Logo Image

Custom Computing Services

of Saint Cloud

Malware Article

Navigation

avast! reseller

Axigen Partner

Sponsors





Welcome to Custom Computing Services

Google
 
  • 85% of websites that deliver malware are actually trusted sites
  • 97% of business email is spam
  • A new malicious url is discovered every 4 seconds

Protecting against Malware

How Safe is a Safe Site?

The Internet has become an integral part of business life. Many businesses have come to depend on it so much that it would be impossible to function without it. But while the Internet can be a useful business tool, it can also be an open door to allow malicious software onto your computer network.

You may be saying "Yes, but we block undesirable sites on our network and so we don't have to worry about malicious software infecting our pc's". Did you know that 85% of the websites delivering malware are sites that are considered trusted sites? MSN, CNN, Washington Post, ITPro - these are just a few of the well-known websites that were recently compromised and delivered malware to unsuspecting users who simply browsed a site they thought was safe. Blogs and social networking sites like MySpace and Facebook are particularly vulnerable to the kind of attacks we are seeing now. IT security company Sophos states that over 400,000 blogs are currently infected and delivering malware to users browsing their sites.

So how do you know if a site is trying to deliver some malicious piece of code to your pc? The truth is, you can't tell visually that the site has been compromised. The most common delivery method is through the ads on the page, which seldom come from the site being visited, but from a 3rd party ad company. And that's why the writers of the malicious code are going after the servers delivering the ads, because they can immediately affect thousands of sites which are serving those ads. It works something like this:

  1. The malware is planted on the ad company server
  2. The infected ad is then shown on a "trusted" site
  3. The user browsing the site is silently redirected to a different page by the malicious code
  4. The new page tries to exploit some vulnerability on the pc (see below) and if successful, the pc is compromised.

What vulnerabilities are we talking about? Some examples of programs with vulnerabilities that have recently been exploited are Adobe Reader, Microsoft Office, Internet Explorer...just to name a few.

The problem of email SPAM

Another common malware delivery method is through email spam. These messages usually employ some sort of social engineering ploy to trick the user into visiting a malicious site or opening an attachment and thus installing the malware on their pc. A good rule of thumb is this: NEVER, EVER, EVER, click a link in an email that you think is taking you to a secure site (ebay, your bank, paypal, etc...). What you see in the link is not necessarily the actual url that you will be taken to. Here is an example (harmless, but it demonstrates the idea): www.yahoo.com - the page SAYS Yahoo, but the link actually takes you to Google. If you hover your mouse over the link you can see in the status bar at the bottom the actual link destination. And many malicious sites have their urls cleverly crafted to trick people who aren't careful - like www.ebay.com.some.other.words.cn/somebadplace.htm - in this case the domain is actually "words.cn" and the rest are just subdomains of the base domain.

A second rule of thumb is never open an email attachment unless you are 100% sure of who sent it to you and what it contains. Many virus removal calls are a result of someone getting an ecard from a friend, only to find out that it really wasn't an ecard and it really wasn't from a friend, but instead it was a trojan installer from your friendly black-hat hacker wanting to steal your bank account information.

Of course, if you have a GOOD antivirus program all emails will get scanned before they ever get to your inbox. Even with antivirus software you should still err on the side of caution.

The Solution

So now the big question, in light of all this how do I protect my pc?

Bare minimum:

  1. You need to block known malicious sites
  2. You need a realtime malware scanner/antivirus/rootkit detector
  3. You need to apply all patches and updates
  4. Large networks need a Protocol/Content filter

Remember those old Fram Oil Filter commercials "You can pay me now or pay me later"? The same principal applies to pc security. The cost of virus removal can be much more costly than that of a preventive checkup. In many cases the operating system is compromised to the point that it must be reinstalled, which usually means data recovery time for photos, music, documents and other personal files. And if you're talking about a business network there are often legal liabilities involving the loss of customers' private data. Save yourself the headache and schedule an appointment today for a vulnerability assessment and evaluation.

Related Articles:
Malware detection and removal

News

No relevant info was found on this topic.

 

page counter

This site designed and hosted on Linux
Graphics designed using The Gimp
Copyright © 2010 Custom Computing Services | Privacy