N-CAP Users Guide. Everything You Need to Know About Using the Internet! How Worms Spread via Email (and How to Avoid That)



Similar documents
What are Viruses, Trojans, Worms & Spyware:

ANTI-VIRUS POLICY OCIO TABLE OF CONTENTS

WORMS HALMSTAD UNIVERSITY. Network Security. Network Design and Computer Management. Project Title:

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them

Dr. David Turahi Director for IT&IMS - MOICT Uganda

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

NEW JERSEY STATE POLICE EXAMPLES OF CRIMINAL INTENT

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

1. Threat Types Express familiarity with different threat types such as Virus, Malware, Trojan, Spyware, and Downloaders.

ANTIVIRUS BEST PRACTICES

BE SAFE ONLINE: Lesson Plan

Computer Viruses: How to Avoid Infection

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

1 Introduction. Agenda Item: Work Item:

Computer Security Maintenance Information and Self-Check Activities

PC Security and Maintenance

Protecting your business from fraud

Network Security. Demo: Web browser

Open an attachment and bring down your network?

WEB ATTACKS AND COUNTERMEASURES

Chapter 14 Computer Threats

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

This guide will go through the common ways that a user can make their computer more secure.

Malicious Programs. CEN 448 Security and Internet Protocols Chapter 19 Malicious Software

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Malicious Software. Ola Flygt Växjö University, Sweden Viruses and Related Threats

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Airtel PC Secure Trouble Shooting Guide

Do you constantly get hammered by pop up ads that come from nowhere and interfere with using your computer?

Recommended Practice Case Study: Cross-Site Scripting. February 2007

How To Understand What A Virus Is And How To Protect Yourself From A Virus

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Don t Fall Victim to Cybercrime:

THE PROBLEM WORMS (1) WORMS (2) THE PROBLEM OF WORM PROPAGATION/PREVENTION THE MINIMUM VERTEX COVER PROBLEM

What you need to know to keep your computer safe on the Internet

Books and Beyond. Erhan J Kartaltepe, Paul Parker, and Shouhuai Xu Department of Computer Science University of Texas at San Antonio

Malware Trend Report, Q April May June

What Do You Mean My Cloud Data Isn t Secure?

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

Recurrent Patterns Detection Technology. White Paper

CBI s Corporate Internet Banking Inquiry Services gives you the ability to view account details and transactions anytime, anywhere.

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

PATCH MANAGEMENT POLICY PATCH MANAGEMENT POLICY. Page 1 of 5

It is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes.

Malware, Spyware, Adware, Viruses. Gracie White, Scott Black Information Technology Services

Cybersecurity Best Practices

1 Introduction. Agenda Item: Work Item:

Learn to protect yourself from Identity Theft. First National Bank can help.

Information Resource Management Directive USAP Software Management and Protection

CS549: Cryptography and Network Security

(Self-Study) Identify How to Protect Your Network Against Viruses

Viruses, Worms, and Trojan Horses

The following multiple-choice post-course assessment will evaluate your knowledge of the skills and concepts taught in Internet Business Associate.

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Perception and knowledge of IT threats: the consumer s point of view

Computer Security DD2395

SECURITY TERMS: Advisory Backdoor - Blended Threat Blind Worm Bootstrapped Worm Bot Coordinated Scanning

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS

Kaspersky Security Network

The Case For Secure

Comparison of Firewall, Intrusion Prevention and Antivirus Technologies

What Are Certificates?

Kaseya White Paper. Endpoint Security. Fighting Cyber Crime with Automated, Centralized Management.

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

PEER-TO-PEER NETWORK

Network Security and the Small Business

Cyber Security: Beginners Guide to Firewalls

Networks. Connecting Computers. Measures for connection speed. Ethernet. Collision detection. Ethernet protocol

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

How to stay safe online

WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security

Guideline for Prevention of Spyware and other Potentially Unwanted Software

How To Monitor The Internet In Idaho

Common Cyber Threats. Common cyber threats include:

Hesperbot. Analysts at IKARUS Security Software GmbH successfully removed a self-locking Android Malware from an infected smartphone

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 2 Systems Threats and Risks

Trend Micro Hosted Security Stop Spam. Save Time.

Information Security. Louis Morgan, CISSP Information Security Officer

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

Transcription:

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Worms Spread via Email (and How to Avoid That)

How Worms Spread via Email (and How to Avoid That) Definitions of: A Virus: is a software program capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer; "a true virus cannot spread to another computer without human assistance" A Worm: is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computer terminals on the network) and it may do so without any user intervention. Unlike a virus, it does not need to attach itself to an existing program. Worms almost always cause harm to the network, if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer. A Trojan: is a piece of software which appears to perform a certain action but in fact performs another such as a computer virus. Contrary to popular belief, this action, usually encoded in a hidden payload, may or may not be actually malicious, but Trojan horses are notorious today for their use in the installation of backdoor programs. Simply put, a Trojan horse is not a computer virus. Unlike such malware, it does not propagate by self-replication but relies heavily on the exploitation of an end-user (see Social engineering). It is instead a categorical attribute which can encompass many different forms of codes. Therefore, a computer worm or virus may be a Trojan horse.

Worms A worm s mission is to replicate and spread itself from one computer infected with the worm to the next, to the next again and so on. What better and easier way can there be to travel from computer to computer than the Internet? What better and easier way to use the Internet for traveling can there be than to hop on an email? Attachments This is why worm usually come as attachments to email messages. But how do they go as attachments to email messages? They need to find a way to be sent on. Trojan Horses One apparent strategy is to make the recipient send me to their friends. To achieve this, I need to be attractive. There needs to be something in me for the recipient, the best choice probably being fun. Thus I am quickly becoming a Trojan horse -- a malicious program inside a harmlesslooking piece of software. People would open the attachment to have a look, find it amusing and send it on to their friends. This is how a worm can spread and travel with minimal programming effort. Real Worms Of course, such a trojan horse does not spread very fast and probably not very far. It depends on both people opening the attachment and finding it attractive enough to send it to their friends or colleagues. Life as a worm would be much easier if at least the second step could be automated. Fortunately, the first step -- opening the attachment -- is very difficult to automate. This is an important fact and we'll get back to it later.

In order for programs to be able to interact, they often offer a so-called API (Application Program Interface). Via such an interface, any program can make a certain software do something. For example, you can make Word open a text document, or a Web browser go to a specific URL, or make an email program send a message -- make an email program send a message? Isn't that exactly what we need? You bet it is. Via the MAPI (Mail Application Program Interface) -- a Microsoft development -- it is possible to have an email program perform a number of tasks. The most important for us worms are the possibility to access the address book, to create email messages with attachments and to be able to send them immediately. As a worm we'd choose Microsoft Outlook to perform these tasks. Outlook is usually used in a corporate environment, and bringing corporation's computer down and rendering a company's computing infrastructure -- and thus often the company (showing how dangerously dependent we have become on computers and networks is what we are really after) -- useless is the most fun.

How to Avoid Spreading Worms Now that we know what worms do to spread themselves via email, the measures we can take to avoid serving as a welcome sender to the worm are apparent. Not Using Specific Software If the worm uses specific software to travel it is unlikely we help spreading the virus if we do not use the software it exploits. As Microsoft Outlook is often used by authors of worms, not using this program is probably useful. In corporate environments, this is often no option, however. And if nobody uses Outlook, worms will certainly find another, popular email client to exploit. Roughly the same applies to not using Windows as an operating system. So not using specific software does not look like the best way to avoid worms, but it may still be very useful for some. Not Opening Attachments If worms are generally attachments, they have no chance of doing anything malicious or replicating themselves if they are not executed. The code that may be hidden in attachments gets

executed when the attachment is opened. No attachments opened, no worms replicated. It's as easy as that. To not open any attachments of course is no option, so our strategy becomes to not open certain attachments. In former times, when viruses were sent manually, it was good advice not to open anything coming from a stranger. Yet, as today's worms pick their recipients from somebody's address book the senders are likely to be (very well) known. So it's generally a good idea not to open attachments that you did not ask for. If you get something you have never requested (which might happen more often than not), ask! If the sender has not consciously sent you the attachment, it's almost certainly some kind of worm. But even if the sender has sent you the pretty, funny, hilarious, shocking attachment, you're in danger. But you're "merely" in danger of getting your computer infected with a virus, not in danger of falling victim to a worm. Lucky you! Being careful with all kinds of attachments, especially those you never asked for, is, in general, a good strategy to avoid spreading worms.

More, Even Better Strategies Making Digital Signatures Mandatory The best strategy against anything trying to spread itself via email is to make digital signatures mandatory. Unfortunately, it is also probably the most difficult strategy to realize. A digital signature verifies that something is coming from a certain person and that they sent it consciously, just like an (analog?) signature does. Worms, or any program for that matter, cannot create a digital signature for an email. They cannot do it without the user. This is not a theoretical impossibility, but for now it certainly is a practical one. I see danger in programs mimicking the behavior of software like PGP, however. This is the way passwords necessary to create a signature automatically may be "stolen". Still opening emails that carry a valid signature only is an almost perfect strategy against worms. It is, unfortunately, not perfect against viruses, as somebody may very well sign a message with an attachment containing a virus (whether they know that or not). Using Anti-Virus Software Not my favorite solution to worms, but still a very useful one is anti-virus software. Installing any good virus-checker and keeping it up to date is a good means of avoiding both infection with viruses or Trojan horses and spreading worms. This is especially true if you are an administrator and know your users are a bit careless (or -- "stressed"; there's nothing wrong with being careless). Since they would not care to update their virus descriptions, you have to do that too, of course. Even if you do not have anti-virus software installed, their Web sites are real mines for virus information. Check them frequently to find out about hoaxes and real threats, and what to do about them -- even if you do not own the specific anti-virus program.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information