Malware & Your Business: Viruses, Intrusions, and Phishing
February 2, 2012
Viruses, worms, trojans; what began as experiments and games for computer hobbyists has become a battlefield in the emerging world of cybercrime. These intrusions spread lightening fast thanks to an ever more connected world. The results are often devastating for average users in the form of stolen identities and maxed out credit cards. In the business world, malware can be fatal.
In the first of this two part series, we’ll look at just what kind of threats are out there, where they come from, and what kind of damage they might cause. Next time we’ll examine methods for protecting your business technology.
So, just what are the dangers?
The term “computer virus” dates back to a University of New Haven professor in 1984 (CNET News). Computer security firm McAfee defines it as “a computer program file capable of ... replicating itself repeatedly, typically without user knowledge or permission.”
Viruses can and have been spread through any number of means, from magnetic tape to email to infected USB sticks. One famous example was the “I Love You” virus of 2000, which infected over 55 million computers and cost approximately $10 billion (Wired: This Day in Tech).
Trojan Horses and Worms
What’s the difference? Well, one’s for tricking Greeks and the other’s for hooking fish, but that’s not what concerns Internet security experts. Here are the definitions McAfee gives for these two threats, as well as why they’re not called “viruses.”
- A Trojan horse is a malicious program that pretends to be a benign application. It purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but they can be just as destructive.
- Worms are parasitic computer programs that replicate, but unlike viruses, do not infect other computer program files. Worms can create copies on the same computer, or can send the copies to other computers via a network. Worms often spread via Internet Relay Chat (IRC).
Mal Means Bad
The technical definitions of these threats may be different, but the result for your business is often the same. Malware, in any form, is bad. The good news is that thanks to a variety of factors, traditional forms of these threats and their delivery methods are actually on the decline (ZDNet). Unfortunately, viruses and their cohorts continue to adapt to the ever-changing technology world.
Even simple Internet browsing is now a target of “drive-by” attacks. Malicious websites use top search terms or misspellings of popular domain names to get clicks and infect computers. A particularly devious form of this tactic has become known as scareware: fake antivirus programs that warn of threats and promise to remove them (for a price, of course). Scareware may hold systems “hostage” by scrambling files and only allowing access if a certain sum is paid.
But there’s a worse threat that has brought even large and successful businesses to their knees.
Phishing can reveal the electronic chink in your business technology armor. These attacks emulate a trusted online presence to lure users into performing a specific action, such as clicking a link to a virus or filling in a form asking for personal information (like passwords).
Made infamous through email, phishing (or “social engineering”) has adopted the new web with a vengeance. Social-web security company Impermium found in a recent report that up to 40% of social media accounts may be created solely for the purpose of spreading spam and malware. Even Google Documents has become a hideout for these scams (Sophos Naked Security blog).
The reason phishing works is spelled out by an AVG Technologies researcher: “Hackers know the weakest part of any business is almost always the human sitting behind the keyboard,” (Virus Bulletin). Also, while email spam filtering has become part of any good technology security protocol, newer phishing methods are much harder to detect and protect against, as Impermium summed up in that security report:
- There are fewer protections in place on social media networks.
- Attacks often appear to come directly from “friends” or “colleagues.”
- Autocreation of accounts and statuses mean that phishers leave fewer traces after a social media attack than with email.
Counting the Cost
Yes, everyone knows malware is bad for business. But just how bad? Lost productivity is certainly an issue, but the cost of malware intrusions can be even bigger. Consider this sobering quotation from a 2009 McAfee report titled Unsecured Economies:
According to respondents, it costs an average of almost $600,000 per firm to respond to each security breach concerning the loss of vital information such as intellectual property, and that number is expected to rise as the global recession drags on. It is worth nothing that this figure reflects just the cost of cleanup such as legal fees, victim notifications, not prevention and detection.
Then there’s the effect such an attack may have on your customers. 339 businesses with legitimate online presences were hijaked by email phishing attacks in the first half of 2011 alone (Anti-Phishing Working Group).
Just last month a security breach at Zappos (an Amazon reseller) prompted the company to reset all user passwords and warn of potential attacks on users’ credit cards due to compromised personal information. Perhaps more unsettling, major phishing attacks on Google in the past few years specifically aimed at spying on human rights activists and US government agencies, prompting concerns about cyberwarfare.
What To Do
That’s a lot of gloom and doom, and it’s really only a brief summation of the problems facing businesses today. In the next part of this series, we’ll dive into strategies and solutions you can take to make sure your business doesn’t become another casualty in this struggle.