ÃÛÌÒÊÓƵ

Malware

Malware, which is short for malicious software, can be used to compromise computers, steal data or bypass access controls.

The most common types are:

  • Adware
  • Bots
  • Bugs
  • Ransomware
  • Rootkits
  • Spyware
  • Trojan horses
  • Viruses
  • Worms

See descriptions below.

Types of Malware

  • Adware

    Short for advertising-supported software, Adware is a type of malware that delivers advertisements. Common examples are pop-up ads and advertisements that are displayed in software. Software often offers “free” versions that come bundled with adware.

    Most adware is sponsored by an advertiser and is used to make money. While some are solely designed to deliver advertisements, it is not uncommon for adware to come bundled with spyware that is capable of tracking user activity and stealing information.

  • Bots

    Software programs created to perform simple and repetitive operations. While some bots are created for harmless purposes (online contests, video gaming and internet auctions), it is becoming increasingly common to see bots used maliciously.

    Bots can be used in groups of computers to be controlled by a third party for distributed denial of service (DDoS) attacks, to spam large amounts of advertisements on the internet, as website scrapers, and for distributing malware disguised as popular search items on download sites.

    The most common way to guard against bots is with CAPTCHA tests that verify users as humans.

  • Bugs

    Bugs are a flaw that produces an undesired outcome in the context of software. Usually the result of human error, bugs normally exist in source code or compilers of a program.

    Significant bugs can cause crashing or freezing.

    Security bugs can allow attackers to bypass privileges or override authentication.

  • Ransomware

    Ransomware is a form of malware that holds a computer hostage when it installs covertly on a computer and restricts access to the computer by encrypting files or locking the system down and demanding a ransom to restore it.

    The only fix, if the files are encrypted, is to restore from “offline” backups not accessible to the infected computer.

    Ransomware is typically spread by a downloaded file that is disguised as a legitimate file.

  • Rootkit

    A type of malicious software designed to remotely control or access a computer without being detected.

    Since this software has “root” or administrative access, it has full control of any existing software. This means it can modify any software, including any that may be used to detect or circumvent it.

    As a result, detection relies on manual methods such as monitoring computer behavior for suspicious activity, storage dump analysis and signature scanning.

  • Spyware

    Software that tries to gather information about a person or organization without their knowledge and may send this information to another computer without that consumer’s consent. Spyware is mostly classified into four types:

    • Adware
    • Tracking cookies
    • System monitoring
    • Trojans

    Spyware is mostly used to track and store internet user’s movements on the Web and serve up pop-up ads.

    While the term spyware suggests software that monitors a user’s computer habits, spyware can collect almost any type of data, including personal information such as surfing habits, passwords and bank or credit card information.

    Spyware can be included with genuine software, including “free” software, and from malicious websites.

    Spyware installs itself on a system by deceiving the user or by exploiting software vulnerabilities.

  • Trojan or Trojan Horse

    A type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware. A Trojan can give a malicious party remote access to an infected computer.

    Once infected, the attacker can steal logins, financial information and research data.

    They can also install more malware, modify files and monitor activity like screen watching and keylogging. Most Trojans are spread by some form of social engineering, such as an attachment in an email.

    If installed with elevated privileges, meaning an Admin account, a Trojan would have unlimited access.

  • Virus

    A virus is a form of software that is capable of copying itself and spreading to other computers, hence the name “virus”. Viruses can access personal data such as:

    • Bank or credit card logins
    • Corrupt data
    • Spam email
    • Log keystrokes
    • Render computers useless

    Viruses exploit vulnerabilities in operating systems, browsers and other software and social engineering to gain access to their host’s computers.

  • Worms

    Worms are among the most common malware. They spread by exploiting vulnerabilities in operating systems.

    Typically worms cause harm to host networks by overloading web servers or consuming bandwidth.

    Worms can also have “payloads” that can cause damage to computers. Payloads are code, written to perform actions such as deleting files, stealing data, and encrypting files in ransomware attacks.

    The most common payload is to install a backdoor for creating botnets.

How to Minimize the Threat of Malware

  • Avoid opening links/attachments from unrecognized or unexpected emails. Phishing is the most common method of getting infected.
  • Use anti-virus/anti-malware software and keep it updated. Any computer that is connected to ÃÛÌÒÊÓƵ’s local area network (LAN) or VPN via a LEA account, is protected by ÃÛÌÒÊÓƵ University IT security systems and software. This includes anti-virus/anti-malware and network protection. ÃÛÌÒÊÓƵ University systems are licensed for firewall and anti-virus/malware software. This software is updated and managed by ÃÛÌÒÊÓƵ University IT.
  • Keep your computer's operating system automatically updated. Go here for more information on Computer Security.
  • Use strong passwords. It is the first line of defense.
  • Use dual-factor authentication, if available, which requires your password and another form of identification, such as an app on a cell phone.
  • Don’t use administrative accounts unless absolutely necessary. Since administrative accounts allow full access to your computer, malware with administrative access can defeat your computer's defenses. Unless absolutely necessary, use standard accounts.