Links

• WCTC Home
• Adult Education
• Sending Schools
• Mission Statement
• Resources
• Directions
• Contact Us
• About WCTC
• Links
• Comments
• Archived News
• Privacy Policies
• Affirmative Action Statement
• Hazing Policy
• Facility History

• Moodle Portal
• Auto Collision Repair
• Automotive Technology
• Building Construction
• Computer Technology
• Culinary Arts
• Diesel Technology
• Early Childhood Occupations Education
• Emergency Medical Services
• Fire Science Technology
• Graphic Design
• Health Science Careers
• Horticulture / Landscaping
• Law Enforcement
• Mathematics
• Natural Resources Management
• Networking Technology
• Portfolio & Literacy Development
• Residential Electricity
• Small Engine Technology
• SkillsUSA
• Welding Technology
• Work Experience

Fighting Malware

The Problem
The release of Windows 2000 and especially Windows XP created a significant change in how the Windows computer operating systems work "under the hood".  Some of the changes include a stronger security structure for user activities and a powerful TCP/IP stack - the software that enables Internet communication.  As information trickled into the public about vulnerabilities within these operating systems, people began to see that there were many instances where a computer could be remotely attacked by using programs that exploit the operating system flaws, potentially giving the attackers complete (or at least elevated) control of the computer. Users may be totally unaware of the fact that someone has remotely attacked and entered their system.  This dangerous situation has allowed computer attackers to create substantial armies of computers, known as "bots" or "zombies", that can be used for a number of purposes.

With this dangerous situation widely publicized, criminal attempts to profit from these bot armies have exploded.  Some typical uses of the bots include:

• "DDOS" (distributed denial of service) attacks.  These are directed attacks against a computer on the Internet where a number of geographically distributed computers participate in the attack by sending large volumes of meaningless traffic to the victim.  This attack essentially blocks legitimate visitors from being able to access the victim computer. 
• "Spambots".  Criminal uses of bots have extended to using them as spam messengers.  Many computer users who have been attacked by bot viruses are unwittingly participating in the spam epidemic.  Furthermore, the increasing number of continuously connected home users who have broadband Internet connections has been an attractive target for people who profit from the bulk distribution of spam advertisements.
• Distributed computing.  Distributed computing is the process of dividing up a complex computing task among many systems in order to find solutions more rapidly.  This is not in itself a malicious activity and is in fact quite common.  However, bot armies can be used for malicious distributed computing tasks such as password cracking to compromise computers and users.
• "Phishing" and "Pharming".  These illegal activities leverage viruses as a way to steal information from users.  Pharming works directly on victim computers by searching the hard drives for any information that may be useful to steal, based on pattern matching.  For example, user names, passwords, account numbers, or other personal data could be stolen in order to gain access to accounts or to commit identity theft fraud.  Phishing is a related problem that typically involves spam email messages sent blindly in the hopes of deceiving recipients into divulging private or financial information.  The attack often involves a spam email message that appears to come from a trusted legitimate source such as eBay, banks, Microsoft, or other well known companies.  The message will often have a "call to action" threatening the recipient that something bad will happen if they don't go to a web site to resolve a problem.  For example, eBay phishers will threaten that the victim's eBay account will be disabled if they don't go to a web page to log in and update account information.  The email message contains a link that directs the user to a web site that is forged to look identical to the legitimate web site.  The victim attempts to log in or update details on the forged site and the "phisher" collects the private information.  Users often have no idea that they have just given away sensitive data to a thief.

Obviously, these are some pretty dangerous activities that often occur on computers without any obvious signs.  This description isn't meant to scare people from using their systems, but to understand the nature of the problem.  Recognizing the motivations and causes behind these attacks can help you to understand the situation and to approach a solution in an informed way.

Page 1 > Page 2 > Page 3 > Page 3 > Page 4

Get the WCTC News Feed in RSS 2.0

Please send comments or corrections to the Web Administrator www.waldotech.org
©2007 - Waldo County Technical Center

This page was last updated: 4/29/2006 3:56:19 PM