New Ways Hackers Are Using Malware Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Malware, the malicious viruses and bugs employed by computer hackers to con and annoy, has become more prevalent in Canada than ever before, according to computer industry research.

In fact, the volume of malicious software detected in 2011 was up 41 per cent over the previous year, said David Turner, director of Symantec Intelligence Group.

At the same time, the complexity of computer viruses is also increasing. Long gone are the days when they were nuisances that scuttled Word documents.

"The long and short of it is that today's malware is incredibly sophisticated," said Turner, who estimated that 90 per cent of it is used for cybercrime, aimed at banks and businesses as well as personal computers.

Among the more prominent attack points these days:

When it comes to today's smartphones, Malware is still a relatively new phenomenon but one that Turner says is growing rapidly.

There are currently 67 malware "families," groupings for malicious software, for mobile phones now, compared to fewer than 10 in January 2010, Symantec reports.

Turner notes that Android's open-source model for phone apps - compared to Apple's heavily vetted system -makes the Google devices a particular target.

"Trying to create malware for any mobile device is difficult," said Turner. "It's more about Trojan applications - apps purporting to be one thing but that are actually stealing your data.

"That's much more difficult to do in the Apple world than in the Android world."

In December 2011, Google removed 22 apps from the Android market on the grounds they were scamming users into paying premium SMS charges for texts.

Social media is also proving to be fodder for hackers who use sites like Facebook and Twitter to target who they will send their malware to next.

In 2010, hackers found a loophole in Adobe's software and sent a number of golf-playing executives a malware-ridden pdf file claiming to contain tips from noted golf instructor David Leadbetter.

"Want to improve your score? In these golf tips, David Leadbetter shows you some important principles," the message read. Turner said that the executives were likely targeted because of social media profiles that highlighted their enthusiasm for golf.

"Ransomware" has emerged as a popular scam for small-time hackers. It typically involves holding a computer hostage with the threat to erase the data unless a payment is made.

The RCMP just issued a warning this week about the so-called Revton Trojan, a recent example of ransomware that freezes a computer and demands payment for a supposedly illegal activity.

In Canada, this malware was employed to freeze computers and send a pop-up message, purportedly from the Canadian Security and Intelligence Service claiming that the address had been linked to downloading child pornography and would remain frozen unless the user made a $100 payment through an online payment site.

Other variants of the scam have accused users of illegally downloading music, viewing pornographic videos or sending spam messages.

A Trojan is software that appears to be a legitimate program, but is in fact malware capable of stealing information or endlessly replicating itself.

Another malware virus called DNSChanger may end up closing a portion of the internet for a time on July 9 as the FBI shuts down a series of servers deployed in the wake of a massive international fraud.

In November 2011, a two-year international investigation called Operation Ghost Click revealed that over 25,000 computers in Canada were infected with the DNSChanger virus.

The malware redirected web browsers to sites of the hackers' choosing and netted the scammers nearly $20 million over four years in "per-click" advertising revenue for those behind the virus, according to Paul Vixie, chairman and founder of the Internet Systems Consortium.

The virus originated in Estonia and was distributed through emails, websites and malware scripts.

The number of computers affected worldwide, estimated to be over 650,000 computers, was enough to convince the FBI to establish temporary "clean" DNS servers that would allow users of infected computers time to rid their computers of the virus and still access the internet. But those temporary servers go offline permanently on July 9.

In 2010, a powerful virus known as Stuxnet targeted Iranian nuclear centrifuges, reportedly shutting down over 1,000 of the machines used to refine uranium.

Eight months later, a second virus known as Stars attacked the same country's nuclear facilities.

Then, two months ago, cybersecurity experts uncovered a worm capable of mining vast amounts of data from infected machines. Known variously as Flame, Flamer or Skywiper, the malware uses a variety of tactics to steal sensitive information, including, surveying network traffic, taking screenshots, including during instant messaging programs, recording audio conversations via an infected computer's internal microphone and collecting passwords.

Because of its sophistication and geographic targets, primarily in the Middle East, the malware is believed to be work of government spy agencies.

"Now we've found what might be the most sophisticated cyberweapon yet unleashed," Alexander Gostev wrote in May on the website of Kaspersky Lab blog. "Flame is one of the most complex threats ever discovered."

While most malware is rooted in cybercrime, some hackers are increasingly attaching a political or activist message to their work.

"This is a pitched battle over the terrain of democracy on networks, freedom of expression in the internet age," Dwayne Winseck, a professor at Carleton University's school of journalism and communications, said to CBC News last year. "So it ain't gonna stop."

Data breaches in the name of a social or political cause were responsible for 58 per cent of stolen data in 2011, according to the Verizon 2012 Data Breach Investigations Report.

Recent high-profile incidents of hacktivism include the hacking of the websites for the U.S. Department of Justice and the FBI by the group Anonymous in January 2012, in response to the shutdown of the file sharing Megaupload; and the takeover of the Fox News politics Twitter account on July 4 (Independence day), 2011, in which hackers posted false tweets claiming President Barack Obama had been assassinated.

In October 2011, Anonymous claimed to have uncovered and taken offline more than 40 child pornography sites. The group also posted a list of over 1,500 of the sites' usernames.

CBC - Thu, 5 Jul, 2012

How Hackers Attack

Despite the many products and services on the market designed to protect computers from getting hacked, many businesses-small firms in particular-are still suffering at the hands of cyberthieves.

Just ask Lloyd Keilson, the co-founder of Lifestyle Forms & Displays Inc., a mannequin maker and importer that had $1.2 million wiped out of its bank account in just hours through online transactions in May. His story was described in a Wall Street Journal article Thursday.

[More from Cybercriminals Sniff Out Vulnerable Firms]

So how did the company get hacked?

Mr. Keilson isn't entirely sure, though experts in Web security say that cyberthieves likely covertly installed a virus on one of his company's computers.

The firm's computers run on the Windows 7 operating system and the company uses an internal firewall to connect to the Internet, Mr. Keilson says.

Its computers are Dell Inc. machines that his staff installed with antivirus software called Neatsuite purchased from Trend Micro Inc., a Japan-based security company, he adds.

[Related: Small business advocate finds middle ground] 

Michael Sweeny, a spokesman for Trend Micro, says Neatsuite is an older product.

Experts say that it's possible that after one of Mr. Keilson's staffers tried to log onto the website for the company's bank, a virus may have redirected him or her to a fake page that looked identical to the bank's site.

If the employee typed in a username and temporary password provided by a secure-ID token, the virus might have sent that information to a thief who could have quickly logged into the bank's real website to make money transfers before the temporary password changed.

Passwords created by tokens tend to be valid for about two minutes, say Web security experts. It's important to note that Mr. Keilson isn't able to confirm that this is what happened.

[More from Malware May Knock Thousands Off Internet]

Why did the company's bank allow money to be transferred out of its account?

In this kind of scenario, banks commonly aren't aware anything is wrong because they're seeing someone log onto their websites with the correct information. Cyberthieves often transfer stolen funds to account created with stolen identification to avoid detection.

How do viruses get onto computers that have anti-virus software?

Computer users often download viruses onto the machines inadvertently by clicking on a website, advertisement or email attachment embedded with malicious content. Mr. Keilson says he isn't aware that any of his employees did this.

Though anti-virus software is designed to recognize such material, it doesn't always work because hackers are regularly refining their tricks.

[Related: Fix That Password--Now!]

"You have to continually evolve your technology approach to security to stay up with the latest threats," says Lawrence Pingree, an analyst at technology research firm Gartner Inc. "What worked yesterday might not work today."

Does it matter what Web browser or operating system you use?

Some Web browsers and operating systems have a reputation for doing a better job of preventing viruses from infecting computers than others.

"We see far more infections on Windows than we do Macs, Unix and Linux," says Wade Baker, author of the Verizon 2012 Data Breach Investigations Report, a study based on cybercrime investigations conducted by Verizon's team, which is comprised of data-breach reports from Verizon and various law-enforcement groups around the globe, including the U.S. Secret Service and the Australian Federal Police.

[More from Apple Preps for Smaller Tablet]

Mr. Baker says there's long been a debate over which Web browsers are the safest but that all browsers - including popular ones like Safari and Firefox -- are susceptible to viruses when users recklessly click on Web ads, email attachments and other online content.

So what can I do to keep hackers at bay?

Be cautious when downloading any material from the Web and opening email attachments. If you don't trust the source, don't open it.

Also, contact your bank and find out what Web-related protections it offers businesses and what it's liable for in the event of a cyberattack on your firm's account. Set up limits on how much money can be transferred from your account in a day and require verbal authorization from an approved employee to make transactions above a certain amount.

For more tips, see Protecting Yourself at the end of the article, "Cybercriminals Sniff Out Vulnerable Firms."

The Wall Street Journal

By Sarah E. Needleman | The Wall Street Journal - Fri, 6 Jul, 2012 1:45 PM EDT