Malicious software is the software built for the purpose of destroying data or to cause dysfunction of the computer. The malicious software can reach a computer through data transfer from an external interface such as network connection or external storage device. In order to protect a computer the security software must be installed that shall check all external data for malicious software before writing to the computer storage. If it is detected that the computer is infected with malicious software then the cleaner software must be used to remove the malicious software before connecting the computer to the network or using an external storage device. Malicious software can be a serious security risk, it may not only delete the data and make computers unusable but can also create annoyance to others by sending out unsolicited emails on the network and infecting other computers.
Types of malicious software
There are following types of malicious software that can be transferred to a computer.
- Trojan horse – This is software that pretends to be benign but carries hidden malicious software. In disguise of a useful software utility it may install a virus or a worm on the computer. Trojan horse shall reach a computer through an application such as game, plug-in browser module or utility software like time manager, cookies, etc (Trojan, virus and worm).
- Virus – This is a computer program that is written to cause harm, it may delete data on the hard drive without any intimation to the user, may execute at unpredictable times and do strange things on the computer. Virus may also modify the registry entries of applications and make them not usable. Virus is infectious and may be transferred to any media that carries virus infected data (Trojan, virus and worm).
- Worm – This is a software program that multiplies and travels on its own. An infected computer if connected to the network may therefore send out worm piggybacked on e-mails to address book contacts or in broadcast messages. The worm shall thus cause unnecessary traffic on the network and spam for the users (Trojan, virus and worm).
- Spyware – This is a computer program that shall track the computer activity, secretly read the user data and influence the user experience on the computer and the WWW. The spyware like other malicious software may be downloaded through a Trojan horse, or control pop-ups. Control pop-ups are the WWW pop-ups that may seek user permission through OK, YES, CANCEL, INSTALL, etc buttons to perform an action. If acted upon these control pop-ups may record user identity for website access statistics and install cookies or spyware. Browser add-ons and anti-spyware software may also include spyware (Coustan).
Security risks of malicious software
- It may destroy data on the computer hard disk.
- It may cause fragmentation of memory.
- It may steal user identity.
- It may track user computer activity or www access behavior.
- Because it may execute at unpredictable times it may degrade the performance of the computer and may affect user work output.
- The spyware may change the web browser behavior by modifying home page, redirecting website access to a different website in order to claim click count, change firewall settings to make computer vulnerable and show unnecessary pop-ups (Coustan).
Security methods for malicious software
The tools that can be used to protect the computer are:
- Username and password must be configured for all users of the computer. These must be kept confidential and not shared with others (Baker).
- When using external storage devices ensure that the device was not connected to an infected computer system earlier. Do not leave the computer system unguarded. This is in order to protect the mischievous person from using infected storage device on the computer.
- Configure the web browser for best security settings. The web browser will allow user to control display of pop-ups and installation of cookies. It is also possible to configure automatic installation of ActiveX plug-in. ActiveX controls get access to the Windows Operating System internals therefore ActiveX controls from unreliable vendor may be a security threat. ActiveX controls are reusable object-oriented software plug-ins for the browser. Microsoft has included a registration system to allow the browser to authenticate the ActiveX before downloading it. If the ActiveX is from not trusted vendor a warning is displayed before the commencement of download (Coustan).
- Do not download software from websites not trusted. The software may contain spyware that may steal user identity. Though most of the time this may not cause any harm to the computer data but may result in adware (advertisement pop-ups) or spam.
- Avoid installing applications from advertisement pop-ups. These may be a Trojan horse or may include spyware. Spyware scanners such as Ad-aware, Spybot and Microsoft AntiSpyware must be installed to protect from and detect spyware on the computer (Coustan).
- Install and periodically execute anti-virus software on the computer. This software scans all files to be written on the computer and incoming and outgoing e-mails for the malicious software. The popular anti-virus software is from Norton and McAfee, Microsoft also has virus removal software.
- Install spam-guard on the e-mail client to filter unsolicited e-mails. These unsolicited emails may include controls to redirect user to a website that may retrieve user identity through cookies. They may include links to download software applications that are disguised malware, a novice user may be at risk of installing malicious software. Do not open e-mails from unknown sender, if in doubt it is best practice to seek assistance from the computer system administrator (Baker).
- If a pop-up appears on the computer screen and the user is not sure about the given options, user must use X on the top-right corner of the window to close the pop-up. If a pop-up appears even when computer is not connected to the internet the computer may be infected with spyware. Anti-spyware software must be executed to clean the computer (Coustan).
- Update all security software regularly to ensure that they include security definitions for the latest threats. Backup all the important data as a precautionary measure.
Install the firewall to disallow unauthorized access to the computer this will protect the computer from unsolicited adware and websites that have stolen the user identity through spyware. Configure encryption on all external tunnels (Baker).
- The SMTP server must scan received e-mails for malicious software before delivering to the host e-mail box. The send node of the STMP server must scan all outgoing emails to ensure credibility of the organization.
- The access logs on other servers such as code and document management servers must be scanned to ensure that there is no malicious activity. A notorious user may write a malicious software program to cause trouble.
Coustan, D. How Spyware Works. Howstuffworks. 2007. Web.
Trojan, Virus, and Worm Information. 2007. Undernet. Web.
Baker, B. Security Education for Users: A Starting Place for Network Administrators. 2001. SANS. Web.
Malicious Software Removal Tool. 2007. Microsoft. Web.