Spyware and Viruses - Term Paper Example

Spyware and Viruses Introduction Spyware is kind of malware, which is installed on a computer without approval or awareness of the owner with the aim of gathering the private information of the owner. It is usually hidden such that the user can not know about it, and collects information regarding the internet interaction, any important information, passwords and keystrokes (Parikka, 2007). In addition, they can affect the performance of a computer negatively by the installation of more software, which redirects the web browser searchers, reducing the speeds of connections, changing settings of computer, disrupting the ability of network connection completely or even changing the homepage. Moreover, it can be used as a kind of adware, whereby the unsolicited pop-up ads are delivered by the software on top of tracking the behavior of the user. Characteristically, the software is installed when the owner is doing the installation of a kind of free software that they really needed (Parikka, 2007). When the software that is being installed by the user is completed, the spyware will attach itself to the installation and begin the collection of data from the activities of the user or the owner. The user of the computer can also be cheated or tricked into the installation of the software via a Trojan horse when it pretends to be piece of security software offered for free. The creators of spyware have been known for paying the developers of shareware to bundle their software with the authentic software and just repackaging the freeware as well as bundling it with their individual spyware (Parikka, 2007). Another way of spyware installation on an unaware computer user is drive-by downloading. Some of the earliest or first spyware did not do much than reporting to the creators every time the program was put to use. It was aimed at aiding marketing or even monitoring usage for the purposes of licensing. Although that is still happening, we find that a lot of nowadays is intended to steal private and valuable information such as the passwords and usernames for email accounts, bank sites, online games and social networking sites (Parikka, 2007). One might never be aware of the fact that they have malicious spyware on their computer, as it seems to operate in the background in a quiet manner and the explicit quality and functionality of the program might be very attractive. They are usually distributed as either ‘freeware’ or even ‘shareware’ with little or no license restrictions for the purposes of trapping as many individuals as possible. On the other hand, a virus is a program that is written to enter computer and alter or damage data or files. It is capable of deleting or corrupting data on a computer. They can also be in a position of replicating themselves. In comparison with a computer work, we find that a computer virus is the most dangerous as it can delete or alter files whereas worms can only replicate themselves without altering or deleting data or files. They have various ways of entering computers such as attaching themselves on images, video or audio files and greetings (Feinstein, 2004). They can also enter via downloads on the internet. More so, they can be hidden in a trial or free software or even some other files that are downloaded. Therefore, before downloading anything from the internet, it is important to be sure about it. Nearly all viruses are attached to a file that is executable, meaning that the virus might exist on the computer but cannot really infect the computer unless the user opens or runs the malicious program. It is essential to take into consideration the fact that a virus cannot be distributed without an action by humans, like running a program that is infected to keep it going. Literature Review Understanding computer virus Viruses together with similar malicious programs always spread various ways such as from the external media like from external media such as compact discs, from susceptibilities in the Windows program, others from downloads off the bulletin boards and internet, from surfing the internet sites that are infected, from the use of instant messaging, as well as from email attachments (Feinstein, 2004). If the computer starts acting in strange manner, or even if it stops being in a position of doing things that id had been doing previously, then it is beyond reasonable doubt that it might have been infected. Symptoms like longer-than-usual load times of programs, behavior of program that is unpredictable, changes in the size of file that are not explainable, booting problems, unusual graphics appearing on the screen or even strange sounds might indicate that there is a virus on the system (Feinstein, 2004). It is essential to differentiate between the symptoms of virus and those coming from the files that are corrupted, which at times are alike. Unless there is an updated anti-virus software installed on the computer, there is no certain or definite way of knowing if there is a virus on the computer on not. Experts in the field of internet security are divided on the purpose as well as source of computer worms and viruses such as SoBig and Blaster. However, some government department are investigating a probable relationship between the rising spread of organized crime and infected computers. Recent patterns are leading several professionals in worrying that the malicious code that is buried in the infected computers or even in the new worm generations will brood the targeted illegal or criminal attacks on the industry and business (Plant, 2009). That is apparently a legitimate concern as there is substantial proof supporting what would otherwise be a passionate conspiracy theory regarding the relationship between viruses and the world of organized crime. Nevertheless, it is still no one’s guess as regards the individuals behind it. The malware attackers of today are more dangerous than those that preceded them. Their contention is no longer just on the replication of themselves and spreading, as the present day malware programs are able to install themselves on the PC secretly and try a whole takeover of the system. The individuals that design the attacks can take several computers hostage and command them remotely to do many things that they want (Plant, 2009). The ‘zombie’ computers that are compromised are organized into some extensive multi-machine armies called botnets, which are then leased to the bidder with the highest offer such as hacker vacation condos. Bot herders can use the networks that have names such as Mega-D and Rustock in sending out spam, try to infect some other computers and even requesting of the files from remote computers. The botnet linked to the ever-changing Conficker worm can even establish a network of peer-to-peer communications that is decentralized, which makes it nearly impossible for tracking by the researchers (Plant, 2009).. The harm to a zombie computer at times can be small or minor such that the systems slowdown in their operations together with unsystematic glitches, and possibly invincible after all. The point of a lot of this software is flying under the radar. However, since much of the present day malware is formulated to enable remote users have complete access to the system of the user or company, such attacks can be used in the stealing of precious individual information(Plant, 2009). The hackers target folks that are attempting to check or review their bank balances or check the e-commerce sites that they like most. By getting hold of one or two passwords and usernames, most of the hackers can swiftly worm their way with a lot of ease through the remainder of the accounts. The malware that is formulated for the purposes of exploitation of the newly established vulnerabilities of software is referred to as a zero-day attack. However, in order to do the identification of malware, the security programs greatly depend on something known as an MD5 hash. This is a fingerprint of a person that the virus takes on the day the programmers of security software realize it in the wild (Plant, 2009). The attackers that use zero-day attacks system usually take advantage of the very short period between the release of the malware and the time they prepare and upload the hash to the security software. Understanding spyware Apart from the matters of privacy and ethics, spyware steals from the computer user by using the memory resources of the computer as well as consuming bandwith when sending information back to the home base of the spyware through the internet connection of the user (Feinstein, 2004). Since the spyware is using memory together with the resources of the system, the applications that run in the background can also result the crashing of the system or even its instability. Since spyware are existing as executable programs that are independent, they are in a position of monitoring keystrokes; scanning files that are on the hard drive; snooping some other applications, like word processors or chat programs installing some other spyware programs; reading of the cookies on the computer of the company; changing of the web browser’s default home page; frequently sending this information back to the author of the spyware who will then use it either for the purposes of marketing and advertisement or selling the information to another individual for their personal or collective benefits (Feinstein, 2004). Licensing agreements that at times come with the download of software give warning to the user that a spyware program might be installed together with the software that is being requested, but they might not often be read wholly as the spyware installation notice is usually couched in legal disclaimers that are hard to read (Kelley, 2007). Most businesses do not clearly understand the privacy invasions, security risks and costs of performance that are related to having the spyware installed secretly and maliciously on their computers. A few of them know the various forms that spyware take and the actually evil and dangerous activities it does (Kelley, 2007). Very few individuals know little beyond spyware being uninvited, malicious software. Until just recently, individuals and companies have dismissed it as being less significant and are satisfied with than spam and viruses. However, the truth is that spyware poses a very greater danger that the spam and viruses. It can be as problematic as the deadliest of the viruses and spam. The financial risks posed by spyware are serious as compared to the email credit card scams, and the issues of privacy and liabilities that they expose are serious (Kelley, 2007). Both businesses that are small and medium size should understand what spyware really is and the dangers posed by it. A spyware sampler Just referring to spyware as uninvited software is not appropriate and misleading. Spyware that is installed on the PC can lead to the modifications or altering of the Windows Registry and adding dynamic link libraries, as well as downloading program files like the hostile ActiveX to the system (Kelley, 2007). Some of them exploit the web browsers particularly the Internet explorer, by the installation of browser helper objects, ActiveX controls or even by the modification of internet options of the browser, which include the favorite lists, home pages, and the context menu items. Some of them even change the host files and TCP/IP settings. There are several malicious code regarded as spyware (Kelley, 2007). Some of the commonly known kinds of spyware are: Adware Tracking agents RATs (Remote Administration Tools) Browser session hijackers Double agent spyware The following is a discussion of how each one of them adds to the risk of computer user and businesses in general: Adware Not all adware is principally spyware, however, most experts believe that even the permission-wave is spyware when delivering advertising that is unsolicited. Common methods of delivery include browser windows that are unrequested and applications that are add-sponsored. Currently, there are about eight hundred ad-sponsored as well as software provisions that are spyware-encumbered (Conway, 2004). This is a diverse group that involves free versions of different games; FTP clients; music players; e-mail clients; system and web utility software, that often come with a catch. The developer of the software gets earnings from the advertisers that display their products in toolbar features of windows of the apparent freeware. Some adware such as the FlashTrack usually track the search queries and web activities of the businesses users. Then, it sends the information to the advertisement servers such as Aveo and Aureate, which consequently return the aimed advertisement, usually popup advertisements, based on the phrases and keywords (Conway, 2004). As it is known to many parents, even apparently keywords such as ‘kittens’ can lead to the exposure of their children to unwanted and dangerous material like pornography and some other dirty things. Browser session hijacking This is a type of a cybernetic world bait-and-switch. The spyware redirects the search queries and browser sessions, taking the users to some search engines and websites that they never wanted to access or were not interested (Conway, 2004). The user who is hijacked can be exposed to some unwanted or suspect advertising and content. They can earn affiliate fees and commissions for referral by referring the user selectively to an electronic commerce site that provides some product or service that is similar to the user and the site that is intended (Feinstein, 2004). Remote Administration Tools Some keyloggers and Remote Administration Tools are the best examples of Trojan Horse spyware. Just as the name suggests, they provide the attackers with administrative control, or exceptional intercept and eavesdropping capabilities. Acting privately and distantly, the attacker is in a position of intercepting and logging user keystrokes, monitoring the application, and browsing activities, besides intercepting the WebCam streams (Conway, 2004). Sub7 and Backorifice are some of the examples of attacker Remote Administration Tools and pose a DDoS danger. The Commercial Remote Administration Tools such as Spyagent and NetObserver are presumably sold for ‘genuine tracking’ by the company or business managers. The latest and infamous BankhookA, which is a keystroke-logging BHO is distributed as an attachment to the message on email (Conway, 2004). Immdiately is is installed on a computer, it attempts to find the access data of banking account on a PC. Tracking agents Data miners, web bugs and Tracing agents are cybernetic dumpster divers. They are capable of monitoring the user’s web browsing, instant messaging and email activities, and may collect system configuration and individual data as well. This information is used by some tracking companies in the delivering of aimed advertising, even though others abuse or sell what they collect (Kelley, 2007). A common search toolbar, Alexa, is another data dimer. The Transporter/VX2 extracts browser histories, email addresses and scrounging data from the configuration files and Web forms. Double agent spywares It is sad that some software advertising as ant-spyware are themselves spyware. The victims download freeware or trial versions of the presumed security software that they expect to deal with the adware, only to find that the files are the real adware. Trustworthy vendors of anti-spyware such as Kephyr Labs and PestPatrol view SpyBlast as a spyware. This is an induatry that is full of deceit and insincerity such that some anti-spyware like SpyWiper hijacks the home pages, with the hope of scaring unsuspecting users into purchasing their product (Conway, 2004). Assessment of the level of the spyware threat In the own words of the Homeland Security, the level of threat of spyware is somewhere between high and elevated. If the business is operating in an environment that is regulated, the threat should be put between severe and high. The following are the threats: Revealing of regulated or sensitive information Spyware tracking the activity of browser does not differentiate between the requests of Internet and intranet. Lists of favorites, cached web form data, histories of browser, and hyperlinks can have propriety information, business records, credit card information, medical and financial data, secrets of trade, and passwords of accounts that might be abused by the agent of collecting or even sold to some other individuals who may be interested (Aycock, 2006). Users might fall victim to criminal acts of felony-class Keyloggers disclose sensitive individual and company information, which include things like passwords, financial and credit card information, and possibly embarrassing individual information. A WebCam stream that is intercepted may disclose very embarrassing activities and information. The fraud opportunities that are created by spyware, identity theft, business or individual-targeted excursion should not be taken lightly (Plant, 2009). Productivity loss Bandwidth and CPU are stolen by spyware as it runs. It is not the best-written software there is and usually causes instability to systems and the feared death’s blue screen. The removal of spyware is usually not-trivial, destructive or even troublesome. Some of it stays back on the system after the freeware has been removed, and some may install themselves again if not removed completely. If the network is extensively infested by the spyware, the user can spend as much time doing repairs and remediating the system as they would due to an incident of virus or even backdoor attack (Oppliger, 1997). System and Network intrusions The information that RATs, miners and trackers collect is very precious for any attacker or hacker in an information collecting mission, which is actually the initial stage in an aimed attack. Hosts that are identified in the system configuration information and hyperlink enable attackers in the mapping of services and networks (Aycock, 2006). Some companies usually transmit the names of passwords and accounts in very plain texts across the intranet links, which is very dangerous for them. Tarnished brand name and loss of business An organization of business can be attacked and affected by spyware even if all computers that are operated are free of spyware. If the attacking spyware victimizes the organization, sales opportunities will be lost when it redirects users, who may be the clients away from the company website to a rival (Aycock, 2006). The attacking spyware has also in many cases been used in scamming organizations that pay fees for referrals of advertisements. A notorious advertisement company contracted to drive people to e-merchant websites of its patrons, may involve spyware in a ‘compulsory’ toolbar. The default search engine of the user if replaced by the spyware, and sent to its patrons’ pages, even if they do not match. Then the patrons make payments for the contrived referrals but usually do not get the expected income per click-through (Reynolds, 2007). Exposure to litigation There are some workers that might strongly react to the delivery of abhorrent, particularly sexually overt advertisement, and might react by claiming sexual bother. Whether this claim is confirmed or not, the company will have been dealt more harm such as the publicity, expense, time o court and loss of trustworthiness (Ian, 2004). Discussion Spyware is a very critical issue that has in recent years taken attention by different legislations. For instance, in the United Kingdom, although there appears to be sufficient legal provisions to deal with the problem of spyware, there are also some other challenges such as the technical difficulties in the proving of the process beyond any reasonable doubt in the awareness of the user companies or businesses and criminal cases (Reynolds, 2007). In the European Union, there is generally lack of adequate action to deal with this matter, while under the 2002/58/EC Directive, governments have the power of acting against the spyware. There is still no development in the case law in the European Union and the United Kingdom like it is in the United States. In the United States, there are some provisions that directly deal with this matter and it is not known whether any of the bills in the proposals will actually become law, considering the inertia related to the acceptance of the spyware bargain that is consent-related (Bainbridge, 2004). As the departments of IT try to fight with the viruses and Trojans, one specifically horrid critter still finds many ways of slithering onto the PCs. It is regarded as home user’s annoyance as it has been coming up frequently in the business world, and it is not good news for business owners and users. Companies are mostly blind to it, as they put their focus on viruses and do not think about the danger posed by the spyware (Ian, 2004). Due to this, it will most likely get worse before getting better. Spyware can briefly be described as any technology that aids the collection of information or data about an individual or company without their consent or awareness. It has the capability of infiltrating a computer via a virus or, as the result of the decision of the user to install a new software or even download a document or rile from the internet (Bainbridge, 2004). Some programs of spyware are quite gentle, as they are only used for the purposes of monitoring the web browsing habits of individuals and then the information is sent to the advertising companies. These programs are the ones particularly referred to as adware, and the advertising companies are always keen of putting then far from their more dangerous kin. Some other kinds of spyware programs might be installed intentionally, usually by the managers or supervisors who want to ensure that their workers are making good use of their time (Bainbridge, 2004). The most dangerous type of spyware is the one that infests a computer system, tracking the keystroke of the users are then delivering the information to the individual that is interested in them. For instance, if keystrokes are recorded, the author of a spyware could gain access to company passwords, emails- credit card numbers and other important documents. This kind of spyware is far more common that is may be thought by any business or company. The dangers are very critical and it is a big problem for sure (Bainbridge, 2004). Although the problem of spyware has been there for many years, it is now becoming worse than ever, considering the ever-growing business world. It is really growing due to the mobility of the workforce of today. Companies are trying to spread their networks, as laptops can be seen hooked up to the networks of hotels and employees using their home PCs. If the security is relaxed for the homework networks and laptop machines, spyware is capable of gaining foothold and starting data recording (Bainbridge, 2004). On the side of the companies, they are not doing enough to see that this problem is dealt with. In its most malicious form, spyware constitutes more than privacy invasion. That is, it puts an enterprise at risk and could lead to harsh penalties or repercussions down the ladder for the victimized company. Imagine a situation whereby a spyware finds its way into the computer system of a field agent working for an insurance company (Bainbridge, 2004). The software will send back the sensitive data to its source. Now that data has been made susceptible and the field agent or company could have class-action litigation on their hands. Organizations that are related, like insurance companies and banks should particularly pay special attention to the prevention of spyware. A particularly common kind of spyware is known as the ‘dialer.’ The program is capable of changing the dialing preferences of the user, resulting in the user running up dial-up phone bills of several hundred of dollars (Bainbridge, 2004). Since dialers are not illegitimate, workers on the road that have to dial in for access to the internet could be susceptible to this type of intrusion. Analysis of future works and Recommendations We have seen how viruses and spyware have grown fast during the past few years. This even became more serious and surprising if it is considered that, there is still no spyware toolkit, like the viruses. The author of these programs must be an individual that is very technically capable. Now the issue remains what will happen if there is development of such toolkit as there is not reason of believing that it will not happen. Any individual with notorious intent but does not have technical expertise will be capable of authoring a spyware and a virus. This is just like a bomb that is just waiting for explosion if there is no readiness to deal with it. This is a very serious issue that affects individuals and economies of countries because it affects business. Therefore, it is important that it is explored and strict measures taken to deal with is completely to avoid future damages. Conclusion From the discussions above, it is clear that spyware and viruses are a threat that can have serious impacts on a company or business. It is generally assumed that along with the technical developments, the legislation should without doubt continue developing to be in tandem with the changes and take part in spyware. It is also believed that the awareness of the user businesses should be raised through education as the cost of the spyware can always be too high that it comes with the free software. Additionally, pressure must be put on the authors of spyware to make sure that they maintain a sense of rationality and fairness in creating awareness in the potential users of computers what they actually have by the spyware that comes snakingly and what they are capable of doing. Being a worldwide phenomenon, it is important to have an international standard approach together with a relentless cooperation as well as a guaranteed and steady penalty enforcement across the board. The Cyber Crime Convention that offers a more effective and a strengthened global mutual assistance, cooperation, global access to the kept computer data and the creation of a national points of contact to enhance the cooperation is a very critical step in the dealing with this matter. The issue of attacks by spyware and viruses is a worldwide phenomenon and a very critical one that has the potential of harming an economy as it impacts e-commerce negatively, thus it is important to forge an international strategy of dealing with it completely. References Ian J. (2004). Information Technology Law, Oxford University Press, 4thEd., 2. Bainbridge D. (2004). Introduction to Computer Law, 5.ed., Harlow, Pearson Longman Kelley, B. (2007). Spyware and Data Security Bills Advance, Journal of Internet Law, Aug2007, Vol. 11 Issue 2. Feinstein, K. (2004), How to Do Everything to Fight Spam, Viruses, Pop-Ups, and Spyware. Emeryville, CA, USA: McGraw-Hill Osborne. Reynolds, J. (2007). The complete e-commerce book: design, build & maintain a successful web-based business. New York: CMP Media. Plant, R. (2009). eCommerce: formulation of strategy. Upper Saddle River, NJ: Financial Times/Prentice Hall. 24-34. Oppliger, R. (1997). "Internet Security: FIREWALLS and BEYOND". Communications of the ACM 40 (5): 94. Conway, R. (2004). Code Hacking: A Developers Guide to Network Security. Hingham, Massachusetts: Charles River Media. p. 28 Aycock, J. (2006). Computer Viruses and Malware. Springer. Parikka, J. (2007). Digital Contagions. A Media Archaeology of Computer Viruses. Digital Formations. New York: Peter Lang. Read More