The Menace of Malware

By: Justen Jiang

Introduction

As technology continues to advance, one major issue grows with the progress: data breaches. These security incidents involve parties gaining unauthorized access to sensitive and confidential information such as bank account information and social security numbers. One type of data breach that poses a major threat is malware, or malicious software. Cybercriminals can exploit vulnerabilities in computer systems by using common but highly effective malware such as viruses, worms, trojans, and ransomware to steal data, generate profit, and even disrupt or damage those computer systems.

Viruses & Worms

Viruses and worms are similar in a way in which they both work to cause widespread damage to computer systems and networks, compromising the security and integrity of them.

Viruses rely on user actions such as opening infected email attachments to infect files or programs. The virus then replicates itself by attaching to other files and programs. Worms, on the other hand, are standalone malware that automatically spreads across computer networks rapidly without needing user interaction or attaching to files. One notable example of a worm would be the Morris worm in 1988. It involved a graduate student at Cornell University releasing one of the first internet worms that exploited vulnerabilities in Unix systems, infecting thousands of machines. What started out as a coding error from an experiment to measure the size of the internet led to widespread destruction , legal consequences, and increased awareness of cybersecurity issues.

Trojans

A trojan is a type of malware that downloads onto a device’s system by disguising itself as a legitimate software. Without the victims knowing they installed them, these cybercriminals steal sensitive information, compromise system security, and can even remotely control that infected device. For example, a trojan can disguise itself like a harmless email attachment that when opened, allowing the malware to silently install and compromise the user’s device and their data.

Another example of a trojan is a banking trojan, which is designed to steal sensitive financial information such as login credentials and banking details. It remains hidden and silently monitors the user’s online activities, capturing that sensitive information whenever used. Sometimes, techniques that involve manipulating a user’s browsing experience (fake log in pages, etc) are used to collect that information.

In 2023, Android had to deal with 10 new banking trojans on top of 19 upgraded trojans from 2022. One of these upgrades involved a direct remote interaction with the infected device through live-screen sharing. Each trojan was sophisticated in its own way and sometimes even involved performing transactions automatically. Godfather, one of the new malware, had 1,171 known variants and targeted 237 banking apps in 57 countries using remote screen sharing, key logging (capturing keystrokes), and various other methods.

Ransomware

Ransomware is a malicious software designed to block access to a computer system until a sum of money is paid to the attacker. Below is a bar graph portraying the escalating problem of ransomware as the attacks become bigger and more complex.

• This sum of money above does NOT include production loss and repair costs!!!

• 2022: FBI successfully infiltrated the Hive ransomware strain

An example of just the repair costs alone can be seen when BlackCat and Scattered Spider, targeted MGM Resorts, a hospitality and entertainment company in Las Vegas known for their presence in the casino industry. Although they did not pay the ransom, the damages itself was over $100 million.

In a broader perspective, there are two types of ransomware: encrypting ransomware and locker ransomware. Encrypting ransomware involves encrypting the computer system’s files and demanding payment for decryption while locker ransomware involves locking the users out of their device or files for payment. There are even countless strategies ransomware such as “big game hunting” (less attacks, larger and higher value targets) . All of these factors contribute to the diversity and complexity of ransomware and why it should be taken seriously, along with the other malware.

What can we do?

In the face of the escalating threat posed by malware, we can:

• Stay Informed: Stay updated on latest cybersecurity threats and news
• Use Reliable Security Software: Antivirus / Anti-malware software
• Be More Cautious Online: Practice safe browsing habits, employee training, etc.
• Backup Data Regularly: Backup important files and data
• Strong Passwords: 👍

Even performing one of these actions can go a long way and can help better defend against malware and cyber attacks.

In conclusion, the threat posed by malware is profound and widespread, affecting individuals, businesses, and society as a whole negatively. As our reliance on digital technologies continue to grow, so does the need of addressing the threats of these malware and data breaches. By understanding (even a little) about the dangers of malware and those data breaches, we can defend our computer systems against these cyberattacks and future ones to come.

Sources

• Toulas, Bill. “Ten New Android Banking Trojans Targeted 985 Bank Apps in 2023.” BleepingComputer, BleepingComputer, 14 Dec. 2023, http://www.bleepingcomputer.com/news/security/ten-new-android-banking-trojans-targeted-985-bank-apps-in-2023/amp/.

• Ikeda, Scott. “AT&T Data Leak: 73 Million Account Passcodes from Prior to 2020 Exposed, Including 7 Million Current Account Holders.” CPO Magazine, 8 Apr. 2024, http://www.cpomagazine.com/cyber-security/att-data-leak-73-million-account-passcodes-from-prior-to-2020-exposed-including-7-million-current-account-holders/.

• Team, Chainalysis. “Ransomware Hit $1 Billion in 2023.” Chainalysis, 29 Feb. 2024, http://www.chainalysis.com/blog/ransomware-2024/.

• Naraine, ByRyan. “MGM Resorts Says Ransomware Hack Cost $110 Million.” SecurityWeek, 9 Oct. 2023, http://www.securityweek.com/mgm-resorts-says-ransomware-hack-cost-110-million/#:~:text=Hospitality%20and%20entertainment%20giant%20MGM,time%20consulting%20clean%2Dup%20fees.

• Ops, Blink. “The Biggest Takeaways from Recent Malware Attacks.” BleepingComputer, BleepingComputer, 4 Apr. 2024, http://www.bleepingcomputer.com/news/security/the-biggest-takeaways-from-recent-malware-attacks/.

• “United States v. Morris.” Casebriefs United States v Morris Comments, http://www.casebriefs.com/blog/law/criminal-law/criminal-law-keyed-to-dressler/mens-rea/united-states-v-morris/amp/. Accessed 15 Apr. 2024.