Iden­ti­fy­ing and deal­ing with mal­ware Ryan Mintoff

No mat­ter how care­ful we are when us­ing our com­put­ers on­line, we can still get hit by some sort of mal­ware.

Malta Independent - - ENEWS & TECH - Ryan Mintoff works at Deloitte Malta in In­for­ma­tion Tech­nol­ogy and Se­cu­rity. For more in­for­ma­tion, please visit

This can be caused by many fac­tors, such as a cor­rupted in­stal­la­tion of an an­tivirus soft­ware which does not get up­dated and there­fore leaves us vul­ner­a­ble or else a slight mo­ment of dis­trac­tion that leads us to ac­ci­dently com­pro­mise our sys­tems. So how can we iden­tify whether we have some sort of mal­ware on our com­puter or not? What are the signs to look for and what can we do once we have been in­fected?

Not ev­ery mal­ware in­fec­tion might show im­me­di­ate symp­toms of its pres­ence. Some can be very ob­vi­ous and will be no­ticed im­me­di­ately but other mal­ware in­fec­tions might re­side in our sys­tem and work in the back­ground or else sit idle un­til they are trig­gered by the cre­ator of the mal­ware. Some com­mon signs are the in­abil­ity to open any doc­u­ments from our com­puter, fre­quent pop-ups, and sud­den slow­down of the com­puter.

The cur­rent big­gest threat is known as ‘ran­somware’ and one will im­me­di­ately no­tice if they have been hit by this mal­ware as all the files on a com­puter sys­tem will be en­crypted and con­verted into an il­leg­i­ble for­mat usu­ally show­ing a dif­fer­ent ex­ten­sion such as “.locky”. There will also be ‘Help’ files ev­ery­where that con­tain in­struc­tions ad­vis­ing to pay a ran­som in or­der to get one’s files back, how­ever we should not fall into the trap of pay­ing the ran­som as we have no guar­an­tee that the data will be given back.

The source of sud­den slow com­puter per­for­mance can be trick­ier to iden­tify. If it is not to do with a clut­tered browser cache or a frag­mented hard drive then, in many cases, it will be caused by mal­ware. Mal­ware could be run­ning tasks in the back­ground that take up a lot of re­sources, thus slow­ing down our com­puter. If you gen­er­ally keep your com­puter clut­ter free and you are not run­ning any par­tic­u­lar heavy tasks or soft­ware, this should im­me­di­ately raise an alert.

Pop­ups are one of the most an­noy­ing signs of mal­ware. Un­ex­pected pop­ups are a typ­i­cal sign of a mal­ware in­fec­tion known as ‘spy­ware’. Th­ese pop­ups are usu­ally very dif­fi­cult to re­move and one should never try to click on them. Some pop­ups might try to trick you by look­ing like le­git­i­mate se­cu­rity soft­ware alerts and ask­ing you to buy or up­grade, claim­ing that your sys­tem is in­fected. Know­ing which an­tivirus you have in­stalled is im­por­tant to iden­tify as it might also be from your own an­tivirus soft­ware.

If you no­tice that your browsers home­page has changed, no­tice ad­di­tional tool­bars or if your browser is au­to­mat­i­cally redi­rect­ing you to web­sites that you have not cho­sen to visit, this might be a sign of mal­ware. Browser home­pages and tool­bars might be caused by in­stalling free­ware and choos­ing ex­press in­stal­la­tion which of­ten causes the in­stal­la­tion of what is known as ‘ad­ware’. Even though it is not as crit­i­cal as other mal­ware, ad­ware can be a prob­lem as it slows down your com­puter and might also be col­lect­ing data about your where­abouts on the in­ter­net and pos­si­bly sell­ing that data to third par­ties.

Mal­ware can even send mes­sages on your be­half ei­ther via email or on So­cial Me­dia. If any of your con­tacts ad­vise you that they have re­ceived a strange mes­sage from you which you do not know about, this should be a cause for con­cern. Not only does it mean your com­puter is in­fected but such mes­sages could con­tain ma­li­cious code that can spread the mal­ware onto the com­puter of who­ever opens the mes­sage, cre­at­ing a hard to deal sit­u­a­tion.

One great way to keep your­self safe is to al­ways check to en­sure that your an­tivirus or se­cu­rity soft­ware is up to date. If you find that this soft­ware is dis­abled, then it is pos­si­ble that you have been hit by mal­ware. There could be other tech­ni­cal is­sues of course, but mal­ware is one of the most pop­u­lar causes of dis­abled an­tivirus soft­ware.

What can one do to deal with the un­for­tu­nate sit­u­a­tion of be­ing in­fected by mal­ware? Once you have iden­ti­fied or even sus­pect that your com­puter has been hit by mal­ware the wis­est thing to do is to dis­con­nect your com­puter from the in­ter­net/net­work and to also dis­con­nect any stor­age de­vices con­nected to your com­puter. A restart might also be ben­e­fi­cial in some cases as it could stop pro­cesses from run­ning but some mal­ware will still run upon re­boot. Stop­ping the process from run­ning is very im­por­tant in or­der to limit any po­ten­tial dam­age caused by mal­ware.

Un­for­tu­nately, it is not al­ways easy to re­move mal­ware. Some­times, a com­plete re­build of the Op­er­at­ing Sys­tem is re­quired. In many cases, mal­ware can be re­moved us­ing reg­u­larly up­dated an­tivirus and other se­cu­rity soft­ware. Restor­ing data from back­ups might some­times be the only so­lu­tion in some more ag­gres­sive mal­ware in­fec­tions such as ran­somware.

There are some well-known and free anti-virus soft­ware so­lu­tions avail­able on the in­ter­net. Mal­ware­bytes is one that will scan and re­move many of the ma­jor mal­ware in­fec­tion that it en­coun­ters. Pop­u­lar se­cu­rity soft­ware com­pa­nies such as McAfee and Kasper­sky of­fer free tools to scan for generic or even spe­cific mal­ware in­fec­tion. You can al­ways in­stall a trial ver­sion of a pre­mium an­tivirus to be able to get rid of a mal­ware in­fec­tion, which may even con­vince you to in­vest in the so­lu­tion it­self. How­ever, if a mal­ware in­fec­tion can­not be re­moved by such read­ily avail­able virus-scan­ning soft­ware, it is ad­vis­able to seek ex­pert ad­vice as try­ing to fix such prob­lems on one’s own can get com­pli­cated.

Even if your com­puter is run­ning per­fectly nor­mal you might still have a mal­ware which is res­i­dent on your com­puter wait­ing for in­struc­tions from its cre­ator; there­fore, it is very im­por­tant to en­sure that your sys­tem is up to date. This can be done by reg­u­larly up­dat­ing any soft­ware, op­er­at­ing sys­tem and the an­tivirus so­lu­tion and by en­sur­ing that reg­u­lar scan­ning is a part of your on­go­ing process to pro­tect from those pesky threats on the in­ter­net.

Newspapers in English

Newspapers from Malta

© PressReader. All rights reserved.