COMPTIA Security+ Tutorial: Module 03,Part 01 – HIGH SECURITY MALWARE THREAT

HIGH SECURITY THREAT

The Module 3 of Comptia Security + will discuss about the Malware threat, Phishing, various types of attacks, both wireless and application attacks, LDAP, XML injection, mitigation and deterrent techniques, security traits and vulnerabilities, and assessment techniques. It will also throw some light on penetration testing and vulnerability scanning.

In the first section we will have a look at the Types of Malware.

HIGH SECURITY THREAT-MALWARE

Our system hardware and information that is stored on is important to all of us. But there are a few malware i.e. the malicious software that gains access and damage a computer without the owner’s knowledge. Malware, includes spyware, key loggers, worms or any code that infiltrates a computer.

The Malware can be further classified into:

  • Viruses
  • Worms
  • Trojans

Similar to malware, a virus is a software that harms the system after it attaches itself to the file. Every time, if you copy the file, you copy the virus. To protect the system we need to get antivirus.

A worm is also similar to a virus in a way. It is also a malicious software that does not attach itself to the files. Worms have the tendency to replicate themselves on the network. The key characteristic of the worm is that, it requires no human interaction.

Trojans, on the other hand, are softwares that can do good or do bad. It might do good but can do bad in the background. They can be used to steal the data on the computer or even corrupt the data.

Collectively, we can deal with these using the Anti-Malware which is a better classification that addresses all Trojans, Viruses and Worms.

Malware is a software that is based on the intent of the creator. Initially, the malware was created as experiments and pranks, which led to destruction of the targeted machines. It has now evolved to affect the system through the malware as described under.

Adware is a malware created for profit through the forced advertising that is called Adware.For example: we have the pop-ups that will pop everywhere on the page when you are online.These pop-ups can cause severe harm to the system. Simple solution to deal with the Pop-ups is that you disable them on your system.

Spyware steals private information from the computers. When we are online, website will push the cookie file to our server. This cookie can tell where the users have been through the internet. In other words, it can also be referred as the invasion of the privacy. These cookies are pushed on to the system to track where do you visit online during which they can push the worms.To protect our system against the spyware, we can use Anti Spyware .

There are some other types of Malware, that either spread email spam (Zombie Computers) or extorts money (Ransomware).Some other important terms that relate to Malwares includes Root kits, tools used by malicious persons to gain root access to your system or the administrator access. They can hide their presence in your system.

Back doors, can be put in place by the malicious persons or even by the administrators. When people do programming, they might want to get into it to correct the program,but they do not want to log on to it every time. And hence, they would put in the back door. They put in the back door so that they can better manage the softwares. Malicious persons can also put in the back doors. This is an unauthorized way of gaining access to the computer without authenticating. It is because they seek guaranteed entry each time they enter.We should check that our system should not have back doors to protect the integrity.

Logic Bombs,a code that can be planted in your software to activate the date of the event. Logic Bomb can be put in place to create a denial of service or it can cripple the service for a period of time. It is necessary to check the code as it will remain with the code until it is the time, a post which it will be triggered. BotNet,is a system that has been compromised or a collection of computers that have been compromised by a malicious person. These are used in the cohesive fashion to a distributed denial of service. The malicious person plant a robot to attack a victim.

Ransomware, the newest form of attack in which a Malicious person can infect the system using the software and lock the system. After which we can click on anything. These are something called money packed viruses. Polymorphic Malware,The word ‘poly’ means many and ‘morphic’ means to change form. The Malicious person will design their software so that every time it moves in the system, it changes its forms. The DNA of the software is strong that every time it moves from one system to the other, they change the infrastructure.

Armored Virus,are designed with encryption with them. The anti virus can not be allowed to scan the device with the armored viruses.

Precautions to keep away the Malware (malicious software) could be:

  1. To be careful with attachments, you open.
  2. Be cautious when surfing.
  3. Install and maintain the quality antivirus program.
  4. Stay away from the suspicious websites.