Category:Cyber Threat Intelligence
What is malware? Much like adware or spyware, the term refers to a class of insidious computer applications. It is a particular type of virus which is used as a tool to gain access to a computer and force it to perform an unauthorized function.
Guarding against malware attacks is becoming an increasingly complex process. In the 90’s, an experienced user could find and follow instructions for scrubbing away viruses and deleting bots from sub-folders. Today, malware is advanced past those measures a hundred times over. Malicious programs are harder to detect than ever. These applications are better hidden in insidious hidden directory folders. Using Trojan horse methodologies, they immediately create their own web portals and ravage your PC or cloud data for means for reproducing.
Some viruses operate using a combination of these methods.
- Viruses are designed to spread. Computer viruses automatically run through instructions which allow it to find other computers via a network or by attaching to a shared file. Once infected, the computers files may be erased or corrupted. Some can feed on a computer’s processing capabilities like a parasite.
- Browser hijacking software affects the programs we use to access web pages. Some sites perform low-stakes changes like creating a bookmark or saving the page to a favorites list. More insidious examples of browser hijacking malware force or trick users into downloading programs.
- Spyware is used to monitor and track computer user activity. Scammers can sell batches of collected browser histories or IP address traffic. Your files, images, and even webcams can be compromised.
- Adware forces a web browser to show advertisements not posted by the website host. Users of infected computers may experience pop-up ads or see text advertisements interspersed into the page they are reading. Is looking at an ad as horrible as being spied upon? No, but adware is still unethical.
It is easier and easier than ever to make a misstep and allow a virus to infect a terminal or penetrate your network security. Social engineering is an insidious cyber-crime tactic which produces corrupt files which appear legit. Although we instantly disregard unsolicited mail, we are somewhat likely to open a hand-addressed envelope even from an unknown source. Cyber-criminals exploit this tendency creating pages and emails containing threats which look less and less like junk every day. Malicious files are named conventional names like “ContactList.txt” and emails are given emotional subject lines like, “Are you mad at me?” Scripts can cull familiar buzzwords from your files and web traffic.
Sometimes things get personal. When your login credentials are part of cookies stored by a website, spyware can capture the password and username. Hackers can then access your account. Some may attempt to use your same login credentials on other accounts, as many people use the same username/password combination for multiple accounts. If your username happens to be an email account, that address may be added to marketing lists.
Most attacks are perpetrated by a person or group who has something to gain. Criminals are able to steal personal data and hijack computers. It is possible for email spammers to use the processors on your computer to send more spam. Financial gain is a motivation of many; however, some people choose to invade others’ privacy for the most horrifying reasons.
Are you a medium sized business that needs help providing the value of threat intelligence and a SIEM? Try out 'Anomali Reports' for FREE and see just how much we can help!