Everything you think you know about Malware is wrong.

hacker_internet_web_attack_580-100033460-large.jpg

Malware, or "Bad Software", is a malicious software that disrupts the normal operation of your computer, is becoming more prolific and dangerous by the day. Ever week it seems we see more and more reports of new software popping that will hijack your computer or compromise your data. Malware is actually a general term that encompasses most well known malicious software such as viruses, spyware, adware, ransomware, worms, trojans, rootkits, keyloggers, dialers, BHO's and more. The problem is, hearing about it has become so commonplace, that most times, people see the headline and brush it off. "That only happens to people who go to porn sites", "I have antivirus software on my computer" and the most common and dangerous one of all, "I have a Mac. Mac's can't get viruses", are common statements I hear issued to express lack of concern. The problem in today's world though, is this: None of that will keep you safe. New Malware has been identified that doesn't even need an internet connection to spread, and it can send it'self to other computers without you doing anything. ARE YOU LISTENING NOW?

As I have an increasing number of customers who bring me computers and laptops infected with problems as simple as some coupon clipper adware, and as nasty as the FBI/Homeland Security Ransomware that demands money to unlock your computer, I felt it an important time to discuss some common myths and misconceptions regarding viruses, spyware, malware etc.. So let me explain the answers to a few of the comments mentioned above:

"That only happens to people who go to porn sites"

 - WRONGThe fact is, as Reported in the Internet Security Threat Report, you are for more likely to get infected visiting a religious or ideological website than any with adult content. The primary reason being that porn sites are making a fortune on the internet. And they employ some pretty talented security professionals to protect all those profits. They don't want a risk of Viruses or Spyware scaring off current or potential customers. Religious and ideological websites however, are often put together by a local member of the church as a favor, or by a small firm, and regularly updated and maintained in many cases by volunteers. The lax security protocols and setups make these sites prime targets of Hackers and evildoers. 

 

"I have antivirus software on my computer"

 - SO DID MORE THAN 70% OF THE COMPUTERS I CLEANED THIS YEAR.. 

Regardless of the exceptional work of expert security professionals at companies like Symantec (Norton), McAfee, AVG and more, these companies work retroactively. They build awesome tools to kill, remove and immunize against KNOWN issues. The problem is, they can only build a tool to deal with it once a virus is out there doing damage. In addition, those new tools can only protect you if you have applied all the latest updates. In many cases, by the time your AV software has identified the problem, it can be too late.  

 

"I have a Mac. Mac's can't get viruses"

 - WRONG. DOUBLE WRONG.  

This common misconception has been perpetuated for years. And while the number of detected malware deployments on Mac are significantly lower, this has nothing to do with security. It has to do with Mac users only making up 7.73% of the total market of computer owners. If you open a business and need to advertise, are you going to print advertisements to distribute across the US, would you print them in English which over 90% of the country speaks? On in Cantonese, which fewer than 8% speak? Which would increase your sales more? This principle holds true with Mac. Nowhere near as many viruses are written for Mac, because they are such a small representation of the user base. But thanks to exceptional marketing, great hardware and world class design, that is changing. Mac sales are increasing exponentially over the last 4 years, and with more users comes more opportunity for Hackers. Now, don't take the previous statement about the lack of Mac users to mean there are not Mac viruses. In fact, security researchers globally have stated that Mac is actually far less secure than Windows. Even Apple themselves have admitted that they are vulnerable, as evidenced by a number of major attacks: In February 2012, Apple's own computers at corporate were hit with malware, In April 2012, the Flashback Trojan affected over 600,000 Mac users. All in all, the important point here is this: Operating Systems have vulnerabilities. ALL of them. 

Recently I wrote regarding a new particularly nasty type of Ransomware that is 100% unfixable. Period. Even with the combined powers of your local tech guy, the NSA, FBI, and all the Security Pros out there. Once infected, you pay up, or lose all your data. This threat is real. And it is an ever present threat. You need to protect yourself. Now, a renowned security researcher known for his contributions to the community has nicknamed a new Malware "badBIOS" a malware that is so advanced, it can spread from machine to machine through the speakers and microphone. It may sound like a bad sci-fi movie, but this is real. According to ArsTechnica :"A..computer began to modify its settings and delete its data without explanation or prompting. His network transmitted data specific to the Internet's next-generation IPv6 networking protocol, even from computers that were supposed to have IPv6 completely disabled. Strangest of all was the ability of infected machines to transmit small amounts of network data with other infected machines even when their power cords and Ethernet cables were unplugged and their Wi-Fi and Bluetooth cards were removed. Further investigation soon showed that the list of affected operating systems also included multiple variants of Windows and Linux. "We were like, 'Okay, we're totally owned,'" Ruiu told Ars. "'We have to erase all our systems and start from scratch,' which we did. It was a very painful exercise. I've been suspicious of stuff around here ever since... The most visible sign of contamination is a machine's inability to boot off a CD... He said he suspects badBIOS is only the initial module of a multi-staged payload that has the ability to infect the Windows, Mac OS X, BSD, and Linux operating systems." 

dragos.jpg

Ruiu has even more alarmingly seen machines in their lab that were air-gapped being affected. Air-gapping is the process of physically isolating a computer from any type of communication: Wired, wireless, Bluetooth, IR and even Power cords. Completely isolated. And even these machines were infected, and continued to spread the infection until the speakers and mic were removed. According to Ruiu "It looks like the state of the art in intrusion stuff is a lot more advanced than we assumed it was," Ruiu concluded in an interview. "The take-away from this is a lot of our forensic procedures are weak when faced with challenges like this. A lot of companies have to take a lot more care when they use forensic data if they're faced with sophisticated attackers."

It is more important than ever to protect yourself, and your data. Don't assume you are doing well enough. Call us today to setup an appointment to look at your network at home or office. Don't be a victim.