The first widespread computer viruses rewrote the boot sector of physical hard drives and floppy drives and spreading to the other machines when those disks were shared. Many of these early viruses were comical in nature, and others had, at worst, the goal of destroying data after the virus was propagated. The good news is, these viruses are a thing of the past. The bad news is modern viruses much graver. Distributers of viruses and malware are more often criminals than pranksters whose product is designed to gather information which can be sold to other thieves, or used to steal money directly from you.
Here’s a quick taxonomy of computer virus classes:
- Worm: a computer virus which infects computers through a network.
- Trojan: any piece of malicious software which is disguises as, or attached to, an attractive piece of software. Two common bogus downloads containing Trojans are fake installers for Adobe Flash Player or Adobe Acrobat Reader.
- Key-logger: software hidden on a machine which records all of a user’s keystrokes, and possibly web activity. Algorithms are then used to harvest passwords, credit card numbers, and banking information.
- Zombie: a machine which has been infected and now runs software allowing criminals to put that computer’s processor to work, either by utilizing the processor for calculations, or by using the machine as an untarnished source for email spamming.
- Adware: causes a machine to show ads to a user. Sometimes the user does not even see the ads because the main goal is to make money each time the ad is loaded, even in the background. It’s really the unique identity of the computer connection they are interested in abusing, since that is how ad distributers calculate revenue. Adware is often coupled with a warning inviting the user to call a phone number to get rid of the ad. This phone number is nothing more than a phishing attempt.
- Phishing: when a website or program pretends to be another site or entity, and asks for your credentials. Users will often receive an email or see a pop-up they believe to be valid. It will claim to be from eBay, Microsoft, Amazon, Apple, the IRS, etc. The email will link to a website where the user will be asked for their password, or in some instances they will be asked to call a phone number. The criminals will then attempt to gain control of the machine by asking the user to open a connection, or they will simply collect and sell the passwords the user enters.
- RansomWare: See Our Article on Ransomware
To protect yourself from attack CTI recommends adopting a three these three pillars of computer security:
Educate yourself and your employees about the threats they will encounter when surfing the web, opening emails, and installing software. We’ve listed several tips concerning computer security. Make sure everyone who uses your network understands these best practices when using a company network.
Web filtering puts a shield between yourself and the open internet. Devices can automatically scan emails for known viruses while blocking suspicious or unscrupulous websites and content. Stop incoming traffic from gaining access. Anti-virus software scans files locally, and attempts to quarantine known viruses before they are able to infect a machine.
A secure backup is the ultimate safeguard against an attack. If all else fails restoring to a previous system state is sometimes the only defense left.
CTI Connection includes full system anti-virus coverage and a robust backup plan. We recommend also adding a SonicWall® web filter for complete network security.