Comprehensive network security

The term malware was firstly used by Yisrael Radai, a computer scientist and security researcher, in 1990. Though «, it existed before this date.

One of the first known examples of malware came as an experiment by BBN Technbologies engineer Robert Thomas, in 1971. Named Creeper, it was designed to infect ARPANET infrastructures. Though the malware didn’t alter functions or steal data, it was able to move from the first infected mainframe to the second one, without permission.

To better understand what’s malware, we may look at It as we look at a disease. In the specific case of a flu, it outbreaks usually have a season, once a year and normally during cold and winter times that’s when it starts spreading around and infecting people. In the specific case of a malware, there are no predictable seasonal infections for personal computer or other devices, such as mobile phones, tablets, and enterprise infections. Here, the malware can be seen a bit more as a COVID-19 infection that can happen during the entire year and at any time and location. However, instead of feeling physical symptom, just like the flu or COVID-19, computer users fall ill from a kind of machine malady, called the malware.

There are many different types of malware infections, and each type has its own method of attack that may vary from furtive to subtle like a sledgehammer.

In a deeper defined way, malware, or also called as malicious software, is a term used to describe any malicious program or piece of code that bring harm to systems and networks.

Malware intends to invade, damage, or disable computers, computer systems, networks, and mobile devices, at both total or partial control over their operation, interfering with their normal way of functioning and normal behaviour.

Though, what is, in fact, behind a malware attack may vary from case to case. Malware can, for instance, focus or intend of making money from the user, sabotaging its ability to get work done, making a political statement, or focusing on simple bragging rights. Indeed, malware is not able to create physical hardware damages on systems or network equipment, it can encrypt, steal, or even delete data and alter or hijack core computer functions, spying on users’ activity with or without knowledge or permission.

But how can a user know if his devices are or not infected? Just like it happens with a human flu, where symptoms show up and allow us to percept the disease presence in the body, also with malware it is possible to observe many different behaviours on the infected devices: 

·      Computer slows down – On of the main malware side effects, is that it may cause a reduction of speed of the operating system of the device it is infecting, whether during Internet accesses and navigation, or simply causing a decrease on the speed of local applications. Also, it is possible to observe that the usage of system’s resources, such as the use of memory and processor, are abnormally high. In some cases, it’s even possible to notice the computer’s fan whirring away at its full speed, just like the processor is reaching to a high temperature from a higher calculation demand. This is a good clue that something is taking advantage of the computer resources in the background and it’s a “symptom” that usually happens when the computer has been tied into a botnet (“a network of private computers infected with malicious software and controlled as a group without the owners' knowledge”).

·      The screen is flooded with annoying ads – Playing a very annoying situation, and that typically identifies a malware infection, is the unexpected pop-up ads that flood the devices with different information and at any time. This behaviour is a type of malware, usually known as adware because it focuses on displaying unwanted ads to the user and usually comes packed with other hidden malware threats.

·      System crashes – System crashes occur as a freeze or a blue screen of death, just like on Microsoft Windows, where the system return a blue screen after encountering a fatal error.

·      Mysterious loss of disk space – Usually loss of disk space is caused by a large volume malware, hiding in the hard drive. This is also known as bundleware.

·      Weird increase in system’s Internet activity – To better understand this “symptom” it is possible to take a trojan as an example. The moment the trojan infects a computer, it starts reaching out to the attacker’s command and control server and downloads a secondary infection, which is many times a ransomware. This is one of the possible explanations for the raise of Internet activity. Moreover, it may also happen with botnets and spyware, as well as any other threat that requires constant communication with the attacker servers.

·      Browser settings change – Many times it’s possible to notice a change on the browser’s homepage, or the existence of new toolbars, extensions or plugins tat were not there before. This may happen due to an access to an infected site or click on an infected pop-up ad.

·      Antivirus software stops working – The infection makes it impossible to turn the antivirus protection back on, leave the device unprotected and more vulnerable to other attacks.

·      Loss of access to files or entire computer – This is usually related to a ransomware infection, where the hackers announce themselves by leaving a note or message on the desktop, or even changing the desktop wallpaper to that message. The message usually consists of the information that they have encrypted all data and demand a payment in exchange for decrypting it.

 

Many malwares also make everything imperceptible, so even if everything seems to be working in the normal behaviour it is still possible for the device to be infected with malware. Powerful malware can hide deep in the device, avoiding detection and doing its business without raising any alerts. Here it is needed a good security software to be able to detect infections even when they don’t produce strong and perceptible “symptoms”.