Most Destructive Viruses in Recent History Part II

A computer virus is a type of malicious software program that, when executed, replicates by reproducing itself by infecting other computer programs by modifying them. As we continue to look at the most destructive viruses in recent history we remind our readers to always have the most updated versions of security protocols on your personal and business computers.

 

  • CIHThe Chernobyl virus (also known as CIH) triggers on April 26 each year, the anniversary of the Chernobyl nuclear disaster. It overwrites a chip inside PCs effectively paralysing the entire computer. Its author, Chen Ing Hau, was caught by the authorities in Taiwan.
  • The “Elk Cloner” for the Apple II Systems was created by Richard Skrenta in 1981 and is considered one of the world’s oldest viruses. It infected the Apple DOS 3.3 and spread to other computers by floppy disk transfer. The “Elk Virus” was responsible for being the first computer virus to cause a massive outbreak ever in history.
  • The Anna Kournikova worm The Anna Kournikova worm posed as a picture of the tennis player, but was in fact a virus written by Jan de Wit, an obsessed admirer from the Netherlands. While the damage was not as extensive as the others on our list it was well-known and cost approximately $166,000.
  • The Melissa virus The Melissa virus, written by David L. Smith in homage to a Florida stripper, was the first successful email-aware virus and inserted a quote from The Simpsons into Word documents. Smith was later sentenced to jail for causing over $80 million worth of damage.
  • Sasser & Netsky – Sasser & Netsky are actually two separate worms, but they’re often grouped together because the similarities in the code led experts to believe they were created by the same person. Cost of malware: Around $31 billion.

 

Viruses are becoming more and more sophisticated and can destroy data costing your company time and money. Call M&H Consulting for a security check up and review.

 

The Most Destructive Computer Viruses Part I

It is important in many fields to take a look back and see how far technology has advanced as well as examine ways that it went awry. Recently cyber attacks have made front page headlines as they have impacted tens of thousands of computers worldwide. Viruses, ransomware and malicious hacking are becoming more common and unfortunately more destructive as these cyber criminals become more sophisticated. Therefore, this month we are taking a look back at the most destructive viruses in the past.

 

  • I LOVE YOU Virus – When the ILOVEYOU virus hit in 2000 it was considered one of the most virulent computer virus ever created. With damages estimated in the $10 billion range and 10% of the world’s computers effected it was a disaster.
  • MyDoom – Like ILOVEYOU, MyDoom was a record holder in that is was a fast spreading email-based worm. In 2004, roughly somewhere between 16-25% of all emails had been infected by MyDoom. The ultimate cost of the malware: $38 billion.
  • CryptoLocker – This ransomware spread through email attachments in September 2013 and encrypted the user’s files so that they couldn’t access them. The criminals would then demand a fee for the decryption password. Cost of the malware: With 500,000 victims, CryptoLocker made upwards of $30 million in 100 days.
  • Stuxnex – This is the scariest of the bunch! Stuxnet was built by government engineers in the US with the intention of obstructing nukes from being built in Iran. Stuxnet spread by a USB thumb drive and targeted software controlling a facility in Iran that held uranium.
  • Code Red – This virus first surfaced in 2001 and was discovered by two eEye Digital Security employees. It was named Code Red because the the pair were drinking Code Red Mountain Dew at the time of discovery. The worm targeted computers with Microsoft IIS web server installed, exploiting a buffer overflow problem in the system.

 

Read our next blog as we continue to discuss the Most Destructive Viruses in recent history.

Cyber Attack Trends to Watch out for

With all new technology trends come new cyber attack trends. According to an article in TechRepublic.com, 90 million attacks will hit tech users in a year and 70 percent of them will go unnoticed! Because of this, we have searched for the patterns of cyber attacks to be on the look out for years to come. Here is what we found:

Ransomware will continue to rise:

There have been many cases of ransomware in the past and they are expected to rise as a security problem in taking advantage of vulnerable servers. A large part of the reason for its rise is because this is one of the easiest ways of getting confiscated data back; you just pay the ransom.

Rise in attacks on Industrial Control Systems:

Let’s face it; many of our Industrial Control Systems are past the outdated stage of technology. Because these outdated systems were not designed with cyber security in mind, they are expected to be a security issue for the future.

More Sophisticated Spear Phishing:

With more sophisticated spear phishing, it will be more difficult to tell which emails should be avoided from those that are legitimate. Spear phishing emails are no longer as simple as a scam link being sent and asking to be clicked on. They are disguised as important business/company emails.

Hacking on Internet of Things:

Because the Internet is being applied in every device, even those, which were not originally built to connect online, many every-day appliances are expected to be hit with cyberattacks. These devices can be anything from an app-controlled coffee maker to self-driven vehicles. With these devices, privacy is limited once they are hacked. Hackers can get access to your home and business through these technologies.

Simply being aware of these cyber attack trends is not enough. Security measures need to be taken in order to prevent such attacks. For information on how to get ahead of these attacks, contact M&H Consultants!

Pesky Pop Ups

They are every computer user’s arch nemesis – the dreaded pop up ad. While pop ups are a major hassle when you are trying to focus on your work, they are also a potential danger to your computer’s health. While pop up ads  are intended to drive traffic to a website or gain email lists, they can also be pornographic, a marketing ploy, spam or just plain ol’ unnecessary. Some pop ups even claim that your system is infected and to take action immediately. None of us need this nonsense in our lives. So let’s look at the danger of pop up ads and how to effectively neutralize them.

 

Some pop ups are not merely meant as advertising but have a more sinister function. Cyber criminals use these programs to distribute adware, spyware and more destructive types of malware. Clicking on or opening one of these pop ups could install a Trojan horse that unloads other malicious applications on your system or a keystroke logger with the ability to access any confidential data from tax information and passwords to your bank account.

 

Due to the maliciousness of some pop up ads, users can never be too careful when it comes to dealing with them. Interacting with pop ups can be a tricky deal so it is best to avoid getting them to begin with. There are several options computer users can take to  prevent these pop ups. If you can afford to buy pop up blocking software, that may be your best bet. However, there are free programs out there as well as steps that you can take on your own to block these unwanted ads from showing up in the first place.

 

For Chrome users Google has several pages giving specific directions on blocking pop ups. Read more HERE.  For Firefox and Internet Explorer users here are some directions to get started. If you have multiple interfaces or have had no luck getting rid of these malicious pop ups call M&H Consulting for the expert help to keep your computers protected.

Should You Worry About Smartphone Viruses and Malware?

 

How much do you rely on your smartphone? Well, if you doubt for a second the amount you use it, think of those breath-catching moments when you have misplaced it or dropped it. Shocking how quickly we all panic about our phones, right? Those are the moments you realize that you would have trouble getting through the day without it. Should you then, worry about other risks to your smartphone – take for example viruses or malware?  

 

The answer is yes, smartphones need protection as well. Your smartphone is essentially a pocket-sized computer that holds your valuable personal data, important documents and other files. Most likely you do not want some viruses to lay waste to your data. Here are some quick tips that can help keep your smartphone protected.

 

  • Download a mobile security app to catch those pesky “phone viruses.” Your phone’s app store may offer free anti-virus software.
  • Be judicious about what apps you download. Download an app or document only if it comes from a trustworthy source, such as your phone’s app store. Downloading apps from third-party websites may put your phone at risk.
  • Be careful about where you download apps – are you in a secure area?
  • Put a PIN or password on your smartphone and keep it locked when it’s not in use. Your phone may also have a lock pattern feature, fingerprint password or facial-recognition lock.
  • Stay away from suspicious websites when browsing the Internet on your phone. Viruses can be installed on your phone through malicious websites. If you receive an unexpected email or text message with a link in it, don’t click on the link.
  • Avoid modifying your phone in ways that weren’t intended by the manufacturer. This modification, also called “jailbreaking,” makes it easier for viruses to slip into the device.
  • Encrypt the files and data stored on the phone. Some phones have built-in data encryption that protects your data from prying eyes. Encryption usually shields documents, contacts, calendars, media files and email attachments. It also works for data stored on the phone’s memory card.
  • Avoid connecting your phone to unsecured wireless networks.

Finding the Root Cause of an IT Problem

Do you ever think you have gotten rid of a computer virus just to find your computer acting the same way as it did when you had the virus? We have all been there. The reason why this happens is usually because you have actually taken care of the symptoms rather than the actual root cause. Because this is such a common issue, we have decided to go through a few steps to help you find out the root issue to your IT problem and how to prevent them from reoccurring.

We have combined a few steps to help analyze the root cause. Read along to find out.

  1. Find out what the issue is.

You have to first figure out what the symptoms are in order to figure out what the problem is.  For example, if your computer is infected, ask yourself, “why is it infected?” You may figure out that it is because your malware program is outdated.

  1. Find out why the problem exists.

This step doesn’t necessarily give you the root cause of your IT problem but, it could definitely be a first step direction to it. In continuation with the first example, here are a few questions you can ask yourself to figure it out: (a.) “Why is my antimalware outdated?” Maybe you simply didn’t update the program. (b.) “Why didn’t I update it?” Maybe you forgot to, or the program didn’t offer one. (c.) “Why didn’t the program offer an update?” Maybe there is no longer an update for this version of malware program.

  1. Find out the root cause.

Once you have figured out all the reasons why this problem exists, you are able to determine what the root cause is. Using the example, once you have figured out that you malware program no longer offers an update, you may wonder “why doesn’t it offer an update?” and through research find out that the service company may no longer exist. This means that the virus system kept coming back because you have a program that is no longer working for your system.

After figuring out the root problem, it’s important to design a plan to prevent the problem from returning. Maybe, after you figure out that you need to download a new malware, you can design a maintenance plan to remember to check for updates and to see if your malware program is still relevant.

If you need help figuring out what the root cause of your IT problem is, or you need help designing a solution for your problem, contact M&H.

What’s New with Ransomware?

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. It is an access-denial type of attack that prevents legitimate users from accessing files[2] since it is intractable to decrypt the files without the decryption key. The use of ransomware scams has grown internationally. Security software vendor McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013. This number has grown in recent years. In fact, every week seems to bring news of another case of ransomware.

 

In April 2016 The Unites States and Canadian governments released a rare joint cyber alert warning about the recent surge in ransomware attacks, in which data is encrypted and crooks demand payment for it to be unlocked. The US Federal Bureau of Investigation reports that ransomware attacks are not only proliferating, they’re becoming more sophisticated. So what does the FBI recommend? As ransomware techniques and malware continue to evolve—and because it’s difficult to detect a ransomware compromise before it’s too late—organizations in particular should focus on two main areas: 1) Prevention efforts—both in terms of awareness training for employees and robust technical prevention controls; and

2) The creation of a solid business continuity plan in the event of a ransomware attack. (Source: FBI Cyber Report 4/2016)

 

Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, and large businesses are all on the radar of cyber attacks of ransomware. The FBI and US government has given an official guide on what to do in the case of a ransomware attack on your business. Please read on for their suggestions.

 

Prevention Efforts

 

  • Make sure employees are aware of ransomware and of their critical roles in protecting the organization’s data.
  • Patch operating system, software, and firmware on digital devices (which may be made easier through a centralized patch management system).
  • Ensure antivirus and antimalware solutions are set to automatically update and conduct regular scans.
  • Manage the use of privileged accounts—no users should be assigned administrative access unless absolutely needed, and only use administrator accounts when necessary.
  • Configure access controls, including file, directory, and network share permissions appropriately. If users only need to read specific information, they don’t need write-access to those files or directories.
  • Disable macro scripts from office files transmitted over e-mail.
  • Implement software restriction policies or other controls to prevent programs from executing from common ransomware locations (e.g., temporary folders supporting popular Internet browsers, compression/decompression programs).

 

Business Continuity Efforts

  • Back up data regularly and verify the integrity of those backups regularly.
  • Secure your backups. Make sure they aren’t connected to the computers and networks they are backing up.

If you don’t know where to begin or need to beef up your security protocol call M&H for a security evaluation and implementation.

Challenges of Ransomware

You arrive at work, boot up your laptop and desktop. Instead of your usual screen, however, there is a hostile message. “This operating system has been locked for security reasons” or “You have browsed illicit material and must pay a fine.” Usually the group who has locked your computer demands money or they will destroy all of your business and/or personal data. Ransomware encrypts all or most of the files on an infected device or network, using mostly Advanced Encryption Standard.This is every business owner’s nightmare. This is the crux of ransomware.

 

How Common is Ransomware?

After first emerging in Russia and Eastern Europe in 2009, ransomware has spread to Western Europe, the US and many other countries, causing high infection rates and a great deal of frustration for consumers. In one monthly study by Symantec, 68,000 computers were infected: the equivalent of 5,700 every day! Of the computers infected about 2.9 percent of compromised users paid out. This may not seem like a large amount but it adds up quickly and fairly easily for the criminals. Techniques have become more and more sophisticated with code built into ransomware programs to tailor messages to the right language and local law enforcement logo, for example.

 

Tips for Dealing with the Challenges of Ransomware

Even if a company does pay the ransom, the cybercriminals often do not restore functionality to the system thus meaning the business has lost the money and the data in one-fell-swoop. The only reliable way to restore functionality is to remove the malware.

  • Have security software installed and, most importantly, up to date with a current subscription. Remember with the thousands of new malware variants running every day, having a set of old virus definitions is almost as bad as having no protection.
  • Make sure all the software on your system is up to date. This includes the operating system, the browser and all of the plug-ins that a modern browser typically uses. One of the most common infection vectors is a malicious exploit that leverages a software vulnerability. Keeping software up to date helps minimize the likelihood that your system has an exposed vulnerability on it.
  • Make sure you are leveraging the full set of protection features delivered in your security product.
  • Do not pay the ransom! Paying the ransom may seem like a realistic response, but it is only encouraging and funding these attackers. Even if the ransom were paid, what guarantees do you have that you will actually regain access to your files?

Most Common Malware

According to CNN Money, there are almost 1 million new malware threats being released daily. If that news isn’t bad enough, they also report that malware is becoming increasingly more creative and hard to detect, even for top enterprise companies. Malware is an abbreviated term meaning “malicious software.” Malware is software that is specifically designed to gain access or damage a computer without the knowledge of the owner. It is also designed to be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to the host computer. There are a variety of malware such as: adware, bots, bugs, spyware, Trojan horses, viruses, and worms.

 

    • Adware (short for advertising-supported software) is a type of malware that automatically delivers advertisements. Common examples of adware include pop-up ads on websites and advertisements that are displayed by software. In addition, it is not uncommon for adware to come bundled with spyware (see below) that is capable of tracking user activity and stealing information.
    • Bots are software programs created to automatically perform specific operations. While some bots are created for relatively harmless purposes (video gaming, internet auctions, online contests, etc), it is becoming increasingly common to see bots being used maliciously. For example, bots can create an army of infected computers (known as ‘zombies’) that are remotely controlled by the originator. These bots can send spam emails with viruses attached, spread all types of malware, or they can use your computer as part of a denial of service attack against other systems.
    • A bug is a flaw that produces an undesired outcome. Security bugs are the most severe type of bugs and can allow attackers to bypass user authentication, override access privileges, or steal data.
    • Spyware is generally software that performs actions on your computer with or without approval and many times without you even knowing. These spying capabilities can include activity monitoring, collecting keystrokes, data harvesting (account information, logins, financial data), and more.
    • Trojans are destructive programs that look legit but attack systems as soon as they are opened and executed. Attacks can include pop up windows, or worse, they can allow unauthorized system access for hackers through back doors.
    • A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs.
    • Computer worms are among the most common types of malware. Worms typically cause harm to their host networks by consuming bandwidth and overloading web servers.

 

 

 

Antivirus vs. Antimalware

There is a lot of confusion about what exactly are antivirus and antimalware, and what which one works best. Well in order to find out what their purposes are, we must clear out what viruses and malware actually are.

A virus is a code within a program that can copy itself over and can cause damage to a computer by corrupting the system and, even, destroying data.

Malware, on the other hand, is a general word for any malicious infection. This includes Trojans, Spyware, worms, adware, ransomware, and (you guessed it) viruses.

Now that this is cleared out, you are probably wondering why antivirus exists when antimalware can take care of it. Well, let’s get into the differences between these two security software.

Antivirus software was created during the uprising of computers and the Internet. Therefore, this security software was created to tackle older forms of infections, like Trojans, viruses and worms. They are programmed to protect computer users from any traditional malware that are predictable and, still, dangerous.  

Opposite to antivirus, antimalware was created more recently as newer threats began to rise. These malware tend to be much less predictable since new ones are constantly being created and released at high speeds. Antimalware seeks out for more dangerous threats than those that antivirus programs are used to handling.

With that said, if you are wondering which one should be used, the answer is both. You want to protect your computer from all malware, whether it is predicted or unpredicted.

If you need more advice on which antivirus and/or antimalware programs are best, contact M&H for help!