Malware sometimes feels like the technical bane of the Internet. All that connectivity and information and entertainment and uplifting content and then you find that your computer performance has slowed to a crawl and annoying ads are constantly popping up whenever you open your browser (or even if you don’t).
Malware existed before the Internet, primarily spread via the sharing of infected floppy disks or illegally downloaded programs. The universal ubiquity of the Internet has accelerated the spread of malware in a variety of forms.
The Internet has become a powerful mechanism for propagating malicious software programs designed to annoy (e.g., deface web pages), spread misinformation (e.g., false news reports or stock quotes), deny service (e.g., corrupt hard disks), steal ﬁnancial information (e.g. credit card numbers), enable remote login (e.g., Trojan horses), etc.1
Why do people create malware?
Why indeed? Malware doesn’t happen by accident. It has to be deliberately written by a computer programmer to do exactly what it does. Hobbyists have been known to write malware as an academic exercise, just to see what happens. But most malware arises from more sinister motives. Malicious hackers may write malware in order to punish organizations with whom they have a disagreement, or to dramatically demonstrate the lack of security inherent in some systems, or to gather and sell information to criminal elements, or even just to sow the seeds of anarchy through destructive behaviors. Some hackers want to facilitate the spread of spam. Others want to harness your computer in order to launch a distributed attack on some other system. Businesses may want to track buying or viewing habits. Criminals may want to steal personal information. The topic is quite complex, but we’ll try to keep it simple and cover the most important topics.
How does malware spread?
The most common delivery mechanisms for malware are email attachments and files downloaded from the Internet.
Email systems are becoming smarter over time and many problematic email attachments are caught by providers before a user even has a chance to do something dumb. But some emails with malware still get through. The rule of thumb is that if you don’t have confidence in the nature of an email attachment, don’t click on it.
E-mail worms and viruses can reach computer system and infect system through harmful attachments. VBS, BAT, EXE and many other types of files that execute code must therefore be treated as dangerous and should not reach desktop computers, where users may be tricked into running the attachment containing an executable file.2
The most dangerous files on the Internet are those that are illegally downloaded. The highest concentration of malware-infected downloads occurs in pornographic material, particularly illegal content. In a classic case, a user is searching for illicit content and finds himself on a website that purports to have the material he’s looking for. The site then informs him that he must install a custom video player in order to view the content. A rational, thinking individual would realize that video players are pretty standard equipment these days (think YouTube) and that it doesn’t make a ton of sense to have to download and install their specific viewer just to watch their video content. But of course, the individual parked on an illegal porn site, trying to access illicit material, isn’t thinking rationally. In fact, by this point in the process, much of the rational thought processes of the frontal lobes have already given way to the emotional, pleasure driven limbic system. That’s a perfect frame of mind in which to make a really bad technology decision. This ploy is almost always simply a honey pot designed to induce you to install malware onto your machine. From there, the individuals controlling the virus can spy on you, steal credit card information, or otherwise clean you out.
Increasingly smartphones have become the target of malware.
The ﬁrst malicious software aimed at smartphones hit in 2004. Smartphones are mobile phones that permit users to install software applications from sources other than the cellular network operator. Today more than 300 kinds of malware—among them worms, Trojan horses, other viruses and spyware—have been unleashed against the devices. As sales of such sophisticated phones soar worldwide, the stage is being set for the massive spread of malware. Steps are being taken to prevent that scenario, but the opportunity to block the onslaught is unlikely to last long.3
How do I know if my computer is infected by malware?
How do you know you’re infected? That can be a tricky question, since most malware depends on remaining undetected for as long as possible. If the malware is spying on you, it never wants to be detected. If it’s intended to unleash an attack of some sort, you’ll know it as soon as the attack is launched, by which point it will be too late.
Malware is designed to infiltrate a computer system unknowingly to the owner. Because of the popularity of the Internet, malware spreads rapidly and causes major disruptions from attacks. Web-based malware can be classified into two categories according to the techniques used for delivery. The first uses social engineering techniques to entice users to download and run malware. The second exploits vulnerabilities of web browser to automatically download and run malware unconsciously while the user is visiting a website.4
It turns out though, that most malware tends to manifest itself in a few well-known ways. Here’s a list of possible symptoms that may suggest your computer is infected with malware:
- Your system performance is horrible and getting worse over time.
- Your system performance gets better when you disconnect from the Internet.
- Pop-up ads show up every few minutes.
- You find mysterious new toolbars on your desktop that you don’t remember installing.
- Your web browser home page has been redirected to a commercial page.
- The page that appears after a failed search result is one that you don’t recognize.
- Your default search page has been changed.
Instead of displaying a message or erasing your hard drive, modern malware is more insidious, turning your machine into a relay for spam, a staging ground to attack other systems, or a spy capturing your bank account and credit card information—or all three.5
For most people, the best recourse if you suspect your machine is infected is to take your computer to a service professional for a regular check-up.
I mentioned that malware is a broad topic. In the remainder of this chapter, we’ll address several different types of malware:
- Trojan horses
Internet Safety Podcast Interview with Chris Larsen of Blue Coat (Part 1)
Internet Safety Podcast Interview with Chris Larsen of Blue Coat (Part 2)
Internet Safety Podcast Interview with Chris Larsen of Blue Coat (Part 3)