27 Aug

Cybersecurity 101 – Part 4: Anatomy Of A Virus

This series of articles will explore cybersecurity concerns in the modern workplace. We’ll explore the myriad of potential risk factors facing today’s organization, and look at tools and solutions to help your company fend off the bad guys. If you missed earlier entries in this series, you can find them here.

In this edition, we’ll discuss the various types of malicious scripts and programs that can infect your computer.

Today’s always-connected world poses a myriad of risks to the security of our systems and our data. We are living in an age where online threats to organizations of all sizes are ever-present. To prevent ourselves from becoming victims, we must focus on protecting ourselves and knowing what we need to do (and not do) while online.

Preparation is the key to success. The more prepared you are, the better off you will be.

How Your Computer Can Become Infected

By now, it is common knowledge that we need antivirus protection for our computers and other devices. Malicious code can be hidden in legitimate-looking programs and utilities, email payloads, compromised web pages, etc. A good antivirus program recognizes and defends against any software that is designed with malicious intent, not just viruses. Fortunately, modern antivirus utilities offer full-spectrum malware protection, eliminating all types of malicious software.

Leading cybersecurity software protects against all kinds of risks, so you usually don’t need to know much about any particular threat. However, a general understanding of the various methods of compromising your system is good to have and can be useful when investigating or mitigating a potential infection.

Below is a quick guide to the most common types of threats that organizations of all sizes face today.

Viruses – A virus is a piece of software that can infect a computer, install itself, and copy itself to other computers without the user’s knowledge or permission. A trigger action of some type by the user is required, such as mounting removable media, running a script or program, or clicking a link or attachment. It usually attaches itself to other computer programs, data, files, or a Hard Drive boot sector.

Cryptolockers – A new type of malicious threat that has increased dramatically over the past few years. Like a Trojan horse virus, cryptolockers fool targets into downloading malicious attachments or running code designed to gain access to their files and information. Once received, the cryptolocker encrypts files and data on the host system, rendering them inaccessible. A ransom demand is then made – the victim will have no access to their files and data until they pay the ransom. It’s important to note that paying the demanded fee will not guarantee that access will be restored to all files or any files for that matter, or that irreparable damage has not already been done to the victim’s data.

Malware – A malicious software specifically designed to disrupt, damage, or gain unauthorized access (i.e., “backdoor”) to data on a computer system.

Trojan horse – Malware hidden in what appears to be a legitimate software program. When the user installs the program, the malware is secretly installed and run on the user’s system as well.

Adware – A software that can automatically cause pop-up and banner adverts to be displayed in order to generate revenue for its author or publisher. A lot of freeware uses Adware but not always in a malicious way. If it were malicious, it would be classified as spyware or malware.

Spyware – A software that aids in gathering information about a person or organization without their knowledge. Spyware can monitor and record the activity performed on a target system, such as logging keystrokes, or collect credit card numbers and other valuable information.

Worm – Unlike a virus, a worm is a standalone piece of malicious software that replicates itself and can propagate independently to spread to other computers. It often uses a computer network to spread itself, relying on security flaws to gain access to the target system.

Scareware – Malicious computer programs designed to trick a user into buying and downloading unnecessary and potentially dangerous software, such as fake antivirus protection. Not all antivirus programs are what they seem. Cybercriminals create these fake, rogue programs that “detect” non-existent issues with your system and sell you a fix. At best, these programs offer no real protection. More commonly, they include actively harmful elements. Avoiding scareware becomes more difficult as the programs grow more refined and advanced.

This concludes part four of this series. In the next installment, we’ll discuss how to avoid becoming a victim of a computer infection. Please watch for part 5, coming soon!