Viruses and Malware: The Key to Avoiding Infection (Pt. 2)

8 Jun

antivirus-ost

The Three Most Common Venues of Infection

P2P Software

Peer-to-peer (P2P) software has a long, controversial history riddled with issues of misuse. While P2P software is not inherently bad, it is often used by individuals wishing to illegally acquire media (movies, music, other software) for free. As such, the type of person who uploads this pirated content to share with others often engages in other unethical practices, such as backdooring their uploads with viruses and malware. When you or someone in your organization uses P2P software to download pirated media, you put both your machine and environment at great risk. Using these types of software for illegitimate purposes is much akin to wandering down a dark alley in a bad part of town: you’re asking for trouble!

Solution: Avoid using P2P software entirely. As an IT administrator, prohibit its use within your organization.

Drive-by downloads

Drive-by download, like malware, is an umbrella term used to describe any type of situation where software is installed and the user is unaware of the software’s intent. This can happen a number of different ways. If you are browsing a shady website, the website may attempt to automatically and silently exploit third party applications used by your web browser to display content. Alternatively, you could visit a site that suggests you have a problem with your computer and that you need to download and install a cleaning tool to fix the problem. Both of these situations lead to an infection.

Solution: Keep your computers well patched with frequently updated applications like Adobe Flash. More importantly, avoid unscrupulous websites that may attempt to take advantage of your machine.

Infected email attachment

An increasingly popular method of distributing malware involves sending victims an infected email attachment. These are frequently sent out under the guise of an official, well-known organization and appear to have urgency requesting the victim’s attention. For example, you may receive an email appearing from UPS suggesting that you have an outstanding invoice that needs to be paid, with an attached PDF allegedly describing the charge. The PDF is actually infected, and opening it results in the compromise of your computer.

Solution: Utilize an effective spam filter to prevent the delivery of these types of emails. Additionally, learn how to spot spoofed and infected emails through an IT Security Awareness Training session from a reputable vendor.

IT Security is a global landscape that is constantly evolving. With increasing levels of connectivity, security events that happen on the other side of the planet can reach you in seconds. While there is no practical and sure-fire way to entirely eliminate the threat of malware infection, providing user education on infection venues and easy-to-learn solutions will significantly lessen the likelihood you and your organization run into problems.

For more information on malware, including outbreak containment, incident response, and risk assessment services please contact the OST Security Practice by emailing dkilpatrick@ostusa.com

—–

W. Scott Montgomery

W. Scott Montgomery

W. Scott Montgomery joined OST in the spring of 2009 as the Manager of the OST Security Practice. Scott joined OST with over 30 years of IT and IT Security related experience. Scott has personally performed more than 1,000 Security Assessments for several hundred organizations. Using a proprietary and unique assessment approach, developed by Scott and used since 1998, the OST Security Team has the ability to gather, analyze and assess the security of any organization.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: