Malicious software Software that is evil, annoying, socially maladjusted, anarchistic and otherwise destructive Sometimes feels like the bane of the Internet Constant concern for "viruses" on your computer
Malicious software "Malware," "Badware," "Junkware" Wide range of intrusive software Installs without user consent Hostile, intrusive or annoying Not to be confused with legitimate software that just doesn't work well
Sources Businesses Track buying or viewing habits Criminals Steal personal information Distributed Denial of Service Attack Multiple hijacked machines simultaneously hit a targeted site
How they spread Trick user into installing Click on attachment Installs with other software Normally downloaded or shareware Exploit security holes Attacks your computer remotely Macros in Office documents
Virus Often used broadly as a term for all malware Definition is more precise Term comes from Biology Enters host Replicates itself Spreads to other hosts
Virus Self-replicating computer program Installs on your computer without your permission Makes copies of itself and attempts to spread Infects other files, documents Those files and documents move around
Virus Forms of replication Infected disks Infected files Main sources of spread Files downloaded from the Web Email attachments Peer-to-peer file sharing
Virus Malicious behavior Reformat hard disk, delete data Display message No external visibility Potentially damaging even if benign Any system software can cause problems
Virus Anti-virus software is a must for certain systems Especially Windows Must update and scan regularly Most popular programs: McAfee, Symantec, Sophos
Worm Similar to virus But does not need to attach to an existing file, disk, or program Moves across a network Exploits security hole on target computers Installs itself Begins to search for new targets Chews up bandwidth while replicating
Worm May carry dangerous payload Leave Trojan horse or backdoor access Plant virus Damage data on target systems New worms exploit backdoors opened by previous worms Your system will grind to a crawl Firewall software is a must Normally built-in, but must be turned on
Trojan horse Useful program run by the user Malicious software installs in the background Commonly installs backdoor or other security breach Can be exploited later Mostly malicious intent Allow hacker access to your computer Antivirus software deals with this
Spyware - Statistics 2005 - 62% of all computers had spyware installed 92% of users were unaware 2006 - 90% of computers infected In the first half of 2007, spyware infections prompted 850,000 U.S. households to replace their computers
Spyware - Statistics 81% of home computers lack core protection Updated anti-virus software, a firewall, spyware protection 38% of home computers lack any spyware protection software 68% keep sensitive information, like personal correspondence, professional records, and financial information, on their home computers 74% use the Internet for sensitive transactions from their home computers, such as banking or reviewing personal medical information
Adware Software automatically displays or downloads advertising material Typically without the consent of user Often a form of spyware, or in conjunction with spyware Ads targeted to user profile, web habits, personal info Information gleaned from spyware
Adware Not to be confused with legitimate banner ads and pop-up ads Benign and honest about it If ads pop up randomly, or persistently Or when the browser isn't even open Or when you're not connected to the Internet
Other antivirus info Static scan Files on hard disk Modifications to hidden sectors on disk Modifications to active memory Dynamic scan Detect malware as it arrives Looks for Known signatures Known bad behaviors
Security updates Every operating system vendor releases regular security updates As threats are uncovered Enable automatic security updates Especially critical in Windows Disable pop-up windows in your browser
Genetic diversity Same function in biological systems Diversity assists against an entire population wiped out by one virus Windows invites attack Architectural weaknesses exist Other platforms not as vulnerable Less targeted Fewer architectural weaknesses
Windows vs. Mac Is Mac really safer than Windows? For the most part it's true Windows is a much bigger target Mac is built on Unix which has fewer security holes No operating system is completely fool-proof If Mac earns 90% of the market...
Surfing guidelines Don't download programs, music or other files from random sources Don't download toolbars Don't EVER click on a pop-up ad!! Be cautious about online games Especially if they require you to install software in order to play Turn off pop-ups in browser
How to tell you're infected Performance is horrible! Gets better when you unplug the network cable Pop-up ads every few minutes Mysterious new toolbars on desktop Home page redirected Failed site page redirected Search page redirected