In order to best serve their clients, companies need to have a comprehensive program in place to help them defend their systems from malware attacks on their company’s infrastructure. These attacks can have a devastating effect on a business’s continuity, so having an appreciation for exactly what types of adversaries your company is up against is important. There are several types of potential intruders that you should be aware of.
Viruses are user-initiated, replicating, and malicious pieces of code that attach themselves to an existing program and can have a serious effect on your operating system, files, and even your antivirus’ ability to work properly. The most obvious sign that you’ve been hit by a virus is the lackluster performance of your system. Viruses are constantly changing as the technology to block them does, making them a constant threat for individuals and businesses alike. Most viruses attack a specific part of your system for which they were written. Types of viruses include:
- Bootsector Virus: A virus that is designed to attach itself to the hard disk at the point where the computer initially reads upon startup.
- Macro Virus: A virus that is designed to use an application’s macro programming language to dispense itself. They target and affect documents and eventually infect related files.
- Memory Resilient Virus: A virus that targets the computer’s memory (RAM).
- Polymorphic Virus: This virus not only replicates itself, it varies its digital signature when it does, making it tough for less-refined antivirus programs to target.
- Rootkit Virus: A virus that is designed to give a third-party administrative control over a system. They are usually disguised as system files.
Viruses are distributed through basic correspondence, such as e-mail and instant messenger; or careless downloading practices, such as downloading files from questionable sources. Viruses can also be acquired by impulsively clicking ambiguous links that the user thinks do something useful (such as closing a pop-up window).
Like viruses, worms replicate and are spread through basic correspondence and downloading from untrustworthy sites. Unlike a virus, worms don’t need humans to initiate them, which makes them that much more intrusive because they don’t need to attach themselves to an existing program. They can duplicate and represent themselves under a harmless name and then do the same to another system when It’s downloaded via a peer-to-peer network. Since a worm will look for even the smallest holes in a system to manifest and replicate, they tend to infiltrate networks and spread rapidly.
Spyware’s main objective is to steal information. Spyware is non-replicating so it doesn’t change the actual performance of the computer system. Once a piece of spyware has been loaded on your system it runs in the background collecting all types of data including, but not limited to, credit card numbers and social security numbers. Spyware can also track keystrokes and personal correspondence. As it infects your software it allows for all types of personal information to change hands. It also has been known to leave companies in actionable positions. In California, they’ve enacted a law stating that any business that has been infiltrated by an attack has to inform their previous e-commerce customers of that attack.
Another non-replicating piece of malware, a Trojan horse, basically does to your system what the original Trojan horse was designed to do to Troy. Under the subterfuge of being a capable piece of software, a Trojan horse will allow an infiltrator into a system for the purpose of siphoning off information. Recently, a Trojan horse code took advantage of a security flaw in older browsers to hide usage. This allows an infiltrator to access your system and allows him/her to cover their tracks after they’ve successfully caused havoc inside your network or made off with the information they were seeking.
If you or your company doesn’t have a comprehensive strategy in place to handle malicious attacks on your network, you are potentially looking at a situation in which your company’s success, and in some cases future, is in peril. If you’re a business owner in the Toronto area and would like more information about how to best avoid a malware attack contact PACE Technical Services at 905.763.7896.