In today’s modern world of information technology, malware and malware protection is becoming a large part of computer security. To analyse this problem various Internet and academic articles have been studied in order to grasp the main concepts of malware and its impacts on information technology as well as current security protection available in today’s market.
The purpose of this report is to give the reader an understanding on the concepts of malware and what technologies are being implemented to prevent unauthorized access of computers and networks. This report will also look into how cyber criminals are able to use a variety of measures to infect computers and networks and why it is necessary to implement various security applications to stop them from accessing data. A brief history on the exploit protection of computers and information systems is also included to provide the reader with a basic understanding of computer security and protection before the Internet was developed into a global fixture.
The function of Malware and virus security
PG 1If a computer is communicating with other devices on a network it can potentially be at risk. Documents and files that are stored in that computer can be exposed to anyone who wants to access them especially if there is no security implemented on that particular device. In recent years the lack of security on Internet applications and web sites has been responsible for hackers entering computer and stealing files and private information. Because the Internet is so large and complex it is becoming increasingly hard to protect computers from malware and viruses. Cyber criminals are able to set up spam and can potentially enter a network through a backdoor or loop hole in the system. These actions can be hard to track and many hackers are not caught due to the fact they are accessing the content from a different location (often in a different country). The concept of malware security has taken huge steps in recent years to prevent computers being vulnerable to attacks. This report will focus on how computer security is breached by malware and what security measures are in place to deal with aspects such as anti-malware/virus and spyware protection, spam filters and other password based securities built around Internet applications.
The history of security and birth of Malware and Viruses
Computer viruses have been in existence long before the modern Internet came about. One of the outbreaks of virus activity was caused by mistake in the late 1980’s.
In 1987 the Vienna virus was developed, computer specialist Ralph Burger decided to investigate the virus so he got a copy of it and wrote his findings in a book titled ‘Computer Viruses: a high tech disease’. His book however caused major problems. Because his analysis was so in depth he ended up telling people how the virus worked and how to write them. As a result people who previously had no knowledge of what computer viruses or malware were now getting a beginners guide on how the process worked. Ralph Burger’s book was effectively a guide on how to create viruses and in the years after publication his concepts and findings were still being put to use by cyber criminals who wrote thousands of malware viruses based on his methodologies.
PG 2The 1990’s saw a huge rise in information technology security breach with the introduction of the modern Internet. Major viruses such as the Michelangelo and Melissa viruses saw a new dawn in virus activity and as a result the information technology industry started to take notice. New virus technology such as bots and botnets were beginning to take shape. The introduction of malware saw a huge rise in security breaches especially in home and business environments. For the first time confidential information such as user credentials and private details were being exposed over the Internet. The ability for hackers to trace cookies and monitor network activity in real time started to become a major issue for all internet users. During the mid to late 1990’s there were many attempts to put a stop to cyber criminals and malware activities but overall the fact remained that there was no major force that could deal with the increasing problem of computer security and exploit protection. The problem had begun to take effect on national security. Because government agencies had confidential information on computer networks there became a real need to not only protect information on their networks but to protect national security. The U.S in particular became increasingly paranoid about their government agencies and there were a number of cases were their networks had been compromised. In 1998 the U.S attorney general unveiled a $64 million dollar scheme to try and counter cyber criminals and the effects of both Malware and Viruses. A command center was set up to protect all U.S computer systems; the National Infrastructure Protection Center was another major step in internet security in the 1990’s. As the Internet continues to grow Internet security is still an extremely important issue. With more and more people using tools such as internet banking and purchasing online items there are now a lot more procedures being put in place to keep these applications secure from malware and viruses.
Types of Malware and viruses
In today’s world there are a number of major malware, viruses and bugs that are commonly used to infiltrate Internet applications and computer networks. This section of the report will look at what they are, how they work and what tools are available to counter this kind of criminal activity.
A virus is a computer program that is able to replicate itself and infect computer devices. In order for a virus to replicate itself it must first be granted access to execute its code. To make this possible most viruses will try to attach themselves to executable files that are commonly apart of legitimate programs and applications. Viruses can be made to do a number of things including damaging data files, corrupting applications and lowering system performance. Viruses can also be transferred between devices especially if the user has no knowledge of the viruses’ presence. Commonly USB drives and other forms of memory units will transfer viruses amongst computer devices.
What is Malware?
Malware is an abbreviated term that stands for malicious software. The main purpose of malware is to spy or damage a computer device. Malware can also include things like tracking cookies, which will allow someone to monitor Internet activity and usage. In today’s modern information technology malware encompasses a lot of different types of viruses and exploitation.
As its name suggests spyware is used to spy on a computer or device. Spyware is a form of Malware that performs predominantly the same kind of tasks. It is often used in advertisements known as adware that can be used to track activity on a computer. In recent times spyware has be known to log keystroke activity which enables criminals to gather bank account details and other sensitive data.
PG 4A computer worm is able to replicate its self and uses a network to send copies of its self to other devices on a network. Worms are a kind of Malware that can infect a large number of devices on a network, once the worm has been released on a computer it can quickly cause damage over a network. Unlike a virus worms do not need to attach themselves to an executable file.
Bots are programs that are capable of taking over a computer. Bots allow the hacker to control a computer from a remote location often starting out as Malware. Cyber criminals will often hide their remote control software attaching to a legitimate source such as a game or application. When the application or game is running they are able to run their software in the background and gain remote access whenever the device is online. Hackers usually try to go unnoticed while implementing bots. In a lot of cases hackers will create a lot of bots and set up botnets (an army of bots) these can then be used to send out spam and other forms of illegal activity.
Trojans (also known as Trojan horse/s) are programs that disguise themselves by doing a legitimate task on a computer. In actual fact the Trojans main purpose is to spy on computer activity and steal information such as credit card details and pin numbers. Once the information has been captured it is then sent back to the cyber criminal who initially set up the Trojan. Trojans are commonly sent as email attachments and are NOT viruses. A Trojan does not infect files or replicate it self like a virus and its main purpose is to go unnoticed within the system.
Spam is a type of advertising that is commonly sent to a large scale of computer users. Most spam is developed in the form of get rich schemes, suspicious messages and other forms of advertising that are aimed at tricking the user into releasing credit card details and other information that can benefit the person who sent the spam. Because spam costs the sender next to nothing to send they are able to send it on a large scale increasing their chance of success.
Current Malware protection
Security breaches can come in all forms of illegal activity. These are simply the mainstream problems that occur on a day-to-day basis. There are many more forms of malware that put Internet security to the test and cyber criminals continue to develop new ways of infiltrating computers and networks. So what are some of the current developments put in place to stop malware and other forms of illegal activity?
The term firewall was fist established by fire fighters. The firewall was a large barrier put in place to prevent the fire from spreading. In computing terms a firewall performs relatively the same task. Essentially a firewall operates by working with a router-based application to make decision of wether to forward packets to a device or wether to drop the packets all together. An easier way to think of a firewall is to imagine a police check point on a road, the cars coming into the checkpoint represent packets being sent across the internet, the police check point represents the firewall as well as the process that is taken to determine if the packet (car) is able to continue to its destination (a network or computer). In other words a firewall is a scan that can detect infected or illegitimate data files or programs before they reach their intended destination. In organizations and businesses a firewall will often be set up on an elected computer that is separated from the rest of the network so that incoming traffic does not have immediate access to the rest of the network. One of the main methods that a firewall uses is screen requests to insure that domain name and internet protocol addresses are genuine. With devices such as PDA’s and cell phones, firewalls will allow remote access to certified networks by using password based security measures.
Anti Malware/virus software
PG 6Anti Malware/virus software applications are used to scan files and eliminate any Malware or viruses that are found on a particular device. Current anti virus applications have come along way in protecting users from malware viruses. Anti virus applications will typically use two forms of scanning procedures to identify malware. The first is analyzing the computer programs and looking for any suspicious activities that are not normally conducted. The second is done by scanning a computer using a malware and virus dictionary this is one of the most effective ways of identifying a security breach. The malware/virus dictionary works by examining a database of known viruses that has been established by that particular anti virus Software Company; it will then scan the computer and try to match any piece of code in its database to the files on a computer. If a match is found then the user will be prompted with a message that gives the user options to deal with the malware and/or virus. For this process to be successful in the long term the malware/virus dictionary needs to be updated on a regular basis to keep up with newly written viruses being developed by hackers and cyber criminals. This is the main reason that anti malware/virus software applications will prompt users to update on a regular basis. Anti-spyware based applications work with the same method of spyware dictionary scanning.
PG 7In today’s modern Internet spam is always a constant threat to computer security for users worldwide and will often contain malware viruses. Although most people will ignore spam a small amount of users get sucked in to spammers advertising schemes. Because spammers are sending out thousands of spam based messages at a time they can easily profit from a couple of over trusting users and because spam is cheap to develop there is always a market for them. In past years users would receive hundreds of messages a day by spammers and trying to sift through emails to find a legitimate message proved to be a daunting task for users. For this reason spam filters were introduced. Spam filters work by using a number of procedures. The first is a language-based filter; these are the easiest procedures for a spam filter to implement. The filter will simply scan through emails and remove any that are not in the native language of the user. Settings for this can obviously be changed if a user is working in a foreign country, the user can simply enable the languages that they would like to receive by changing the settings of the filter. Content spam filters use a complex set of rules to evaluate messages that are likely to be spam-based advertising. The spam is redirected into a spam folder that can later be deleted by the user. This is one of the most effective approaches to countering spammers however on occasion it can result in legitimate emails being sent to spam folders due to a user request of an advertising promotions or news letters. User spam filters can be the most effective filters if used properly. They require the user to input a set of rules for the filter to follow, although this can be an effective method it can be time consuming and is not the easiest tool for users to use.
Overall there are a lot of security measures that can be implemented to protect computers and networks form malware. Most security measures that are available to users are aimed at protecting computers from malware, adware, spam and various types of common viruses. Although there are a lot of companies providing these services cyber criminals are always looking for new ways to get around firewalls and anti virus software and on some occasions they are successful. Because there are so many hackers and spammers around the globe new ways of getting around these barriers are frequently being developed and catching them can be very difficult. However if users take the appropriate steps such as installing firewalls and anti malware/virus software they will be less likely to fall prey to cyber criminals.