IT Attacks – Malware, viruses and botnets

Virus detected

Part 1 – Malware, viruses and botnets

Exploring the internet, be it for work or for pleasure is a little like opening a big old book of children’s fairy tales. Yes, there are delightful tales, pleasures and wonders to be found, but there are also traps, monsters, dragons and witches who are out to get you. Just look at the news headlines – major organisations are hacked every day and have their vital data stolen. Small and medium businesses fall victim to Trojan viruses while cryptolocker scams actually hold your precious data to ransom until you pay over a specified sum to a villain. The online world can be a very frightening place indeed.

But don’t despair just yet. As in any fairy tale, a little knowledge about your enemy can go a long way to protecting you. Many of the internet monsters can be avoided and even overcome if you take a little time to learn about them. In this three-part blog, we are going to look at the main ways that your IT can be attacked, and how you can guard against it. So, are you all sitting comfortably? Then we’ll begin.

Malware – the scourge of the online world

As it’s name suggests, Malware is a malicious type of software created with one aim – to cause damage. Malware infiltrates your computer without your knowledge and once installed within your systems can:

  • vandalise and destroy software
  • steal sensitive information using spyware
  • force unwanted advertising onto your systems via adware
  • spread email spam or porn
  • extort money from you via ransomware

As with the cryptolocker scams we mentioned above, malware was once made simply for the amusement of programmers pranking each other.  However, it has become more malicious as criminals use it to extort money or steal information about bank and credit card accounts, passwords and more. This is then used to drain accounts, run up large bills or is simply sold on to other criminals.

Malware comes in many forms, so it can be hard to keep track of them all. There is spyware, viruses that replicate themselves, key loggers and worms out there, all made up of malicious code just waiting for the chance to get into your computers. All you need to do to be infected is click on a dodgy link, that could well come via a seemingly trusted email or familiar company such as a bank.

Stay safe

Continual vigilance and up-to-date tools are the best way to keep malware at bay. Be very careful when you receive emails from unknown sources, especially those that require you to enter any of your personal passwords. You may be asked to check a “great vid” or website but keep away unless you’re 100% sure it has been sent legitimately. Sometimes even legitimate downloads have malware attached, so you need to ensure you have a good antivirus software package that is up-to-date to check any downloaded programs and do regular scans. A good anti-virus package will recognise unknown threats and warn you about suspicious sites. There is no absolute protection, but stay aware and keeping your systems updated should keep the worst at bay.

Viruses, worms and trojans – an evil trio

Viruses, worms and Trojans are perhaps the three most common types of malware and are often confused by people who don’t know much about IT. But they are different in the way they attack your systems.

A virus works in a similar way to a biological virus in that it can attach itself to a program or file and, once activated, will spread from one computer to another, infecting them. The code a virus carries could be something relatively benign, (one famous example was called Melissa that simply inserted quotes from the Simpsons into your word documents). But many viruses are now designed to cause serious damage to your systems including hardware and software. In most cases, to activate a virus that is in your system you need to run or simply open a malicious program attached to an executable or host file.

A worm is similar to a virus but can replicate itself and move from computer to computer without the user clicking or running any program. It moves via file or data transport features – email, messenger or file sharing. Even if they don’t actually do any harm, worms can use up your computer processing time and take up your bandwidth as they replicate. But if worms are carrying a malicious payload you could end up with deleted or encrypted files or even have a “backdoor” opened in your computer, allowing a hacker to take control of your computer and create what’s called a zombie computer. Email spammers often create worms to help send their junk mail, and they send copies of themselves to everyone in your computer’s address book.

Trojan viruses are so named after the huge wooden horse that was packed with Greek soldiers and given as a gift to the people of Troy, leading to the downfall of the city. In the same way, an innocuous email can lead to the downfall of your networks if you click on it. Trojan viruses are disguise masters. You may come across some seemingly useful software, via email or online that will do huge damage if you download it to your computer. People are tricked as they think they are clicking on legitimate files from a legitimate source. Trojans may contain the usual silly pranks or do real damage by destroying information, creating back doors for hackers or compromising your personal data. They don’t reproduce or self replicate but do great damage and cause huge frustration.

Stay safe

As with all malware, eternal vigilance and good anti-virus software is vital. Many of these types of malware are bundled together to create a blended threat, so you need to be on your toes.

Botnets- an army of darkness

Though the term botnets now has negative connotations in the world of IT, it just refers to a series of online computers communicating with each other to complete a set of repetitive tasks – this could be something mundane like running a chat channel or more destructive like creating spam. Most illegal botnets are composed of computers already hacked and compromised without their owner’s knowledge – the Zombie computers we’ve already mentioned. These are controlled via a single interface used by hackers or “herders”. These criminals use the huge accumulated power of botnets to engage in click fraud, I.e. clicking on ad banners to take money from advertises who pay for each visit. They can also be used to saturate bandwidth and prevent access to websites for long periods causing vendors to pay a ransom to get traffic flowing again. Key logging is another nefarious task that botnets are used for. They report keystrokes of thousands of users visiting websites to the herder who can use this info to access personal information and accounts.

Stay safe

Botnets spread thanks to the huge numbers of compromised computers infected by malware. So it is important to take all the usual steps to protect yourself.

Well, that is the first three of the online monsters tackled. In part two of this blog, we will be looking at the dangers posed by stolen devices, phishing and web-based attacks.

If you have any questions about any aspects of your IT security, get in touch with the experts at Empower IT Solutions who are happy to help you stay safe in all areas of IT.

Further reading

Part 2: Types of IT Attacks – Stolen devices, phishing and web-based attacks

Part 3: Types of IT Attacks – Malicious codes, malicious insiders and DoS