• OpeningClouds

WannaCry and Other Mass Viruses


NIMDA, Code Red, SQL Injector now WannaCry, all major global impact computer viruses that held normal people and business hostage till they could be removed or patched. Let share some knowledge about viruses. Will also cover Malware and RansomWare

A computer virus is a piece of code, a program, or an exploit to an existing code, program or operating system that is usually malicious in nature, and meant to cause harm. They delete files from your computer, spread themselves without you knowing and steal your information.

Malware are programs that appear to be legitimate but are not. For instance there are virus programs that install on your computer that use an exploit to an app or an OS vulnerability and ask you to pay money for it to keep your computer clean.

Ransomware is the new trend, take a person/companys data, encrypt it and have the user/company pay a "ransom" to get their data back.

Zombies and bots. Both mean similar things. A zombie is an infected machine sending data back to a site on the internet. If your PC is hacked its usually a zombie. A Bot sends information back to a site on the internet, BUT it also scans networks, local and internet looking for other machines to add to its BOTNET. If it finds other computers that are not patched or are vulnerable then it copies itself to that computer and does the same thing over and over, self propagating all over. Bots then report back to the botnet creators with whatever information they have discovered or can even be used to attack others.

Denial of Service attacks (DDoS) attacks are usually perpetrated by unpatched computers that are bots or zombies. This is something important to remember, the people who own these computers often DONT know they are a bot or zombie. They just think there computer is slow or really has a problem they don't know how to fix. They can be anywhere in the world.

There is a high correlation between pirated copies of software and where attacks come from. Many come from Russia or China, India or other countries. Since they are not using legitimate software, they do not qualify for patches of OS updates. This is something I generally caution people with so they do not jump to conclusions about where an attack has originated from.

How does the normal person fight these problems or attacks. Lets run through a list.

1. Keep your computer up to date with patches. Many patches are security updates that fix vulnerabilities or attack vectors from virus or malware. Keeping up with patches, OS and application patches is the first step in keeping your computer and data safe.

2. Keeping your Anti-Virus up to date. As with patches, your AV program of choice is patched monthly or bi-monthly. Make sure you have them patched.

3. Run scheduled AV Scans. Sounds silly right but most AV programs only do a "Quick Scan" of your system. Make sure you do a full scan at least monthly, or after you get your new patches.

4. Anti-Malware software, get one! There are many options, some free, some pay, some online. Make sure you scan your computer for malware.

5. Safe internet browsing. You may hear about the "Dark Web" but truth is you really have no idea your accessing it when you do. Yes there are places you have to know to get to but I refer to the casual web browser that gets captured by malware on a website via an Ad or redirection to another website. Haven't we all tried to type www.yahoo.com and typed www.yahoo.co ? (Loose example I know but follow along.) the .co website could being you to a site with malicious code and, if you did not keep up with your patches, your now a zombie for that malware.

6. Much of this can be mitigated by access rights to your computer. In a Windows world, for everyday usage, you do not need to be logged on as an Administrator of the computer. In a Mac world, same, you should not have Admin level access with the account your browsing the internet with. Create an Admin account on your system, create a user account on your system and keep them separate.

I hope this helps. Patches and Anti-Malware are your first guards against malicious software on the internet. Make sure you purchase all your software and do not use anything pirated.

Stay safe out there.


0 views

OpeningClouds