Tag Archives: antivirus

Viruses and Malware: The Key to Avoiding Infection (Pt. 2)

8 Jun

antivirus-ost

The Three Most Common Venues of Infection

P2P Software

Peer-to-peer (P2P) software has a long, controversial history riddled with issues of misuse. While P2P software is not inherently bad, it is often used by individuals wishing to illegally acquire media (movies, music, other software) for free. As such, the type of person who uploads this pirated content to share with others often engages in other unethical practices, such as backdooring their uploads with viruses and malware. When you or someone in your organization uses P2P software to download pirated media, you put both your machine and environment at great risk. Using these types of software for illegitimate purposes is much akin to wandering down a dark alley in a bad part of town: you’re asking for trouble!

Solution: Avoid using P2P software entirely. As an IT administrator, prohibit its use within your organization.

Drive-by downloads

Drive-by download, like malware, is an umbrella term used to describe any type of situation where software is installed and the user is unaware of the software’s intent. This can happen a number of different ways. If you are browsing a shady website, the website may attempt to automatically and silently exploit third party applications used by your web browser to display content. Alternatively, you could visit a site that suggests you have a problem with your computer and that you need to download and install a cleaning tool to fix the problem. Both of these situations lead to an infection.

Solution: Keep your computers well patched with frequently updated applications like Adobe Flash. More importantly, avoid unscrupulous websites that may attempt to take advantage of your machine.

Infected email attachment

An increasingly popular method of distributing malware involves sending victims an infected email attachment. These are frequently sent out under the guise of an official, well-known organization and appear to have urgency requesting the victim’s attention. For example, you may receive an email appearing from UPS suggesting that you have an outstanding invoice that needs to be paid, with an attached PDF allegedly describing the charge. The PDF is actually infected, and opening it results in the compromise of your computer.

Solution: Utilize an effective spam filter to prevent the delivery of these types of emails. Additionally, learn how to spot spoofed and infected emails through an IT Security Awareness Training session from a reputable vendor.

IT Security is a global landscape that is constantly evolving. With increasing levels of connectivity, security events that happen on the other side of the planet can reach you in seconds. While there is no practical and sure-fire way to entirely eliminate the threat of malware infection, providing user education on infection venues and easy-to-learn solutions will significantly lessen the likelihood you and your organization run into problems.

For more information on malware, including outbreak containment, incident response, and risk assessment services please contact the OST Security Practice by emailing dkilpatrick@ostusa.com

—–

W. Scott Montgomery

W. Scott Montgomery

W. Scott Montgomery joined OST in the spring of 2009 as the Manager of the OST Security Practice. Scott joined OST with over 30 years of IT and IT Security related experience. Scott has personally performed more than 1,000 Security Assessments for several hundred organizations. Using a proprietary and unique assessment approach, developed by Scott and used since 1998, the OST Security Team has the ability to gather, analyze and assess the security of any organization.

Viruses and Malware: The Key to Avoiding Infection

1 Jun

antivirus-ost

Nearly everyone has something installed on their computers to protect them from these types of threats. And with good reason – malicious programs are nearly as prevalent as antivirus installations. Black hat hackers (industry term for “the bad guys … we’re white hat hackers, the good guys!) are constantly working to create new ways to take advantage of PCs, both those used in a corporate setting and those used at home.

Computer viruses are technically a type of malware. One can acquire a virus through a multitude of ways. Once infection has been initiated, viruses generally quietly replicate themselves somewhere in the machine’s filesystem. Once they’ve replicated, they often perform some type of harmful activity. For example, a virus might provide an attacker complete control over your machine, just as though they were sitting in front of it. Alternatively, a virus might operate automatically and silently in the background, copying keystrokes and stealing sensitive data while sending it back to the person who infected you.

Malware is an umbrella category for any type of software that operates with an intent that is undesirable to the user or malicious. While viruses are a malware, there are many other kinds of malware. Have you ever had a toolbar that seemed to pop out of nowhere on your web browser, and then noticed that you were being shown loads of pop up advertisements? This is likely the result of an adware infection, a type of malware that displays unwanted advertisements and redirects your attempts to browse the web.

Clearly, these are infections we want to avoid!

The key to remaining malware free is in user-education. Antivirus and antimalware programs do work but they should not be relied upon. They can only offer so much protection. Hackers are constantly working to circumvent them. It’s a cat and mouse game that you don’t want to get caught in the middle of.

What do we mean by user education?

An understanding of how infections happen is critical. Users cannot protect themselves if they do not know which practices are unsafe. The vast majority of infections occur through just a handful of venues. In part two of this article, we’ll describe those venues and how to avoid them, keeping you and your organization safe.

—–

W. Scott Montgomery

W. Scott Montgomery

W. Scott Montgomery joined OST in the spring of 2009 as the Manager of the OST Security Practice. Scott joined OST with over 30 years of IT and IT Security related experience. Scott has personally performed more than 1,000 Security Assessments for several hundred organizations. Using a proprietary and unique assessment approach, developed by Scott and used since 1998, the OST Security Team has the ability to gather, analyze and assess the security of any organization.