After reviewing network attacks tutorial in the lecture.
Write a security policy write-up for the antivirus, spyware, and adware policies for a medium-sized organization. Be sure to suggest security tools and set up a schedule for maintaining a company that is free of infestations of malware.
History of Viruses
1984—Dr. Fred Cohen produced several academic papers that defined the computer virus. A computer virus is “a program that can ‘infect’ other programs by modifying them. Including a possibly evolved version of itself.”
1995—Macro viruses were spread via Word and Excel files. E-mail viruses also experienced exponential growth and began to include payloads that allow attackers to install rootkits on infected PCs. The I Love You virus, in 2000, introduced a new virus-spreading technique: when the e-mail carrying the virus was opened, the payload executed. Capitalizing on social engineering, an e-mail with an enticing title from a known sender had a high success rate due to so many recipients opening it.
2002—Adware and spyware emerged. By bundling or fooling the user into downloading the program, the program would inundate the user with pop-up advertisements and send their browsing habits to marketing companies. Some conspiracy theories claim that AV technology was not stopping its spread, so that AV vendors could create and sell “new” anti-spyware products.
2004—Viruses became the domain of organized cyber-criminals. They herded together botnets to carry out DOS attacks, distribute spam, and propagate viruses. In 2005, viruses were created to target specific organizations and commit data theft or fraud. In 2007, the Storm Worm became the first targeted polymorphic virus, designed to assemble networks of zombie PCs.
Spyware can install itself on systems using a range of different techniques, including
- direct installation onto a system (for example, by a hacker);
- through a pop-up window or advertisement;
- via spam e-mail, e-mail attachment, or instant messaging;
- by users swapping music, photos, or other files;
- drive-by download; and
- packaged with other software.
Drive-by download is a method whereby spyware can install itself on a system when a user visits a website. This can be carried out by exploiting a technology called Browser Helper Object (BHO). BHOs are small programs that provide added functionality to a user’s Internet browser. For example, BHOs may add toolbars, such as the Google Toolbar, to a user’s Internet Explorer browser.
Problems occur when this technology carries out functions that can damage or disrupt a user’s system. For example, BHOs can hijack a user’s browser and redirect the user to websites where more malicious forms of spyware can be more easily installed.
Spyware may be distributed through software distribution channels. For example, when users download games, applications, or utility programs for their workstations, spyware can piggyback on the software. When the user installs the software, the spyware program is automatically installed without the user’s knowledge.
Although not actually spyware, even MySpace has provisions regarding customer data and cookies in its user agreement: View it at http://www.myspace-code.org/privacy.htm