Michael Carthy, profile picture
Uploaded byMichael Carthy
PPTX, PDF273 views

Malware

Malware presents a danger to computers and networks by causing unauthorized harm. It includes viruses, worms, Trojan horses, ransomware, and other malicious code. This malware can monitor activity, record keystrokes, and encrypt files. Different types of malware like viruses, worms, and Trojan horses use various techniques to infect systems. A case study of Target Corporation in 2013 showed how malware installed on point-of-sale systems was used to steal personal information of 110 million customers, demonstrating the serious threats malware poses to businesses.

Embed presentation

Download to read offline
Module 104: Malware
Module Overview In this module we’re going to be discussing:- • The danger that malware presents • How to avoid becoming infected with malware • The different types and varieties of malware • A case study to explore how malware can affect your business
Malware is a term used to classify software that intends to cause unauthorised harm to a computer or network Malware includes viruses, worms, Trojan horses, ransomware and other malicious code This malware can be used to monitor your activity, record your keystrokes and even encrypt your files Malicious Software
• The virus has become synonymous with computer infections • A virus is a piece of code which is capable of copying itself and typically has a detrimental effect • These effects include causing system and data corruption. • These viruses often run silently in the background, so you would never know they were there Viruses
• A worm is a piece of malicious code that replicates itself repeatedly to spread and infect other computers • Unlike a virus, a worm doesn’t need a host computer to remain active and spread, it can do so autonomously • Worms rely on exploiting some kind of security weakness within a target system or its software Worms
• Trojan horses are a particular kind of malware that disguise themselves as a trusted or legitimate application or file • Trojans are often distributed via emails, or via torrent files which are uploaded to file sharing websites • Many of these Trojans act as a secret back-door, which means they provide remote system access to attackers Trojan Horses
• Macros are small reusable instructions that automate a particular task within a software application, such as MS Word • Virus writers exploited this functionality by creating evil macros, which perform malicious actions on a target system when run • Macros are difficult to detect and look like regular Office documents, which can be easily spread via email Macro Malware
• Keyloggers are a type of malware that exist to monitor and record your digital activity, particularly your keystrokes • Keyloggers are usually installed for the purpose of information gathering, which is usually financially motivated • Attackers will use the information gathered from keyloggers for use in blackmail, identify theft and credit card fraud Keyloggers
Infection Methods Emails Malware can be sent via email as attachments. Emails can also contain URLs to the malicious downloads Downloads Your downloads might be infected, this is especially true if you are downloading illegally shared content Web Browsing Malware can be spread by visiting gaming and gambling sites or using pirated software and hacking tools Security Holes Holes in your web browser or its plug-ins allow attackers to install malware onto your computer silently
• AV software is an application that detects and prevents malware • It does this by downloading a list of software that’s known to be malicious, then comparing the files on your computer against this list • It’s important your anti-virus is to date and running regular scans Anti-virus Software
Ways to prevent malware Install up to date anti-virus software on your computers Keep your system and its software current and up to date Be wary of email attachments, suspicious websites and downloads Report anything suspicious to your appropriate contact Always think before you click, if in doubt, report it 1 2 3 4 5
Case Study - Target December 13th, 2013 Personal information of 40 Million Target customers exposed to fraud. December 14th, 2013 Target hire a 3rd party forensics team to investigate the hack. December 15th, 2013 Target confirm malware had been installed on PoS network, and was used to steal data.
Case Study - Target December 19th, 2013 Target publicly acknowledges the breach, saying it’s under investigation. January 10th, 2014 Target says an additional 70 million customers had personal information stolen during the breach. January 22nd, 2014 Target lays off 475 employees and halts a further 700 vacancies worldwide. 70M
Case Study - Target • In total 110M customer records were exposed • It was later discovered the breach was caused by a 3rd party contractor, who was fooled by a phishing email • Cases such as this one prove that malware is more than a mere nuisance, but a genuine threat to every business
Recap  We’ve taken a look at the types of malware. We’ve talked about best practices, and walked through a virtual demonstration & case study.  So remember:-  Keep your system and its software current and up to date  Be wary of email attachments, suspicious websites and downloads  Report anything suspicious to your appropriate internal contact  Always think before you click, if in doubt, report it

More Related Content

PPTX
Computer virus
bysajeena81
 
PPT
Types of attack -Part3 (Malware Part -2)
bySHUBHA CHATURVEDI
 
PPTX
Types of Malware (CEH v11)
byEC-Council
 
PPTX
Cyber attack
byManjushree Mashal
 
PPTX
Protection from hacking attacks
bySugirtha Jasmine M
 
PPTX
Cyber privacy and password protection
bysajeena81
 
PPTX
Types of Attack in Information and Network Security
bypadmeshagrekar
 
PPTX
Hacking
bysajeena81
 
Computer virus
bysajeena81
 
Types of attack -Part3 (Malware Part -2)
bySHUBHA CHATURVEDI
 
Types of Malware (CEH v11)
byEC-Council
 
Cyber attack
byManjushree Mashal
 
Protection from hacking attacks
bySugirtha Jasmine M
 
Cyber privacy and password protection
bysajeena81
 
Types of Attack in Information and Network Security
bypadmeshagrekar
 
Hacking
bysajeena81
 

What's hot

PPTX
Malware part 1
byShouaQureshi
 
PPTX
Tools and methods used in cybercrime
bypatelripal99
 
PPTX
Security threats
byQamar Farooq
 
PPT
Cybercrime 1
bynayakslideshare
 
PPTX
Computer Security
byvishal purkuti
 
PPTX
Netiquette
bysajeena81
 
PPTX
Tools and methods used in cyber crime
byshubhravrat Deshpande
 
PPTX
Firewall
bysajeena81
 
PPTX
Adware
byAvani Patel
 
PPTX
Ethical hacking
byHarishBabuKaveri
 
PPTX
Dos attack
byManjushree Mashal
 
PPTX
Basic Internet Security
bymfaheemakhtar
 
PPT
What are various types of cyber attacks
bykanika sharma
 
PPTX
Spyware risk it's time to get smart
byKanha Sahu
 
PPTX
Internet security
byat1211
 
PPTX
Cyber Security - All Over World
byBhawani Singh Chouhan
 
PPT
Cyber crime
byDepankar Chakrabarty
 
PPTX
Malicion software
byA. Shamel
 
Malware part 1
byShouaQureshi
 
Tools and methods used in cybercrime
bypatelripal99
 
Security threats
byQamar Farooq
 
Cybercrime 1
bynayakslideshare
 
Computer Security
byvishal purkuti
 
Netiquette
bysajeena81
 
Tools and methods used in cyber crime
byshubhravrat Deshpande
 
Firewall
bysajeena81
 
Adware
byAvani Patel
 
Ethical hacking
byHarishBabuKaveri
 
Dos attack
byManjushree Mashal
 
Basic Internet Security
bymfaheemakhtar
 
What are various types of cyber attacks
bykanika sharma
 
Spyware risk it's time to get smart
byKanha Sahu
 
Internet security
byat1211
 
Cyber Security - All Over World
byBhawani Singh Chouhan
 
Cyber crime
byDepankar Chakrabarty
 
Malicion software
byA. Shamel
 

Similar to Malware

PPTX
CYBER SECURITY AWARENESS TRAINING FOR FINANCE PROFESSIONALS
bybayelsadata
 
PPTX
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
byvarshsambhav
 
PPTX
lecture-11-30052022-103626am.pptx
byZarwashgulrez
 
PPTX
Lecture 2-1.pptx Lec 04 Risk Management.pptxLec 04 Risk Management.pptxLec 04...
by1230200206
 
PPTX
Virus and malware presentation
byAmjad Bhutto
 
PDF
Week3-CyberSecurity 8th Semester important.pdf
byMArshad35
 
PPTX
12 Malware very useful Presentation for others
byAssadLeo1
 
PPTX
SECURITY THREATS AND SAFETY MEASURES
byShyam Kumar Singh
 
PPTX
malwarepatchsedhdjdjrkvjdndbtigktbgifjridj
byDivyanshGupta505488
 
PDF
CS111-PART 7 (MALWARE).pdf
byKakai Catalan
 
PDF
Module 5.Malware
bySitamarhi Institute of Technology
 
PDF
Module 5.pdf
bySitamarhi Institute of Technology
 
PPTX
MALWARES.pptx
byjeffautor15
 
PDF
Computer viruses
byAlfred George
 
PPTX
NS 2.pptx
byChSheraz3
 
PPTX
Computer-vIRUS-malicious software and worm.pptx
byKennethMorales26
 
PPTX
Malware part 2
byShouaQureshi
 
PPTX
Computer-software (1).pptx
byJohnRebenRequinto1
 
PDF
Malware and malicious programs
byAmmar Hasayen
 
PPTX
Major Computer Virus Types to Watch Out
byMalwarebytes coupon code
 
CYBER SECURITY AWARENESS TRAINING FOR FINANCE PROFESSIONALS
bybayelsadata
 
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
byvarshsambhav
 
lecture-11-30052022-103626am.pptx
byZarwashgulrez
 
Lecture 2-1.pptx Lec 04 Risk Management.pptxLec 04 Risk Management.pptxLec 04...
by1230200206
 
Virus and malware presentation
byAmjad Bhutto
 
Week3-CyberSecurity 8th Semester important.pdf
byMArshad35
 
12 Malware very useful Presentation for others
byAssadLeo1
 
SECURITY THREATS AND SAFETY MEASURES
byShyam Kumar Singh
 
malwarepatchsedhdjdjrkvjdndbtigktbgifjridj
byDivyanshGupta505488
 
CS111-PART 7 (MALWARE).pdf
byKakai Catalan
 
Module 5.Malware
bySitamarhi Institute of Technology
 
Module 5.pdf
bySitamarhi Institute of Technology
 
MALWARES.pptx
byjeffautor15
 
Computer viruses
byAlfred George
 
NS 2.pptx
byChSheraz3
 
Computer-vIRUS-malicious software and worm.pptx
byKennethMorales26
 
Malware part 2
byShouaQureshi
 
Computer-software (1).pptx
byJohnRebenRequinto1
 
Malware and malicious programs
byAmmar Hasayen
 
Major Computer Virus Types to Watch Out
byMalwarebytes coupon code
 

Recently uploaded

PDF
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
PDF
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
PPTX
The Landscape of Computer Software Development Companies
byYash Singh
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
Incident Response Planning with a Foundation Model
byKim Hammar
 
PPTX
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
PDF
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 
Security Technologys: Access Control, Firewall, VPN
byShielaLasala
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Accelerating Responsible AI Adoption in Public Sector and Private Organizations.
byYasir Naveed Riaz
 
Igniting the Future: Copilot trends, agentic transformation and product roadm...
byUni Systems S.M.S.A.
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Digit Expo 2025 - EICC Edinburgh 27th November
byRay Bugg
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
The Landscape of Computer Software Development Companies
byYash Singh
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
Guided Substation Engineering with CoMPAS: Simplifying IEC 61850
byDanBrown980551
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
Incident Response Planning with a Foundation Model
byKim Hammar
 
Ritesh_kumar_Aatmanirbhar Bharat: Make in India, Make for the World.pptx
byriteshrkgs2008
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
Recursive Self Improvement vs Continuous Learning
byBob Marcus
 

Malware

  • 1.
  • 2.
    Module Overview In thismodule we’re going to be discussing:- • The danger that malware presents • How to avoid becoming infected with malware • The different types and varieties of malware • A case study to explore how malware can affect your business
  • 3.
    Malware is aterm used to classify software that intends to cause unauthorised harm to a computer or network Malware includes viruses, worms, Trojan horses, ransomware and other malicious code This malware can be used to monitor your activity, record your keystrokes and even encrypt your files Malicious Software
  • 4.
    • The virushas become synonymous with computer infections • A virus is a piece of code which is capable of copying itself and typically has a detrimental effect • These effects include causing system and data corruption. • These viruses often run silently in the background, so you would never know they were there Viruses
  • 5.
    • A wormis a piece of malicious code that replicates itself repeatedly to spread and infect other computers • Unlike a virus, a worm doesn’t need a host computer to remain active and spread, it can do so autonomously • Worms rely on exploiting some kind of security weakness within a target system or its software Worms
  • 6.
    • Trojan horsesare a particular kind of malware that disguise themselves as a trusted or legitimate application or file • Trojans are often distributed via emails, or via torrent files which are uploaded to file sharing websites • Many of these Trojans act as a secret back-door, which means they provide remote system access to attackers Trojan Horses
  • 7.
    • Macros aresmall reusable instructions that automate a particular task within a software application, such as MS Word • Virus writers exploited this functionality by creating evil macros, which perform malicious actions on a target system when run • Macros are difficult to detect and look like regular Office documents, which can be easily spread via email Macro Malware
  • 8.
    • Keyloggers area type of malware that exist to monitor and record your digital activity, particularly your keystrokes • Keyloggers are usually installed for the purpose of information gathering, which is usually financially motivated • Attackers will use the information gathered from keyloggers for use in blackmail, identify theft and credit card fraud Keyloggers
  • 9.
    Infection Methods Emails Malware canbe sent via email as attachments. Emails can also contain URLs to the malicious downloads Downloads Your downloads might be infected, this is especially true if you are downloading illegally shared content Web Browsing Malware can be spread by visiting gaming and gambling sites or using pirated software and hacking tools Security Holes Holes in your web browser or its plug-ins allow attackers to install malware onto your computer silently
  • 10.
    • AV softwareis an application that detects and prevents malware • It does this by downloading a list of software that’s known to be malicious, then comparing the files on your computer against this list • It’s important your anti-virus is to date and running regular scans Anti-virus Software
  • 11.
    Ways to preventmalware Install up to date anti-virus software on your computers Keep your system and its software current and up to date Be wary of email attachments, suspicious websites and downloads Report anything suspicious to your appropriate contact Always think before you click, if in doubt, report it 1 2 3 4 5
  • 14.
    Case Study -Target December 13th, 2013 Personal information of 40 Million Target customers exposed to fraud. December 14th, 2013 Target hire a 3rd party forensics team to investigate the hack. December 15th, 2013 Target confirm malware had been installed on PoS network, and was used to steal data.
  • 15.
    Case Study -Target December 19th, 2013 Target publicly acknowledges the breach, saying it’s under investigation. January 10th, 2014 Target says an additional 70 million customers had personal information stolen during the breach. January 22nd, 2014 Target lays off 475 employees and halts a further 700 vacancies worldwide. 70M
  • 16.
    Case Study -Target • In total 110M customer records were exposed • It was later discovered the breach was caused by a 3rd party contractor, who was fooled by a phishing email • Cases such as this one prove that malware is more than a mere nuisance, but a genuine threat to every business
  • 17.
    Recap  We’ve takena look at the types of malware. We’ve talked about best practices, and walked through a virtual demonstration & case study.  So remember:-  Keep your system and its software current and up to date  Be wary of email attachments, suspicious websites and downloads  Report anything suspicious to your appropriate internal contact  Always think before you click, if in doubt, report it

Editor's Notes

  • #3 Hello and welcome to our module on malware. In this module we’re going to be learning about the dangers posed by malicious code and explore the ways that we can avoid becoming infected. We’ll be taking a look at the different types of malware, discussing their behaviour and finish up with a real life case study to examine the impact that malware can have on your business
  • #4 So it’s normally best to start with a definition. Malware is actually an umbrella term used to classify software that intends to cause unauthorised harm to a computer or network. This includes viruses, worms, Trojan horses, ransomware and other malicious code. Once you’re infected these software applications can be used to monitor your activity, record your keystrokes and encrypt your files – often silently in the background without you ever even knowing. Let’s take a look at some common examples
  • #5 So let’s start with an example you’ve all heard of – the computer virus. The virus has become synonymous with computer infections, but it seems not many people understand what it really is. A virus is essentially a piece of software that’s capable of copying itself in order to spread, much like a biological virus, and typically has a detrimental effect on its host. These effects can include causing system corruption or destroying data. Viruses often run silently in the background, so you’d never actually know they were there. They’re much less common these days, and most new malware will fall into one of the following varieties
  • #6 A worm is a piece of malicious code that replicates itself repeatedly in order to spread and infect other computers. Unlike a virus a worm doesn’t need a host computer to remain active, and is able to spread and replicate autonomously. These worms usually rely on security weaknesses within a target system or its applications. It’s difficult to defend against new worms however keeping systems up to date with the latest software is a great way to mitigate against any risks.
  • #7 Trojan horses are a particular kind of malware that masquerade as a trusted or legitimate application or file. They may for example be hidden inside an email attachment, or a torrent file that’s uploaded to a file sharing website. Many of these applications act as a secret back door to your system, providing their creators with remote access to your network. The word Trojan is originally derived from the Ancient Greek story of the wooden horse that was used to help the Greek troops invade Troy.
  • #8 Macros are small reusable instructions that automate a particular task, usually within a software application such as Microsoft Word. The macros are incredibly powerful and very useful, however can also be used maliciously. Virus writers have used this functionality to create evil macros, which perform malicious actions on a target system. These macros are difficult to detect and often look like regular Office documents, which makes them easy to distribute and spread via email.
  • #9 Keyloggers are a type of malware that monitor and record your digital activity, particularly your keystrokes – though it may also include capturing your screen. They are usually installed for the purpose of information gathering, which is often financially motivated. Attackers might use the information gathered from keyloggers to blackmail you, steal your identity or perform credit card fraud. Keyloggers fall into a category of malware known as spyware, which as the name suggests, are applications that can be used to monitor you.
  • #10 Malware can be spread through a variety of methods, including emails, downloads and software vulnerabilities. It can be sent as an email attachment, or distributed via websites hosting malicious content. Your downloads may even be infected, particularly from websites that you don’t usually trust. You can also be infected with malware via security holes might exist inside your web browser or its plug-ins. While it’s difficult to prevent malware, there are ways to detect it, and the most common is using a good up to date anti-virus application.
  • #11 Anti-virus software is an application that detects and prevents all kinds of malware from harming your system. It does this by downloading a list of software that’s known to be malicious and then comparing the files on your computer against this list. If there’s a match, it isolates and removes the threat from your computer. This blacklist is constantly changing – which explains why it’s important that your anti-virus software is always up to date and running regular scans. Like everything else in security – theres no gold bullet solution for preventing malware infections, and anti-virus software only forms one part of a larger defence strategy. It will however block and eliminate the most common attacks and continues to play and important role in keeping your networks and systems secure.
  • #12 While there’s no fool proof method for protecting yourself against malware there are many things that you can do to reduce your risk of becoming infected. Firstly, make sure that you have up to date anti-virus software running on your computer and that your system has no pending updates. Be wary of email attachments, pirate websites and downloads – and never open something that you don’t completely trust. It’s important that you report anything suspicious or that you’re not sure about to your appropriate contact - and always think before you click. If you’re ever in doubt, report it.
  • #13 This video shows a demonstration of a real attack using a macro trojan, and highlights the danger of opening files that you don’t trust. In this example you can see the attackers screen on the left and the victims screen on the right. At this stage the attacker has sent an email to the victim with the malicious attachment which has made it through their spam blocking systems. The victim proceeds to open up Microsoft Outlook and sees an email from a potential job applicant for a role which the company are publicly advertising. The recipient, believing this to be a resume, decides to open up the attachment to view its contents. On the left hand side we can see that the attacker is preparing his computer to receive a connection from the victim. Once the document is open the contents are blank and the victim receives two prompts. The first is to enable editing, and the second is to enable macros. Most of us would click through these prompts without a second thought, however in this case enabling the macros allows some code to run which grants the attacker full and exclusive access to the victims computer. We can see that on the left hand side the attacker is able to browse the list of programs running on the computer. Once he’s done he issues the command screenshot – which captures an image of the victims screen. From here the attacker can do anything that somebody sitting at the computer could do, all silently in the background, without them ever even knowing. This may include turning on their microphone or web camera, browsing files, stealing data or causing damage to their network. Now that we’ve seen how attackers can use malware to infiltrate your network, let’s take a look at a real life case study.
  • #15 On December 13th 2013 it was discovered that personal information, including names, mailing addresses and credit card information, of 40 million Target customers had been exposed to fraud. Shortly after Target hired a third party forensics team to investigate the hack, and on December 15th they confirmed that cyber criminals had infiltrated their systems. It was discovered that malware had been installed on Target’s point-of-sale network, and had been used to steal payment and credit card data. The public were completely unaware of the breach.
  • #16 On December 19th Target decide to publicly acknowledge the hack, saying it’s under investigation and confirming that the stolen data included payment information. In the hours following this announcement customers jam Target’s website and customer service hotlines. In response to the incident they announce a 10% discount on all in-store sales – but despite this effort their Christmas sales take a huge dive. On January 10th Target announce that an additional 70 million customers have been affected, and that their personal information was stolen during the breach. Following these events the company lower its forecast for the coming quarter, saying that sales were considerably weaker following news of the breach. On January 22nd 2014, Target announce that they’re laying off 475 employees at their headquarters in Minneapolis, and that a further 700 proposed vacancies worldwide will go unfilled.
  • #17 It’s certainly a frightening story – but it’s one that we can all learn from. In total 110 million customer records were exposed from stores across the United States. It was later discovered that the breach was caused to some extent by a 3rd party contractor who was fooled by a phishing email – a topic which we’ll be covering in later modules. It’s cases such as this that prove malware is more than a mere nuisance, but a genuine threat to every business.
  • #18 So let’s run through a recap. In this module we’ve taken a look at the various types of malware and the methods used to infect your systems. We’ve talked about some best practices for malware prevention, walked through a virtual demonstration and have finished up with a real life case study. So remember, always keep your system and its software current and up to date. Be wary of email attachments, suspicious websites and downloads. Report anything suspicious to your appropriate internal contact, and always think before you click. If you’re ever in doubt, report it