Malware Protection

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive

Greetings Central Maine!

Today more than ever, the importance of protecting you computer from malware and virus' cannot be understated.

Without the tools to keep your PC and network safe, you could find your system, and yourself, being held hostage with few options. in this post, I'm going to discuss the common types of malware, and they chaos they can bring. In the next installment, I'll be discussing what I feel are the best tools to prevent your computer or network from getting sick in the first place.


Types of Malware

1. Virus : The obvious number one in this discussion is the grand-daddy, the computer virus. Thankfully, most malware programs aren't viruses. Computer viruses will modify other legitimate host files (or the pointers/shortcuts) so that when a victim's file is executed, the virus is also executed.

Conventional computer viruses are nowhere near as common these days, comprising less than 10 percent of all malware present on the internet today. Viruses are the only type of malware that "infects" other files, which makes them difficult to find and clean up, since the malware must be executed from the legitimate, infected program. As you might imagine, this can be a challenge. Even the best antivirus tools have difficulty correctly identifying and cleaning an infected file. In fact, in most cases, antivirus software will quarantine or delete the infected file instead.

2. Worms: Worms have been around forever, and yes, even longer than the original computer viruses. Their origins are tracked all the way back to the days of the building sized mainframe computers. The advent of electronic mail, aka: email  brought them into just prior to 2000. Malicious worms sent via an email attachment could bring an infection to an entire companies network in a very short period of time, causing lost data and work for many employees; except the IT staff.

What makes worms so malignant is the fact they are self-replicating - one user opens an email containing a worm, and it can move thru a network replicating itself on every workstation and server in the organization, unobstructed. Worms can move thru an organization, infecting any vulnerable computer it can find. At least with a virus, someone had to launch a program or a file. Worms have no such limitation. One worm, called ILOVEYOU, aka The Love bug, almost brought the entire internet to it's knees in 2000, due to it's ability to access a users email contact list and send copies of itself.

You can read more about some of the more famous worms in history here.

3. Trojans: Replacing worms as a hackers favorite tools, Trojans, or Trojan Horse. While worms and viruses work and propagate in a similar manner, Trojans work very differently. Much like the Greek horse used to invade Troy, a computer Trojan Horse will end with the same result. No not the destruction of Troy, rather, the destruction of data on your computer.Trojans are very destructive programs that look like genuine applications. When executed, they can also open up a back door path into your computer giving hackers access to ALL of your data. In fact, something like CryptoLocker can completely lock you out of your computer altogether, requiring an operating system reinstall.

While not self replicating, the destruction of data can be devastating to the owner in many ways, including loss of data and the money involved in recovering from such an event. CryptoLocker and Zeus are two of the more famous versions of a Trojan Horse.

If would like to read some more in depth examples, WikiPedia has a decent article.

4. Ransomware: Ransomware is malicious software, or malware, designed to deny access to a computer or its data, until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting infected websites. Once activated, the malicious software begins to encrypt all of the files on your hard drive, denying you access unless you pay a ransom to the hacker. The vast majority of the time, even after paying the 'ransom' the hacker got their money, and you'll still not have access to your files. No, there's no honor among thieves. Can you save the data? It's mathematically impossible to recover encrypted data without the cypher used to encrypt it.

Ransomware can be devastating to an individual or an organization. All important data stored on computer or network is at risk, including individuals, government or law enforcement agencies, healthcare systems and other critical infrastructure entities. Recovery can be a difficult process that may require the services of a reputable data recovery specialist - and is usually NOT guaranteed. Some victims elect to pay to recover their files, however, there is no guarantee that individuals will recover their files if they pay the ransom.

Ransomware is basically a nightmare. CryptoLocker, TeslaLocker and WannaCry are just a few examples of Ransomware. More in depth information here.

5. Spyware: Spyware is software used to gather information about a person or organization, sometimes without their knowledge. This information is then sent to another entity without the victims knowledge or consent. Further, spyware has the ability to control a device, or enable remote viewing of the activities on that device, without the victim's knowledge or consent.

Used most often for stealing information and activity tracking, Spyware is usually used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users.

You can read more on the Norton page on spyware and how to remove it.



This is obviously not a complete list of the types of malware running wild on the 'net. These are, by far, the most dangerous. I'll throw a couple more links up so you can do further research on your own, if you'd like to. My goal was to briefly discuss the most pernicious types of malware to raise awareness.

In my next article, hopefully in a few days, I'll discuss various options for system protection, including antivirus, antimalware (free and paid for both subject), as well as software and hardware firewalls. I'll also briefly touch on Unified Threat Management (UTM) devices and software. All of which will help make your systems safer, and future internet activities more secure.


See you next time,