What is malware and how malware spread?
Malware is also known as “Malicious Software” is used disturb computer operations, gather sensitive information, gain access to private computer system or display unwanted advertising.
Ways of a malware attack, the ways in which malware attacks a computer include:
- Malware attacks which comes through infected email attachments.
- Instant Messaging attacks through IM attachments similar to email attachments
- File sharing is another way of malware spread, in which malware attacks through file sharing programs.
Once malware enter in system, then malware begin to damage a system’s boot sector, data files, software installed in it and even the system BIOS. This further corrupts your files and your system might shut down as well. The main problem is that these malicious software programs are designed to spread in a system.
- Malware also spread in a system through pirated software. In majority case, software seems to be legitimate when you download them, but they may be a big trouble for your system.
- USB sticks are another common way by which malware attack and spread in a system. Even system in a computer lab might be infected with malware and when user transfer file from an infected system to system with USB stick, the infection enters in system as well.
- There are many sites, which are infected with different malware and these enter your computer when you visit them.
What are the impact of malware?
- Disrupts operations.
- Steals sensitive information.
- Allows unauthorized access to system resources.
- Slows computer or web browser speeds.
- Creates problems connecting to networks.
- Results in frequent freezing or crashing.
- Deep ware is a new term that I have coined that is mal code that runs deeper than the OS and runs like a rootkit at a very low level, mostly undetectable by common AV.
What are the effect of malware?
- Malware can be invisible and have no known or noticeable affect and run on your computer undetected if it’s well written.
- Malware can cause new and unexpected toolbars and icons to appear on user desktop.
- Malware could be used for identity theft to gather personal information or data from pc and infect user pc and use it as a server to broadcast various files or attacks.
- Malware can hijack user browser to redirect you to sites for its purposes.
- Malware can send spam through and to user inbox.
- Malware might be designed to record the keys that you press on your keyboard, for example creating a text log that your computer sends to a hacker periodically, then hacker scan the text log, looking for passwords that he can use to access user email or bank account
How to prevent and remove malware?
- Install Anti malware/ Antivirus software. Keep update PC and Antivirus. Scan pc daily.
- Don’t open an email attachment from unknown source or company. Don’t click on a link in an unsolicited email.
- When URL shortening link came to user email. Always hover over a link before click the link.
- If you are download a file from internet, an email, FTP site, a file-sharing service etc., scan it before you run it. A good antivirus software detect automatically, but make sure it is being done.
- Never use the same password of different account especially in bank account. User can use same email address or username in all account but never used same password.
Example of same password used:-
“Facebook Co-founder and CEO Mark Zuckerberg “Twitter and Pinterest” account hacked by group called “OurMine”. OurMine hacker found his details in a database of 117 million passwords hacked from social network LinkedIn 2012. From there gain access to Zuckerberg twitter account, where they tweeted “you were in LinkedIn Database… DM proof”, and his Pinterest account, the name of which they changed to read “Hacked by OurMine Team”. Zuckerberg’s’ LinkedIn password was “dadada”, which he also used for his other online accounts, the group tweeted.”
Why Asian countries and specific in Nepal are targeting rather than other countries? What part of Nepal IT are in danger?
Asian countries are affected by malware in high ratio. Asia countries has not giving priorities in IT security. No much aware to the people. In Nepal hacker are spending time to spread malware to gain information.
According to Microsoft Asia announced Malware infected Index of 2016(MII2016) which identifies the malware threats in the Asia Pacific. Nepal got the 4th position holding the most infected area of Asia Pacific. Pakistan at the tops of list followed by Indonesia, Bangladesh, Nepal and other 15 countries respectively.
Gamare, Skeeyah and Peals are the most top three malware. Gamarue is a one of the top malicious computer worm that is commonly distributed via exploit kits and social engineering. Skeeyah and Peals which are Trojan that try to look innocent to convince you to install them. The top three most encountered malware can steal personal detail, download other tools, malware or given remote access for hackers to compromise PC, reported by Microsoft Asia News Center, a subsidiary of Microsoft Corporation. More than 40% of computers in 19 Asia-Pacific countries are infected with malware, which is an average within worldwide with 20.8%.
In Nepal hacker more focus on the financial industry. Some of the incident shows few year. Hacker motive from Nepal is to gain lots of information and then how they can get the money.
Recently in 2015 November, Vecilion Georgelare Bulgarian hacker came to Nepal. Trying to steal money from ATM. Georgelare was arrested and while connecting his laptops to the ATM.
Mobile phone become trend for malware and spam attacks. Hot topic spam of the last year.
“Nepal suffer from very big tragedy when 7.8 magnitude earthquake hit in April 25, people from all over the world sent donations and volunteered to help the victims. In that disaster time hacker sent scam emails starts to spread. In email hacker message to ask help to donations for victim and sent their account that belonged to scanner. The letter included phrases like “Help Nepal” are “Nepal earthquake” to trick users into believing that the message was legitimate.”
Cybercriminals continued to send fake email from mobile device and notification from mobile apps containing malware or advertising messages. New tactics included fraudsters spreading malware in the form of .apk and .jar. In addition cybercriminals masked a mobile encryption Trojan behind a file containing updates for “Flash Player”. After launching, the malware encrypted images document and video files stored on the device with users receiving a message telling them to pay a few in order to the decrypt file.
Increasing use of mobile device, exchange message and data, as well as access and control bank account has also resulted in increased exploitation opportunities for cybercriminals. Mobile malware and fraudulent spam is becoming more popular and effort to dupe victims are becoming more sophisticated year by year, with emergence of apps that can be used by cybercriminals both directly and indirectly.
What may already have stolen and what will hacker try to steal in future?
Hacker are spreading malware for various reason. Hacker can gain the information and control of the user PC. With one malware the hacker can able to download other malware so they can make victim PC to remote Pc so hacker can attack other computer.
Nepal is slowing moving from paper work to digital. As few month back Government have recently successfully implemented the digital license replacing paper one. MRP passport are already implemented which is machine readable and data are store in the server. So, handwritten data were going to be in the digital or you can say putting data in the server for easy work for searching and preventing for the future use. Now, Nepalese government planning to create online payment system for people to pay their VAT and TAX through online.
Recently, Government plan to give permission to for online money transaction system like PayPal and other. PayPal or other online payment gateway is not allow by Government of Nepal. There is no such media for online pay example bug any good from like Amazon.com or other website. In Nepal there is Esewa for online transaction but it work in Nepal only for recharging for bill and electricity bill and other kind stuff.
If the government implement all the handwritten data to digital data and store in the server then, Security is most important asset for protecting the valuable information. If Nepal is completely converting into the digital Nepal then these malware can destroy and lost all the information and privacy of people.
What are the things we should do to prevent this risk?
Government should implies and starting campaign how much there are in danger? How you should be aware? What kind of protection steps should to apply? Government should hire companies for pen testing and auditing for betterment of IT infrastructure and patch the flaw that expert were suggested. These method should need to imply by government to secure the betterment of Digital Nepal. To prevent this risk use the step that I already mention in upper paragraph.