Tuesday, May 5, 2020
Recent Trends in Malware Sophistication of Malware Discoveries
Question: Discuss about theRecent Trends in Malwarefor Sophistication of Malware Discoveries. Answer: Introduction In the past, there are no such issues related to malware problems. In recent days it has became a severe problems associated with malware. In everyday news, there are several topics related to the hacking or the compromise of someone reputation and losing of money due to invent organisation of well-developed malwares. The present review focuses on some of very recent malware related problem those are going on globally. The most significant attacks related to malwares are nothing but the recent sophistication of malware discoveries. One of the classic examples of hacking is to the Natanz, nuclear processing facility of Iran that accomplishes the enrichment of the uranium fuel to high grade from a low grade level. Later came to know by the virus name Stuxnet, was involved behind that hacking which was possibly developed by the combination of effort of two countries viz. Israel and U.S., although both of these countries never admitted that formally. Other token of example related to the corporate world is the RSA, a company involved in developing different kinds of security related products such one-time password (OTP) for those banks that require OTP for logging in. One day the company received an excel file associated with a mail that contained a malware. When the document was opened by one of the employee of that company, the malware attacked to the computer and quickly spread to the network and co mpromised the algorithm that is generally used by that company for generating OTPs. Though there are not detailed information related to such malware attack, the resultant of such attack could be unbelievable. Concentrating on the statistics, it is revealed that we gather to know at around half (50-53%) of total number of malware related problems that is fixed by the available protections such as antivirus, firewall etc. (McCloud, 2014). So, roughly half of the total malware related problems goes into an ignored way as those are not familiar earlier. Some of the companies those develops antivirus are making their remarks that ca. 12000 newly introduced malwares are observed by them in a day (Julian Vikram, 2007). Though the remarks could be to some extant misleading as the newly designed malwares, they are nothing but the modification of existing malwares by slight alterations of codes or improving some functionality. Focusing on the totally new malware, it is possible to find ca. two in a day and at the end of a year it goes around 700 in number. In such way, the involvement of new malwares goes exponentially. There is some statistics that suggests the growth of malwares related to domai ns ca. 200 percent that is a threat of serious concern. Summary Malware is nothing but a piece of software that are malicious and generally used for creating disturbances related to several computer operations, gathering of sensitive data, or gaining access to secure data of a private infrastructure. The key feature of a malware includes the involvement of the system by infect it, finding out the vulnerabilities of that system, and establishing a toehold that would permit it doing something. As long as the malware stays into any system by hiding from detection, it could perform its aim in more efficient way. After infecting one system, the malware could replicate by the process of copying into another system. Thus the malware get access to the secret works that are performed to the system where it infects and the end goal of that malware remains unknown! Malware is a common term, but could be categorized based upon its particular behaviour. A type of malware is worm that is a self-sustaining programme which can infect and spread by its own. One of such example of malware is Trojan horse. The goal of designing a malware depends on the user (McCloud, 2014). In past, there was an overall concept that hackers used to design any malware for doing crack of top secret sites. This aims still continues, but recent trends suggest further incorporation of any means to a termination. So the question regarding malware in the case of previously mentioned Stuxnet arose, whether it was designed for the purpose of observing Iran facilities that was continuing or there was some more strategic purpose for preventing Iran from accumulation of weapons related to nuclear substances! This suggests malware was a means towards an end that compelled the present government to visualize the event as warfare. The visualization of this warfare could be called as fifth dimension as this was related to cyber space that holds its position after sea, land, space, and air. Presently behind malware related problems there are incorporation of several organised crimes. When the matter related to any organised crime comes, there are an aim to make money by any means and the money goes in the involvement of several crimes such as human trafficking, drugs, distribution of arms, prostitution etc. Issues One of the malicious codes includes worm5, that usually spreads over any network either by the help of human assistance or not. Another example includes Malware6 that is thought to be a combination of malicious softwares with regard to its uniqueness. The features of todays highly sophisticated malwares include the incorporation of P2P propagation ability, and complete control of the system that gets infected by blocking of the updates of the available antivirus software, firewalls etc. The malwares are the resultant of turning someone to his/ her darkest side. One of such example is IHD8 which was used for the purpose of selling access to the web servers to the phishers. Monoculture is the cause of developing such malwares. For an example, now-a-days Microsofts OS dominates the market as compared to others like MACs or Linux. So standing into the era of 21st century, this event might possibly give birth to a new malware that could possibly be related to the monopolistic sentiment (Kruck Kruck, 2006). As an example, the attack of Welchias security solutions could be considered. And in the year 2005, vulnerabilities10 was discovered that was associated with the products of McAfees and Symantecs. In a competitive approach, the authors of the malwares are facing cyberwars as one malware gets disinfect by another malware. Such an example is viriiwars11. Though this example is not so famous, it indicates the challenges faced by the malware authors. The earth could be given as a token of gift on returning a mail! Is it a joke or true words that possibly can be done? Recently, spammers approach in such an organised way that could clearly point out towards how phishers, spammers or authors of the malwares are working together. The spams created by such a joint collaboration could include a short span of lifecycle or long span of lifecycle (Furnel Ward, 2004). The spam that has been prepared to have a longest period of lifecycle could be found dominating into the infected populations of the internet. DDOS extortion was an example that was structured for an urge of paying. One of such example includes the fact of the Jay Echouafni who was the CEO of a communication company, was compelled to pay to his competitors the costs around two million dollars. Advertising related to search of pay-per-click is a solution that is financially sound for the ads available online. In recent days, Pay-Per-Click-Hijacking (PPCH) has become one of the common practices. These words are justified by the fact of Google who charged for abusing practices34. Impact of These Issues: In future, the trends of malware related too mobile is going to be very usual (Glodek Harang 2013). From Kaspersky lab, it was reported of identifying approx. 60 malware related mobile phones from 2006 to till date (Yerima et al. 2014). There is a new malware named Card Block 61 that almost deletes the stored memory even the password too. On the other side the MMS related malware are of consists of a lot of social related engineering which have the potentiality of breaking the ice. Sometimes it became a matter of importance that if any of us receive any malware in our device many of us will became the victim of that malware (Abraham Chengalur-Smith 2010). On the other side of mobile malware there are some different issues are also poking us, like: premium numbers, scams, melody ring tones, voting through SMS and there are more items. At present people are increasing the use of their mobile banking facility, it will push the opportunities of having new type of uncountable malicious attacks (Yerima et al. 2013). At the time of localizing the malwares a new type name phishing is involved. Through phishing the users are being targeted for the theft of their intellectual properties. By spreading the news about the targeted users and the crime happens it can make the other ones little conscious about their intellectual properties. This news has to spread not only in cities but also with the countries. There are malwares which are open sourced, people are using them adding new features to them or experimenting them. Anti-virus vendors have already counted lots of variants using the same code under the GPL licence. Through Bit torrent a huge size of files is being transferred and with this transfers users are easily getting effected with malwares. The use of illegal sites and software are increasing the growing of malwares. Now it is also seen that websites we are using regularly has connected with various add wares and different type of links which direct us to the different from of malwares without our prior knowledge. Conclusion At very recent time US Federal Bureau of Investigation has released a report, which shows the illicit groups of organisations generates billions of dollars as their profit. These profit growing industries are fuelling drug trafficking. It is hard to believe that these organisations are performing globally. They called their coding are the sophisticated technologies they developed as a malware. The costs of malware come from various fields of Ites like: help desk request, clean up software, consumption of systems resources. Iron Port Gateway is an internet gateway security company. It published a report saying globally, not less than 55% of desktops used in corporate sectors are infected with malware. Malwares are found in wide varieties but the motto of them is same for all. They are the small cuts developed by codes which embedded themselves on the end users PC by without knowing them. Piggy back and drive downloads are the widely used malwares at present. Add ware is the most commo n malware which is used to attract the end users through adds in the websites. There are tracking cookies which are like of adding wares and through this cookie any ones device can be hacked and the personal data are being theft. References: Abraham, S., Chengalur-Smith, I. (2010). An overview of social engineering malware: Trends, tactics, and implications. Technology in Society, 32, 183-196. Glodek W., Harang R. (2013). Rapid permissions-based detection and analysis of mobile malware using random decision forests. In Military Communications Conference, Milcom2013-2013 IEEE, pp. 980985. McCloud, J. (2014). Cybersecurity Module 2: Trends in Malware, Cisco Networking Academy. Yerima S.Y., Sezer S., McWilliams G., Muttik, I. (2013). A new android malware detection approach using bayesian classification. In Advanced Information Networking and Applications (AINA), IEEE 27th International Conference, pp. 121-128. Yerima, S.Y., Sezer, S., Muttik, I. (2014). Android malware detection using parallel machine learning classifiers. In Next Generation Mobile Apps, Services and Technologies (NGMAST), Eighth International Conference, pp. 37-42. Julian BG, Vikram S. (2007) Peer-to-peer botnets. Overview and case study. Proceedings of the first conference of the first workshop on hot topics in understanding botnets. Cambridge, MA: UsenixAssociation; Kruck GP, Kruck SE.( 2006) Spoofing: a look at an evolving threat. Journal of Computer Information Systems; PP:95100. Furnell S, Ward J.( 2004) Malware comes of age: the arrival of the true computer parasite. Network Security;PP:115.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.