Podcast
Questions and Answers
What is malware?
What is malware?
What is the estimated cost of cybercrime on the world economy in 2021?
What is the estimated cost of cybercrime on the world economy in 2021?
What is the difference between grayware and ransomware?
What is the difference between grayware and ransomware?
What is a potential vulnerability associated with homogeneity?
What is a potential vulnerability associated with homogeneity?
Signup and view all the answers
What is fileless malware?
What is fileless malware?
Signup and view all the answers
What is a potential defense strategy against malware?
What is a potential defense strategy against malware?
Signup and view all the answers
What is the percentage of fileless malware attacks in 2018?
What is the percentage of fileless malware attacks in 2018?
Signup and view all the answers
What is the potential risk associated with excessive privileges assigned to users and programs?
What is the potential risk associated with excessive privileges assigned to users and programs?
Signup and view all the answers
What is the potential vulnerability associated with vulnerabilities in software?
What is the potential vulnerability associated with vulnerabilities in software?
Signup and view all the answers
Study Notes
Malicious software: A Summary
- Malware is any software designed to cause disruption, leak private information, gain unauthorized access, or interfere with computer security and privacy.
- Malware can be classified into sub-types such as computer viruses, worms, Trojan horses, ransomware, spyware, adware, rogue software, wiper, and keyloggers.
- Malware is a serious problem for individuals and businesses, with cybercrime predicted to cost the world economy $6 trillion USD in 2021.
- Malware can target critical infrastructure, such as the electricity distribution network.
- Defense strategies against malware include installing antivirus software, firewalls, applying regular patches, securing networks, regular backups, and isolating infected systems.
- Malware is designed to evade antivirus software detection algorithms.
- Computer viruses have been around since the 1980s, and worms originated on Unix systems.
- Trojan horses misrepresent themselves as benign programs and carry a hidden destructive function.
- Ransomware prevents users from accessing their files until a ransom is paid.
- Grayware includes unwanted applications that can worsen computer performance and cause security risks, such as spyware, adware, fraudulent dialers, joke programs, and remote access tools.
- Potentially unwanted programs (PUPs) are applications considered unwanted despite being intentionally downloaded by the user.
- Antivirus software typically uses static and dynamic analysis to detect malware, but malware uses technical measures to evade detection.Overview of Malware, Risks, and Mitigation Techniques
Malware Overview:
- Approximately 33% of malware is not detected by antivirus software.
- Malware can evade detection by encrypting the payload, changing its form, fingerprinting the environment, confusing automated detection methods, using timing-based evasion, obfuscating internal data, using stegomalware, or running fileless malware.
- Fileless malware has become more frequent with a 432% increase in 2017 and makes up 35% of attacks in 2018.
- Vulnerabilities in software can be exploited by malware, and even when patches are released, they may not be installed immediately, leaving systems vulnerable.
- Users and programs can be assigned more privileges than they require, and malware can take advantage of this.
- Credential attacks can occur when a user account with administrative privileges is cracked, and that account is used to provide malware with appropriate privileges.
- Homogeneity can be a vulnerability, with the same operating system running on all computers in a network, allowing one worm to exploit them all.
Risks:
- Vulnerable software can be exploited by malware.
- Excessive privileges can be assigned to users and programs, providing malware with appropriate privileges.
- Weak passwords can be cracked, allowing malware to use the account with administrative privileges.
- Homogeneity can be a vulnerability, allowing one worm to exploit all systems running the same operating system.
Mitigation Techniques:
- Anti-malware software can block and remove some or all types of malware, providing real-time protection.
- Real-time protection can detect and quarantine infected files, preventing further damage.
- Sandboxing browsers can isolate the browser from the computer and malware-induced change.
- Website vulnerability scans can detect malware and security issues to reduce the risk of the site being compromised.
- Network segregation can hinder the ability of infectious malware to replicate itself across the wider network.
- Air gap isolation or parallel networks can be used as a last resort, completely disconnecting computers from all other networks and applying enhanced controls over the entry and exit of software and data from the outside world.
- Researchers have introduced four techniques that can leak data from air-gapped computers using electromagnetic, thermal, and acoustic emissions.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge on malicious software, its different types, risks associated with it, and mitigation techniques in this quiz. Learn about computer viruses, worms, Trojan horses, ransomware, spyware, adware, and more. Discover the latest techniques used by malware to evade detection by antivirus software and methods to protect against them. This quiz is perfect for anyone interested in cybersecurity or looking to enhance their knowledge on the topic.