Remote Domain Security Awareness Training

Download Report

Transcript Remote Domain Security Awareness Training

Antnomy of Malware
Amruta Dubewar
What is Malware?
 Origin of name Malware
malicious software
Malware is general term for any kind of unwanted software that is installed
without your permission and damage to your computer
Malware can be classified based on
How they get executed
How they spread
What they do
Types of Malware
Viruses
Worm
Trojan Horse
Spyware
Adware
Ransomware
Rootkit
Viruses
Virus attach themselves to other software program and during the execution
of that program the virus code gets executed.
They are self-replicating computer programs
How virus gets into your system?
Social engineering
Exploit vulnerabilities
Effects of Viruses
Stealing hard disk space or CPU time
Access private information
Corrupt data
Spamming contacts
May require a complete OS reinstallation to fix.
Worms
Worm is a standalone computer program and it replicates itself in order to
spread to other computers
It exploits security hole in software or the operating system.
It uses computer network to spread itself
Unlike a virus, it does not attach itself to an existing program
Effects of Worm
Major disruption by increasing network traffic
Networks of such machines used by attacker for sending junk email
Blackmail companies with threatened DoS attacks
Trojan Horse
 Trojan horse is a very deceptive program, it appears harmless or even
beneficial and trick users to install it
For example, might look like an Android app for new game
It does not have the ability to self replicate like viruses and worm. It spread
through user interaction.
Unlike viruses, it does not attach itself to existing program.
Effects of Torjan Horse
Modify or delete files
Downloading and installing software
Modifications of registry
Use your computer as a part of Zombie Army or BOTNETS
Spyware
Spyware usually comes bundled with free software and automatically
installs itself with the program
It gathers information about person without their knowledge and send it to
another party
Effects of Sypware
Install additional software
Redirect Web browsers
Logging keystrokes
Change computer settings
Stability issues
Adware
Adware is advertising-supported software
It causes pop-up ads or banners to appear on your computer.
It downloads to your computer when you access certain Internet sites,
install certain freeware
Rootkit
Rootkit hide the fact that an operating system has been compromised
Attacker obtain administrative access and install Rootkit
Rootkit are very difficult to detect
It allows the installation of hidden files, processes, hidden user accounts etc
Ransomware
It restricts access to the computer system and demands ransom to remove
restriction.
 It encrypt files or simply lock the system
It can be installed from an e-mail attachment, infected program or
compromised website
Examples
ILOVEYOU – 2000
Attacked millions of Windows computers
 It started spreading email message with the subject line "ILOVEYOU" and
the attachment "LOVE-LETTER-FOR-YOU.txt.vbs".
Opening the attachment activated the visual basic script.
Damage MP3 files, overwriting image files and automatically send itself to
all contact in a users address book.
Examples
C-Brain: January 1986
Damaged millions of personal computers.
Virus enters the machine memory once the PC is booted with the infected
floppy.
It infect other floppy disk accessed while it is in memory
It slow down disk access and cause timeouts, make disks unusable and
create data loss
Examples
Code Red & Code Red II – July 2001
The worm exploited a vulnerability that was found in machines running
Windows 2000 and Windows NT.
The worm spread itself using buffer overflow vulnerability
It launch DoS attacks, deface web sites and install remote backdoor
program
Ways To Avoid Malware
Use Antivirus software
Set up your computer for automatic software and OS updates
Disable Java Scripting and Flash in your web browser
Use Firewall software
Don't install or download unknown programs to your computer.
Never open an email from a stranger
Choose strong password for accounts
Use browser other than IE Explorer, such as Firefox or Opera