Malware and Their Current Impact on Private and Public Affairs - Coursework Example

Todays malware is much more sinister Introduction In the current age of computer and digital technology, one of the most notorious issues affecting consumers is the infiltration and proliferation of malware. Malware, otherwise known as malevolent or malicious software is software created as a means of targeting computer use and operations, as well as a tool of gathering sensitive data and securing access to private computers (Crapanzano, 2003). Such malware is used for various purposes and mostly as a means of illegally accessing private or corporate computer systems. Since the creation of such malevolent software, the impact on the normal operations of private and corporate citizens has been considered significant. This paper shall discuss malware and their current impact on private and public affairs, including the fact that the current malware is considered more sinister. A description of malware shall first be established followed by their current impact on society. A more critical analysis of the extent of their impact in relation to their original usage will also be presented. This article is being carried out in order to clarify the purpose and impact of malware, most especially the current forms of malware which has infiltrated the computer world. Body Malware described Malware is generally considered a nuisance to the digital and electronic community. This software comes in the form of codes, scripts, as well as other software (Skoudis and Zeltzer, 2004). It also includes various forms of hostile or intrusive software (Skoudis and Zeltzer, 2004). It also includes computer viruses, worms, spywares, adwares, Trojan horses, as well as other dangerous and damaging programs (Skoudis and Zeltzer, 2004). Legally, they are considered as computer contaminants. They are however not within the same category as defective programs which are programs often utilized for valid purposes but which contain bugs or problems which were not resolved before the release of the software (Aquilina, et.al., 2008). This is not to say however that some forms of malware may not take on the appearance of legitimate software because it may happen that some malware may seem legitimate, however in actuality, they may actually contain tracking software which may be used to gain marketing data (Yin and Song, 2003). Malware has also led to the increase in the use of protective software, including anti-virus, anti-malware, and firewalls (Yin and Song, 2003). These programs have mostly been applied by individual as well as corporate consumers in order to prevent the illegal access of their system through malware. Originally, malware programs have been created as experiments or pranks (Aycock, 2010). In the current setting however, their purpose has become significantly more sinister. The current malware is now able to sneakily gather personal or business information, with end goals directed towards significantly negative purposes (Aycock, 2010). These programs are also being commonly used in order to sneak into government and corporate websites and disrupt their general operations (Yin and Song, 2003). However, these programs are also used in order to access personal data including social security numbers, credit card numbers, birthdates, addresses, and other relevant information (Skoudis and Seltzer, 2004). Critical analysis Without any safeguards, computers, especially those which are within a network carry a significant risk for malware (Sikorski and Hoenig, 2012). In recent years, with the widespread use of broadband internet and wi-fi networks, malware is now being used for financial purposes (Sikorski and Hoenig, 2012). Most of the viruses and worms have been diffused in order to wrestle control over personal PCs in order to support black-market exploitation (Sikorski and Hoenig, 2012). Infected PCs are also now being used to send spam, as well as to support child pornography, or to secure denial-of-service actions as a means of extorting users (Tongue, 2012). Moreover, other forms of malware – the spyware – have also emerged, and such software has mostly been utilized in order to gain financial advantages (Sikorski and Hoenig, 2012). Such programs have also been secured in order to evaluate web browsing, manage unsolicited advertisements, as well as secure other financial gains for the spyware creator (Elisan, 2012). These programs do not usually behave like viruses; however, they are usually distributed by using security gaps. Such spyware can also be attached to user-installed programs which then infiltrate the personal system once installation is complete (Elisan, 2012). In 2008, Symantec declared that the release and creation of malware and other dangerous computer programs is exceeding the rate of legitimate software release. F-Secure (2007) has also declared that there were more malware created in 2007 than in the 20 previous years since these programs were first created. The most common access point for malware gaining access to users has been through the internet, primarily through emails and their browsing through certain websites (F-Secure, 2007). The dominance of malware as a tool for the commission of internet crimes, in conjunction with the limited capacity of anti-virus software in managing the entry of new malware, has secured a new culture and mindset for internet users (Ollman, 2008). With the significant number of malware being distributed, most computers would likely be infected at some point (Ollman, 2008). For corporations, this implies that they need to secure effective tools and resources in order to manage security issues. In effect, a more significant emphasis has been placed on back-office security measures in order to manage advanced malware threats on their PCs (Ollman, 2008). Two years ago in 2010, Shaoxing, China was named by Symantec Corporation as the malware capital of the world. Studies by different schools assessing the impact of entrepreneurial crackers in the spread of malware were able to establish that these crackers were securing greater openings for malware by providing access to computers (Rooney, 2011). Reports from other computer companies also revealed that for every 14 downloads over the internet, atleast one code of malware is actually already downloaded by the user (Rooney, 2011). For the most part, the user is unaware of this fact. Moreover, the social media, including Facebook and Twitter, is experiencing the influx of various openings for the entry of malware, with the end goal of eventually infecting the computers of users (Rooney, 2011). Under these conditions, malware programs have indeed become more sinister and dangerous. The internet has therefore become a tool by which malware programs have become more widespread and in the years to come, this trend would likely persist (Dean, 2009). Security firms have also become users of malware, mostly as a means of gathering data about activities which can pose a threat to their systems (Holz and Bos, 2011). The issues against malware today are very much significant because in most cases they have become very much sophisticated, to the point where they have eluded current alerting systems, sometimes with major negative consequences (Holz and Bos, 2011). Major security firms have implemented probes in order to evaluate internet traffic. Data is then gathered and compiled based on antifraud practice as well as consumers’ feedback (Ciampa, 2008). Through these processes, incoming cyber threats have been easily detected. Emails are still the primary tool for malware spread, with users often unknowingly downloading or opening mail embedded with malware (Ciampa, 2008). As a result, where infection is present, computers are often compromised. The impact of malware is more or less the same for both private and public institutions (Bose, 2008). These institutions are equally susceptible to malware and cyber attacks. In recent years however, awareness of these programs has become more widespread. Nevertheless, despite the greater awareness, the wider utility of malware has also been recognized to the point where covert military operations have also used malware in order to impact on enemy targets (Bose, 2008). Considerations on the application of malware in order to exploit enemy systems has been an old idea which gained more momentum in recent years especially as the tools have become available for the widespread use of malware (Morley and Parker, 2009). Cases have been seen where malware has been used as a cyber weapon and governments able to manage such threat have also been recognized as strong and updated in the workings of the cyber world (Morley and Parker, 2009). The use of malware has also become more sinister because as was mentioned previously, it has become a military weapon (Seitz, 2009). Governments have become interested in malware because the costs of using malware are lower as compared to other more conventional tools for warfare and military tactics (Malin, Casey and Aquilina, 2012). The use of malware has also become a significant means by which real advantages can be gained over one’s enemies. Moreover, the risk of exposing agents is usually lower because of the anonymity involved in internet use (Malin, et.al., 2012). The use of malware by the military has also added to the sinister nature of malware because the anonymity of users in the internet ensures that the users can evaluate the technological capability of the enemies unobtrusively; the perpetrators of the malware are also able to undermine the critical structures of the country they wish to infiltrate, without the latter being aware of the former’s access into their system (Malin, et.al., 2012). Malware has also been used in order to assess the weapons capability of enemies or of other countries, mostly as a means of establishing and detecting intelligence operations and possible weapons garrisons (Gragido and Pirc, 2011). It is therefore important to note the powerful capability of malware programs in both the public and the private lives of most cyber users. Inasmuch as the impact of malware has been significantly proven in the public sector, the private business sector has been most affected by these malicious programs (Siddiqui, 2008). Corporations express that they have often suffered billions of dollars in losses due to cyber attacks attributed to malware, with data leaks being a major issue in these malware infections (Siddiqui, 2008). Malware programs can infect computers and networks and seriously damage production activities of corporations. They can also lead to the loss of intellectual property, including company secrets which are often the basis of a company’s strength or competitive edge over other companies (Siddiqui, 2008). Malware exposes such secrets, thereby making the company vulnerable to profit loss. Small businesses seem to be the most vulnerable to malware because the global crisis has burdened these businesses; as a result, these businesses have been forced to cut corners, often compromising their security in the process (Julisch and Krugel, 2005). The lack of resources, smaller budgets as well as inadequate awareness of these cyber-threats has also exacerbated the malware problem for these businesses (Julisch and Krugel, 2005). Security technicians have been able to identify the different schemes used in malware diffusion, with emails at the top of their list. However, with the expansion of internet use, blogs, personal sites, business sites, shopping sites, educational sites, as well as reference sites have also become tools by which malware has been diffused (Julisch and Krugel, 2005). One of the most effective tools which have been applied in diffusing malware is the application of the ‘drive-by attacks,’ where internet users are infected simply by visiting an infected website (Ciampa, 2008). Some of the users are often compromised when they click ‘like’ on a video or article or by watching a video on the site (Ciampa, 2008). The social media users are also often infected by malware simply because of their low awareness of the dangers of malware; moreover, by clicking the ‘like’ button on certain videos, they often find their computers infected by malware. Cyber-espionage has also become a global nightmare for most internet users. At one point, malware has been used to ruin an individual’s computer, but now, the stakes have completely changed. Cybercriminals and creators of malware now seek profit as well as power in their malware creation and diffusion (Davis, Bodmer and LeMasters, 2009). China has traditionally been blamed for these attacks, however, the creation and diffusion of malware has now included different countries, including the United States, the UK, Australia, and Russia (Davis, et.al., 2009). And for these countries, the purposes of their malware users have now included espionage as well as the perpetuation of cybercrimes. Data gathered during the diffusion of malware have raised the fact that new and sophisticated tools in malware will continue to be used (Bose, 2008). The massive use of mobile devices as well as the integration of services including banking and communication are securing the perfect conditions by which malware can be diffused effectively (Bose, 2008). This implies that malware has become a more sinister issue within the cyber and digital world. Conclusion The data above indicates that malware would likely continue to present a problem in the future. In order to reduce the risks attached to malware diffusion, it is important to raise the level of awareness for such malware, mostly for sectors which are involved in mobile communications and social networking. To manage the increase of malware for various countries, each country must secure response teams which would have to involve both private and public institutions. Such teams must cooperate with the global community in order to implement cybercrime laws and to impose significant penalties and punishments for these criminals. With these goals in mind, it is possible to reduce and manage the impact of malware and allow for a more responsive use of computers and the internet. References Aquilina, J., Casey, E., & Malin, C. (2008). Malware forensics: Investigating and analyzing malicious code. California: Syngress. Aycock, J. (2010). Computer viruses and malware. New York: Springer. Bose, A. (2008). Propagation, detection and containment of mobile malware. New York: ProQuest. Crapanzano, J. (2003). Deconstructing SubSeven, the Trojan Horse of Choice. SANS Institute. Retrieved from http://www.sans.org/reading_room/whitepapers/malicious/deconstructing-subseven-trojan-horse-choice_953 Ciampa, M. (2008). Security+ guide to network security fundamentals. California: Cengage Learning. Davis, M., Bodmer, S., & LeMasters, A. (2009). Hacking exposed malware and rootkits. USA: McGraw Hill Professional. Dean, T. (2009). Network+ guide to networks. California: Cengage Learning. F-Secure (2008). Quarterly security wrap-up. Retrieved from http://www.f-secure.com/en/web/corporation_global/home Elisan, C. (2012). Malware, rootkits & botnets: A beginners guide. USA: McGraw Hill Professional. Gragido, W. & Pirc, J. (2011). Cyber crime and espionage: An analysis of subversive multi- vector threats. New York: Elsevier. Holz, T. & Bos, H. (2011). Detection of intrusions and malware, and vulnerability assessment: 8th international conference. New York: Springer. Julisch, K. & Kruegel, C. (2005). Detection of intrusions and malware, and vulnerability assessment: Second international conference. New York: Springer. Malin, C., Casey, E., & Aquilina, J. (2012). Malware forensics field guide for Windows systems: Digital forensics field guides. New York: Elsevier. Morley, D. & Parker, C. (2009). Understanding computers 2009: Today and tomorrow. California: Cengage Learning. Ollman, G. (2008). Continuing business with malware infected customers. Retrieved from http://www.technicalinfo.net/papers/MalwareInfectedCustomers.html Rooney, B. (2011). Malware is posing increasing danger. Retrieved from http://online.wsj.com/article/SB10001424052748704904604576332812592346714.html Seitz, J. (2009). Gray hat python: Python programming for hackers and reverse engineers. New York: No Starch Press. Siddiqui, M. (2008). Data mining methods for malware detection. New York: ProQuest. Sikorski, M. & Hoenig, A. (2012). Practical malware analysis: The hands-on guide to dissecting malicious software. New York: No Starch Press. Skoudis, E. and Zeltser, L. (2004). Malware: Fighting malicious code. London: Prentice Hall Professional. Tongue, R. (2012). Malware blues. New York: Routledge. Yin, H. & Song, D. (2012). Automatic malware analysis: An emulator based approach. New York: Springer. Read More