Stay up to date
Stay up to date with the latest threat reports, articles & mistakes to avoid.
Simple, yet important content.
No salesy pitches and all that, promise!
Our article provides an overview of the most common forms of computer viruses along with some punches of computer fun facts, history & interesting facts about computer viruses and other types of malware. A few weeks ago, we also published cyber security glossary, simplifying geeky terms for general readers.
Whether you use a tablet, a mobile phone, a laptop or another device with internet connectivity, your device has an attack surface on the internet. Attackers are stepping up their learning game to target new and old technology users with varied techniques. The very first step to protecting yourself online is understanding what you are up against.
The most common term we come across today is malware. It is a malicious computer program installed without the consent of users that performs unauthorised actions such as data access, data theft or controlling the victim computer. Here is an overview of different types of malware and the threats posed by these variants. Although there is an exhaustive list of computer viruses identified till date, our article is all about high level computer virus facts and information as a light read.
What is a computer virus? Viruses are a type of malware that earned their name because of how they spread around. This piece of software infects other files on disk drives or machines when downloaded as a program from websites, data transfers via removable media, shared drives or email attachments.
‘Brain’ was the first computer virus that appeared around January 1986 that was created by two Pakistani brothers. They were tired of customers pirating software from their shop and then ‘brain’ was designed to infect the boot sector of floppy disks. As further pirated copies were made, the virus spread from disk to computer drives, loading onto the new machines.
Melissa virus was released around March 1999 that was a mass-mailing macro virus (not a standalone program) that targeted Microsoft Word and Outlook applications. The exploitation of the same macros is very much part of today’s red teaming and technical security assessments.
The carrier of this virus was an email titled ‘Important Message From ’. You see that social engineering techniques and email mediums used to spread malicious content started with this incident. This led to thousands of computers being infected, causing billions of dollars in losses across multiple countries.
BTW, who was Melissa? This virus was created in the memory of a stripper in Florida.
Worms are standalone computer programs that replicate themselves. Unlike viruses, they don’t need human interaction and propagate across networks via internet, email, instant messaging worms, file-sharing and IRC (Internet Relay Chat) channels. A few popular examples of computer worms are provided below.
The Morris Worm
Around 30 years ago, Robert Tappan Morris, a student of Cornell University, launched this worm in 1988 in quest of finding out how big internet was. However, to his surprise, the bugs in the code led to thousands of computers. A few interesting facts about Morris Worm are:
- It infected about 10% of the computers (total 60,000 computers) on the internet (the only malware case in history to reach this magnitude).
- It did not destroy any files however vital military and university functions struggled to continue.
- The exact financial damages remain unknown, though estimated to be in millions.
- Robert Tappan Morris was prosecuted under the fraud and deception charge, first-ever case under the Computer Fraud and Abuse Act,1986.
This incident had a huge impact on the society in terms of how importance computers had become, giving birth to the seriousness of cybersecurity.
Often called as ‘trojans’, based on story of wooden horse used to trick Troy defenders, are a type of viruses that masquerade as computer software or legit files. When downloaded on a victim’s computer, trojans execute to perform certain tasks such as stealing information or other malicious activities without user’s consent.
Most commons forms of trojan horses include:
- RAT, stands for Remote Access Trojan, is one of the most popular trojans that is designed to allow remote access control to an attacker.
- Backdoor trojans that allow access to its handlers (attackers) to keep a communication channel open for transferring of data, system control or allow for further exploitation.
- Downloader trojans that work to download additional content onto the infected computer, such as additional malicious content to perform specific tasks or spread on the network.
In 2003, this computer worm caused Denial of Service (DoS) on systems connected to the internet, slowing general internet traffic by spreading rapidly and infecting around 75,000 victims within 10 minutes. This worm exploited a bug in the Microsoft SQL server 2000 and Microsoft Desktop Engine (MSDE) 2000 (database products) that already had a patch available. However, many organisations had not applied this patch that was released six months prior to this incident (MS02-039).
This worm was based on proof concept presented at Black Hat by David Litchfield, the known
Discuss your concerns today
If you ever observed your search engine preferences or website redirects happening automatically, that is adware program in action.
Top 6 Most Ridiculous Virus Myths
The following infographic explains the most common computer virus myths. It is important to be aware of virus myths that may jeopardise your data security.
Just what it says on the tin! A piece of code (software) that enables a user to obtain covert information about the target computer. It is designed to operate in stealth mode and often used for malicious purposes. Most common examples are programs installed on your computer without your consent meant to steal your sensitive information such as passwords, PIN, payment information and transmit it back to their controllers (attacker computers). Spyware programs are distributed as ‘shareware’ or ‘freeware’ to avoid licensing restrictions to cast its’ net as wide as possible.
Legit examples of spyware include employers utilising programs at a workplace or parental control programs. However, in today’s workspace, it is almost assumed that all such programs are notified to employees via their employment contract or security policies defined within the organisation.
Ransomware is a targeted approach that aims to take control of a victim’s computer or networks to lock files to demand a ransom. These files are locked (encrypted) in a way that only the party that has unlocking key (decryption) can get back data in clear-text form (readable format). To get back files and gain access to a system, attackers demand ransom payments in return for the decryption key.
Ransomware victims usually access these through ransom emails that contain links. These emails pretend to offer a free item or change a password to an old account. Many emails have become more advanced to look indistinguishable from legitimate ones, which means checking the email address of the sender is a must. When a person’s email address is hacked, the hackers will likely use it to send more ransom links to other addresses in a person’s contact list.
This is often well-planned operation normally part of the organised crime groups targeting small and big companies. This includes government organisations such as local councils, bigger corporations such as Garmin, Norsk Hydro. Many companies have paid the ransom to get back their files, however, this is not something guaranteed to work.
Should you pay the ransom? There are two sides to this question, just like any other question. The decision to pay ransomware demand should not be taken lightly. It comes with the acceptance of several risks and in coordination with legal counsel, cyber insurance and security experts. Should decide to pay ransomware, you need to be aware of a number of factors. To know what should an organisation do if they get hacked, read our detailed article on malware and ransomware protection.
Bots are automated programs design to perform specific tasks, such as finding websites running a specific version of the software that is prone to bugs, executing specific commands without user’s approval or infecting computers over the internet to create a vast network of attacker-controlled computers. Bad bots are often used by attackers to create a network, just like a gang of computers often used to target victims in Distributed Denial of Service attacks, or perform specific campaigns such as stealing sensitive data, ransomware or spam campaigns.
We help businesses protect their most prized assets by securing their cyber sphere. This includes carry out independent technical security assessments to identify gaps and provide an accurate risk posture to help customers handle their digital risks. Get in touch to discuss your primary security concerns.