TechLife Australia

Threats to your PC’s security

-

Threats to your privacy and security come in many shapes and forms these days. Let’s start by taking a brief tour of the different types of malware around to provide you with a better understand­ing of what to look out for.

Virus/worm

Traditiona­lly malware was conflated with the term ‘virus’. However, viruses are a specific form of malware: code inserted into other files (such as macros in Microsoft Office documents, which is why macro supported is now disabled by default in Office). Along with worms – standalone programs rather than malicious code hidden inside other files, viruses are primarily a mechanism for delivering so-called malicious ‘payloads’, and are designed to replicate themselves as far and wide as possible, such as through copying to shared network folders or hiding inside emails.

Trojan horses

These days, a more common form of malware comes under the ‘Trojan horse’ heading. As the name suggests, they’re called Trojans because they attempt to sneak on to your PC under false pretences, typically by masqueradi­ng as legitimate software. Once installed, they can deliver different kinds of payloads, from changing system settings to prevent you from detecting and removing the threat to spying on your activities and downloadin­g more malware to your PC.

Zero-day exploits

The never-ending release of security updates for Windows, web browsers and other software are a constant reminder that security holes are constantly being discovered – these holes make it possible for hackers to inject malware or take control of compromise­d systems using zeroday exploits. The ‘zero day’ is a reference to the time it takes between discoverin­g a hole and patching it. People’s reluctance to install security updates, thus increasing the risk from zero-day exploits, is one of the reasons why Windows 10 makes such updates mandatory.

Zero-day exploits can carry all kinds of malware payloads, and your best bet for protecting yourself in the interim

between discovery and patching is to ensure your security software has built-in protection against them using heuristics, which acts on suspicious behaviour that may indicate the presence of malware.

Backdoor

An infection that allows hackers – typically automated scripts or other infected computers (known as zombies or ‘bots’) to remotely access and control your PC. Delivered by worms and Trojans, they can do anything from use your computer to deliver spam, steal personal informatio­n or act in conjunctio­n with other infected PCs (collective­ly known as ‘botnets’) to attack major online services through Distribute­d Denial of Service (DDoS) attacks.

Spyware

While traditiona­l viruses aim to replicate themselves far and wide, spyware tends to exclusivel­y focus on the computer it’s been installed on. Its primary aim is typically to collect informatio­n about you

– through spying on your usage

– often to target you with ads and other material for financial gain. It’s also often used to steal sensitive informatio­n such as financial data and passwords through the use of a keylogger, which monitors keystrokes and mouse movement.

Like other forms of malware, spyware also attempts to change computer settings – particular­ly internet-based settings. This is to both protect itself by making it impossible to visit securityba­sed websites, plus make use of whatever informatio­n it’s gathered.

Rootkits and ransomware

Rootkits are a special form of malware that’s designed to conceal its own presence – in the form of tell-tale processes and running programs – and actively protect itself from being removed by security software. Thus hidden, the rootkit can then introduce payloads that can steal user informatio­n or even hijack the computer for use as part of a larger botnet network.

Ransomware is even more insidious. It seizes control of your PC and demands you pay to restore control (or decrypt personal data). It’s delivered in many different ways, from regular infections and other vulnerabil­ities (such as backdoors) to phishing – tricking users into running programs. Unlike other malware, it makes no attempt to hide.

Once triggered, you’re either locked out of your entire PC or key parts of the system, and you may find all personal files are encrypted, spreading to any connected network shares and backup drives. You’ll receive regular prompts – and a deadline – to pay an online ransom in return for an unlock code that (in theory) removes the restrictio­ns and restores control or your data.

?? ?? Receive a complete rundown of the key dangers – malware, hackers and more – that threaten your PC. Malware comes in all shapes and sizes, with some Trojans more dangerous than others. Windows Security provides ratings for each.
Receive a complete rundown of the key dangers – malware, hackers and more – that threaten your PC. Malware comes in all shapes and sizes, with some Trojans more dangerous than others. Windows Security provides ratings for each.
?? ?? Dedicated anti-ransomware tools are available, but the trick is obviously to avoid ever being infected.
Dedicated anti-ransomware tools are available, but the trick is obviously to avoid ever being infected.
?? ?? Dedicated tools for removing rootkits exist from several vendors – Malwarebyt­es’ version has been in beta for years, and is free to download from www.malwarebyt­es.com/antirootki­t/
Dedicated tools for removing rootkits exist from several vendors – Malwarebyt­es’ version has been in beta for years, and is free to download from www.malwarebyt­es.com/antirootki­t/

Newspapers in English

Newspapers from Australia