Skip to main content

Malware - The Nemesis in Disguise

 



The era of computer age brought a major shift in technology and redefined the way we work, communicate, and entertain ourselves. From OTT platforms to financial transactions, the bits and data move seamlessly through optical fiber cables (OFC), at lighting speed.

But, on a parallel path, malware attack has ushered in a wave of cyber-crimes, ranging from identity theft to data hacking.

What is Malware...

Defined as any software which intentionally disrupts the working of a computer or network system. 

This can be in the form of data loss, denial of service (DDoS) attack, or hijack of core computer services. 

These attacks are not confined to business or home users, but extend to large industries such as water treatment, or electric substations.  

Malwares are classified into different categories. This is based on their attack signature, proliferation and of course, main intent or purpose.



Types of malwares

1. Virus

The most reputed, virus enter host computer through an infected file. The file could be downloaded, or passed through a storage media (USB, Memory Card). Once inside, the virus makes multiple copies of itself, while infecting other system files.

Destruction is the keyword here, and this includes corrupting, deleting or encrypting important data files. The computer also becomes slow or sluggish and eventually crashes.

The virus can also spread to other systems, via email attachments or storage devices (External hard disc, USB, Memory cards)  

2. Worm

Spread through an affected computer network, it doesn't need a host program to infect. They target system vulnerabilities like a weak firewall, or zero-day exploit (unknown system vulnerability).

Once inside, it consumes all the data files, making them inaccessible and eventually, corrupted. Once the job is done, it migrates to the next system in the affected network.

3. Ransomware

Now common in occurrence, ransomware hijacks sensitive data files. This is done by encrypting the complete system, making it inaccessible to the user.

All that is left is a screen, with a threat attached. Either pay a ransom or all your data will be lost. Payment is usually in the form of crypto currency. 

On paying the ransom, a key is provided to decrypt the data. But there is another side to this.

In due process, the affected information could be leaked into the dark web, attracting other scammers.

4. Trojan Horse

Doesn't encrypt anything. Neither does a damage occur to system or data files. 

On the contrary, some trojans can speed up the host system. All this is done to avoid detection, and here lies its true intent. 

To steal valuable user data including passwords, credit card information, or browsing history. This is done by using techniques like key loggers, system snapshots etc.

Trojan comes packaged as a useful software, hence its name. But once installed, it leads to unlimited access for the malware.

5. Rootkit

Provides the hacker with core system privileges, while remaining hidden. This allows for downloading more malwares such as trojans, into the affected computer.     

They form the first phase of attack, erstwhile providing a path for subsequent intrusions.

6. Adware

Commonly referred to as spam, they display unwanted ads, pop ups. Though not inherently destructive, can reduce system performance.

Also, chance of clicking unwanted links that can open malicious websites.

7. Joke Program

They are also not destructive in nature. Mostly causing annoyance, in the form of multiple messages boxes, or frequent opening or closing of CD-ROM tray.



The Remedy

Though a malware attack can occur at any instance, there are few steps which provide a protective shield against the same. They include

1. Keep the operating system up to date. Regular updates/patches can reduce exploits or backdoors used by malware.

2. Invest in a good antivirus software. Instead of freeware, go for a paid version which doubles in security. Notables include Norton, McAfee, Malware Bytes.

3. Do not open suspicious links or attachments. They may come from a known source, but as said earlier, can also be from an infected system.

4. To check the credibility of a website, cross check the same, using Norton Safe Web, or McAfee Site Advisor. This is especially important in case of e commerce transactions.

5. Use Cloud services to transfer/migrate data. This reduces risk of infection by removable storage devices, like USB drives. 




Helpful Links:










Labels:

Comments

Post a Comment

Popular posts from this blog

Man In The Middle Attack - EavesDropping in the Digital World

    This is a term used to describe a cyber attack where a hacker acts as middleman, during data transfer between user and an application. The app can be a financial or an E commerce website, Software as a Service (SaaS) etc. The hacker can intercept data passed via the browser to the website, and collect sensitive information such as account and credit card details, user login etc. To put it into context, it is like a postman who reads all the letters addressed to you, then reseals the same, on delivery. This way no one suspects a foul play.   Interception This is the first phase of the attack. Here the hacker establishes a connection with the target device whether a PC, Laptop or Smart phone. This is done   through various methods   like   Free WiFi  : Here a WiFi hot spot is set up  which is not password protected. When a user logs in to the network, they are in essence connecting to the hacker's system. Now any data transfer occurs via this co...
Post a Comment
Read more

Internet of Things-Connection Redefined

  Imagine driving home after a long day of work. En route the car instructs the residence to automatically turn on the lights, prepare a hot bath, and download the latest Netflix series. While this may seem like a line from a SciFi script, the future is more realistic than ever. Welcome to the world of IoT or Internet of Things. Though not as popular as its famous counterpart, Artificial Intelligence, its penetration into the consumer market is indeed extensive. What is IoT...... It is the term used to describe a   device, or set of devices which are connected to the internet,   and also communicate with each other. They can share data obtained from various sensors to a central hub, analyze it using  AI, and take appropriate actions. For example, a smart thermostat can read the room temperature, analyze the same, and adjust the heating system without any human intervention. Another example would be a smart camera which provides video footage when a movement is detect...
Post a Comment
Read more

Bluetooth - You are Connected

       We are entering the era of Internet of Things (IoT) devices, where each device connects remotely to one another, and the world wide web. This makes them smart in the way of integration to Artificial Intelligence, Machine learning and Data analysis. There are number of network protocols that facilitate this peer to peer communication be it ZigBee, Matter etc. More on that later.    What is Bluetooth  Invented  in 1994 by Ericsson and widely used, Bluetooth allows for short distance communication, within 10 meter radius. The data speed is between 1 Mbps and 3 Mbps. The bandwidth is in the range of 2.4 GHz to 2.485 GHz.   Frequency Hopping Unfold Spectrum This is the underlying tech used in Bluetooth. Data signals by default have low frequency, and high bandwidth. This makes them prone to distortion, affecting long distance transmission. Also the receiving antennas  have to be large in size which is a limitation for mobile phone...
Post a Comment
Read more