves' is to troll the...
34). Because of the nebulosity of the identities of the participants in these online forums, anti-malware experts are able to penetrate these communities of interest through social engineering methods that cater to the egos of hackers who may be willing to share their secrets with other, like-minded criminals. In this regard, Johnston emphasizes that, "The lack of culturally specific embodied identities inherent in the electronic communication of the internet allows these researchers to mask their 'real-world' intentions in their virtual re-embodiment as malware-writing criminals" (2009, p. 34).
Another proactive strategy that is used to defeat malware writers is to analyze samples of malware that are provided by affected customers. This approach appears to offer some advantages as well. For example, Johnston (2009) adds that, "Significantly, virus writers also send their new creations to various antivirus vendors and researchers as a way of testing vendors' systems, as a 'courtesy', or as a way of marking their status. Antivirus professionals take this information and share it across competitive vendor boundaries, developing industry-wide counterstrategies to be integrated into their next software releases" (pp. 34-35).
Yet another proactive approach to developing anti-malware measures is content analysis of industry and even hacker reports concerning the effectiveness of anti-malware applications. In this regard, Hua (2011) reports that, "In many circumstances, to fight such threats, internet security vendors can analyze billions of files, e-mails, and malware products to categorize and determine their "reputation" in the cloud and quickly update their customers' firewalls and filters" (p. 37).
There are also some common-sense types of steps that average consumers can take to help protect them from malware invasions, including:
1. Activating security solutions that reside on the mobile devices;
2. Password-protecting cellular phones
3. Evaluating mobile apps before downloading them by finding reviews from reputable sources (Hua, 2011).
While the measures and tools that can be utilized against malware are generally effective as long as they are updated regularly, hackers and other criminal elements continue to work to identify ways to defeat these technologies, and these issues are discussed further below.
The technologies involved in the development of malware continue to change in response to industry-wide and application-specific anti-malware efforts. Malware can creep into a computer through an external source without users' knowledge, such as a flash drive or DVD, or be installed without the user's knowledge through various online communications, including emails and attachments, "buggy" Web sites, and so forth, placed there by all types of criminals, ranging from bored teenagers to international terrorist conspirators. For example, Perrow (2007) emphasizes that, "Your operating system is open to penetration by hackers, 'crackers;' (malicious hackers), agents of foreign governments, competing business firms, thieves, and terrorists" (p. 252). Unfortunately, the technologies that are used in support of malware development are improving along with the software that is intended to defeat them. In this regard, Gale emphasizes that, "If a biological virus were to start mutating more rapidly, it would compromise the ability of medical researchers to develop antiviral drugs. Unfortunately, that's what is now occurring with computer viruses" (2006, p. 19). In support of this assertion, Gale (2006) cites the example of so-called "rootkits." According to Gale, "The latest trend in malware is rootkits. A rootkit is a small piece of software code that runs deep within a computer's operating system and can be used to conceal other programs" (p. 19). The term "rootkit" is a Unix term that refers to software tools that provide complete unauthorized access to a computer's "root" operating system; such unauthorized access can then be used to conceal malware code from routine detection (Gale, 2009).
One particularly insidious method used by malware developers to spread their malicious software include the use of shortened URLs to lure unsuspecting visitors so that malware can be installed on their computers. In this regard, Hua (2011) reports that social media networks such as Facebook are increasingly being used for this purpose. According to Hua, "Facebook is a good example of a tool that requires a more flexible approach to security. One ingenious ruse in 2010 involved shortened URLs, where hackers posted in newsfeeds and other places millions of bogus shortened links in efforts to lure victims to websites for phishing and malware attacks. Last year, 65% of malicious links in news feeds observed used shortened URLs" (p. 37).
Finally, there has been a proliferation of malware targeted as mobile devices which are especially vulnerable to such attacks. According to Hua, "Because mobile system architecture hasn't benefited from being battlefield tested for years and years, which is the case with desktop operating systems, when attackers focus on the mobile platform, they get a lot of bang for the buck" (2011, p. 37). Although there are countless variations on this theme, one typical approach to exploiting these weaknesses is described by Hua as, "Hackers have unleashed malware that can gain control over a phone, for instance, and charge users for calls they never made or SMS services they never used. The threats are becoming more sophisticated as…
Information Technology Security Over the last several years, the Internet has evolved to the point that it is a part of any organizations activities. As both governments and businesses are using this new technology, to store as well as retrieve significant amounts of information. However, this heavy reliance on various IT related protocols are having adverse effects on these organizations. As they are facing increasing amounts of threats from cyber
IT Security Plan The technological advances that have been witnessed in the past twenty to thirty years, has placed a tremendous emphasis on data and information. Computers have changed the world in many facets and the ability to communicate and perform work have been greatly assisted by the digital age. Along with these new found powers, there exists also new found threats. The ability to protect these investments and resources of
Information Technology holds great promise for improving the way a government serves its citizens in various services it conducts to the citizens. This rapid adoption of information technology has produced substantial benefits to the citizens, tax payers, and businesses alike. It is therefore recommended for every particular government to develop digital services to streamline all its operations. One area where governments should enhance its key functions is the establishment of
Arby Fields: Computing, Networking, And Information Technology Hardware and Software Recommendations Fields Comprehensive Youth Services Inc. (FCYS) is a small nonprofit company based in southern California that serves adolescent male who are dependent and delinquent minors. FCYS has thirty employees. This study addresses the computing needs of the organization including hardware and software requirements as well as requirements for information technology security in the organization. The purpose of this study is to
Installation The author of this report has been presented with a hypothetical situation as ZXY Corporation where a new building has been procured. This building will be the site of the new information technology (IT) and other infrastructures. However, the current setup is very raw and unfinished and this obviously needs to change. The facets of the information technology setup that will be addressed in this report will include a
To offer an information security awareness training curriculum framework to promote consistency across government (15). Security awareness is needed to ensure the overall security of the information infrastructure. Security awareness programs is the can help organizations communicate their security information policies, as well as tips for users, to help keep systems secure, and the practices the entire organization should be utilizing. However, as Kolb and Abdullah reiterate, "security awareness is not