SlideShare a Scribd company logo

Malware

Download as PPTX, PDF
Michael Carthy
Michael Carthy

Malware presents a danger to computers and networks by causing unauthorized harm. It includes viruses, worms, Trojan horses, ransomware, and other malicious code. This malware can monitor activity, record keystrokes, and encrypt files. Different types of malware like viruses, worms, and Trojan horses use various techniques to infect systems. A case study of Target Corporation in 2013 showed how malware installed on point-of-sale systems was used to steal personal information of 110 million customers, demonstrating the serious threats malware poses to businesses.

Technology
1 of 17
Module 104: Malware
Module Overview In this module we’re going to be discussing:- • The danger that malware presents • How to avoid becoming infected with malware • The different types and varieties of malware • A case study to explore how malware can affect your business
Malware is a term used to classify software that intends to cause unauthorised harm to a computer or network Malware includes viruses, worms, Trojan horses, ransomware and other malicious code This malware can be used to monitor your activity, record your keystrokes and even encrypt your files Malicious Software
• The virus has become synonymous with computer infections • A virus is a piece of code which is capable of copying itself and typically has a detrimental effect • These effects include causing system and data corruption. • These viruses often run silently in the background, so you would never know they were there Viruses
• A worm is a piece of malicious code that replicates itself repeatedly to spread and infect other computers • Unlike a virus, a worm doesn’t need a host computer to remain active and spread, it can do so autonomously • Worms rely on exploiting some kind of security weakness within a target system or its software Worms
• Trojan horses are a particular kind of malware that disguise themselves as a trusted or legitimate application or file • Trojans are often distributed via emails, or via torrent files which are uploaded to file sharing websites • Many of these Trojans act as a secret back-door, which means they provide remote system access to attackers Trojan Horses
• Macros are small reusable instructions that automate a particular task within a software application, such as MS Word • Virus writers exploited this functionality by creating evil macros, which perform malicious actions on a target system when run • Macros are difficult to detect and look like regular Office documents, which can be easily spread via email Macro Malware
• Keyloggers are a type of malware that exist to monitor and record your digital activity, particularly your keystrokes • Keyloggers are usually installed for the purpose of information gathering, which is usually financially motivated • Attackers will use the information gathered from keyloggers for use in blackmail, identify theft and credit card fraud Keyloggers
Infection Methods Emails Malware can be sent via email as attachments. Emails can also contain URLs to the malicious downloads Downloads Your downloads might be infected, this is especially true if you are downloading illegally shared content Web Browsing Malware can be spread by visiting gaming and gambling sites or using pirated software and hacking tools Security Holes Holes in your web browser or its plug-ins allow attackers to install malware onto your computer silently
• AV software is an application that detects and prevents malware • It does this by downloading a list of software that’s known to be malicious, then comparing the files on your computer against this list • It’s important your anti-virus is to date and running regular scans Anti-virus Software
Ways to prevent malware Install up to date anti-virus software on your computers Keep your system and its software current and up to date Be wary of email attachments, suspicious websites and downloads Report anything suspicious to your appropriate contact Always think before you click, if in doubt, report it 1 2 3 4 5
Case Study - Target December 13th, 2013 Personal information of 40 Million Target customers exposed to fraud. December 14th, 2013 Target hire a 3rd party forensics team to investigate the hack. December 15th, 2013 Target confirm malware had been installed on PoS network, and was used to steal data.
Case Study - Target December 19th, 2013 Target publicly acknowledges the breach, saying it’s under investigation. January 10th, 2014 Target says an additional 70 million customers had personal information stolen during the breach. January 22nd, 2014 Target lays off 475 employees and halts a further 700 vacancies worldwide. 70M
Case Study - Target • In total 110M customer records were exposed • It was later discovered the breach was caused by a 3rd party contractor, who was fooled by a phishing email • Cases such as this one prove that malware is more than a mere nuisance, but a genuine threat to every business
Recap  We’ve taken a look at the types of malware. We’ve talked about best practices, and walked through a virtual demonstration & case study.  So remember:-  Keep your system and its software current and up to date  Be wary of email attachments, suspicious websites and downloads  Report anything suspicious to your appropriate internal contact  Always think before you click, if in doubt, report it

Recommended

Computer virus
Computer virusComputer virus
Computer virus
sajeena81
 
Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)
SHUBHA CHATURVEDI
 
Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
padmeshagrekar
 
Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protection
sajeena81
 
Hacking
HackingHacking
Hacking
sajeena81
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
Sugirtha Jasmine M
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
EC-Council
 

Recommended

Computer virus
Computer virusComputer virus
Computer virus
sajeena81
 
Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)Types of attack -Part3 (Malware Part -2)
Types of attack -Part3 (Malware Part -2)
SHUBHA CHATURVEDI
 
Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
padmeshagrekar
 
Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protection
sajeena81
 
Hacking
HackingHacking
Hacking
sajeena81
 
Cyber attack
Cyber attackCyber attack
Cyber attack
Manjushree Mashal
 
Protection from hacking attacks
Protection from hacking attacksProtection from hacking attacks
Protection from hacking attacks
Sugirtha Jasmine M
 
Types of Malware (CEH v11)
Types of Malware (CEH v11)Types of Malware (CEH v11)
Types of Malware (CEH v11)
EC-Council
 
Netiquette
NetiquetteNetiquette
Netiquette
sajeena81
 
Internet security
Internet securityInternet security
Internet security
at1211
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Security
mfaheemakhtar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
HarishBabuKaveri
 
What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attacks
kanika sharma
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
patelripal99
 
Malware part 1
Malware part 1Malware part 1
Malware part 1
ShouaQureshi
 
Security threats
Security threatsSecurity threats
Security threats
Qamar Farooq
 
Cyber Security - All Over World
Cyber Security - All Over WorldCyber Security - All Over World
Cyber Security - All Over World
Bhawani Singh Chouhan
 
Firewall
FirewallFirewall
Firewall
sajeena81
 
Adware
AdwareAdware
Adware
Avani Patel
 
Computer Security
Computer SecurityComputer Security
Computer Security
vishal purkuti
 
Tools and methods used in cyber crime
Tools and methods used in cyber crimeTools and methods used in cyber crime
Tools and methods used in cyber crime
shubhravrat Deshpande
 
Malicion software
Malicion softwareMalicion software
Malicion software
A. Shamel
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smart
Kanha Sahu
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Depankar Chakrabarty
 
Dos attack
Dos attackDos attack
Dos attack
Manjushree Mashal
 
Cybercrime 1
Cybercrime 1Cybercrime 1
Cybercrime 1
nayakslideshare
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
Dnyaneshwar Beedkar
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
PraphullaShrestha1
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
lecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptxlecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptx
Zarwashgulrez
 

More Related Content

What's hot

Netiquette
NetiquetteNetiquette
Netiquette
sajeena81
 
Internet security
Internet securityInternet security
Internet security
at1211
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Security
mfaheemakhtar
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
HarishBabuKaveri
 
What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attacks
kanika sharma
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
patelripal99
 
Malware part 1
Malware part 1Malware part 1
Malware part 1
ShouaQureshi
 
Security threats
Security threatsSecurity threats
Security threats
Qamar Farooq
 
Cyber Security - All Over World
Cyber Security - All Over WorldCyber Security - All Over World
Cyber Security - All Over World
Bhawani Singh Chouhan
 
Firewall
FirewallFirewall
Firewall
sajeena81
 
Adware
AdwareAdware
Adware
Avani Patel
 
Computer Security
Computer SecurityComputer Security
Computer Security
vishal purkuti
 
Tools and methods used in cyber crime
Tools and methods used in cyber crimeTools and methods used in cyber crime
Tools and methods used in cyber crime
shubhravrat Deshpande
 
Malicion software
Malicion softwareMalicion software
Malicion software
A. Shamel
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smart
Kanha Sahu
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Depankar Chakrabarty
 
Dos attack
Dos attackDos attack
Dos attack
Manjushree Mashal
 
Cybercrime 1
Cybercrime 1Cybercrime 1
Cybercrime 1
nayakslideshare
 

What's hot (18)

Netiquette
NetiquetteNetiquette
Netiquette
 
Internet security
Internet securityInternet security
Internet security
 
Basic Internet Security
Basic Internet SecurityBasic Internet Security
Basic Internet Security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
What are various types of cyber attacks
What are various types of cyber attacksWhat are various types of cyber attacks
What are various types of cyber attacks
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
 
Malware part 1
Malware part 1Malware part 1
Malware part 1
 
Security threats
Security threatsSecurity threats
Security threats
 
Cyber Security - All Over World
Cyber Security - All Over WorldCyber Security - All Over World
Cyber Security - All Over World
 
Firewall
FirewallFirewall
Firewall
 
Adware
AdwareAdware
Adware
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Tools and methods used in cyber crime
Tools and methods used in cyber crimeTools and methods used in cyber crime
Tools and methods used in cyber crime
 
Malicion software
Malicion softwareMalicion software
Malicion software
 
Spyware risk it's time to get smart
Spyware risk it's time to get smartSpyware risk it's time to get smart
Spyware risk it's time to get smart
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Dos attack
Dos attackDos attack
Dos attack
 
Cybercrime 1
Cybercrime 1Cybercrime 1
Cybercrime 1
 

Similar to Malware

Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
Dnyaneshwar Beedkar
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
PraphullaShrestha1
 
Malicious
MaliciousMalicious
Malicious
Khyati Rajput
 
lecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptxlecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptx
Zarwashgulrez
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
LakshayNRReddy
 
NS 2.pptx
NS 2.pptxNS 2.pptx
NS 2.pptx
ChSheraz3
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber security
Avani Patel
 
Cyber security
Cyber securityCyber security
Cyber security
ChethanMp7
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
Avani Patel
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
Mustafa Amiri
 
CyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicCyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topic
piyushkamble6
 
Network and Security | by M.Hassaan Anjum
Network and Security | by M.Hassaan AnjumNetwork and Security | by M.Hassaan Anjum
Network and Security | by M.Hassaan Anjum
Hassaan Anjum
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
Amjad Bhutto
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
WindstoneHealth
 
Cyber crime types
Cyber crime typesCyber crime types
Cyber crime types
kiran yadav
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
SumanPramanik7
 
Information & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineInformation & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. online
SumanPramanik7
 
11 Computer Privacy
11 Computer Privacy11 Computer Privacy
11 Computer Privacy
Saqib Raza
 
Amenazas Informática
Amenazas InformáticaAmenazas Informática
Amenazas Informática
Dani Díaz
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdf
WajdiElhamzi3
 

Similar to Malware (20)

Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Malicious
MaliciousMalicious
Malicious
 
lecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptxlecture-11-30052022-103626am.pptx
lecture-11-30052022-103626am.pptx
 
Malware ppt final.pptx
Malware ppt final.pptxMalware ppt final.pptx
Malware ppt final.pptx
 
NS 2.pptx
NS 2.pptxNS 2.pptx
NS 2.pptx
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
 
CyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicCyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topic
 
Network and Security | by M.Hassaan Anjum
Network and Security | by M.Hassaan AnjumNetwork and Security | by M.Hassaan Anjum
Network and Security | by M.Hassaan Anjum
 
Virus and malware presentation
Virus and malware presentationVirus and malware presentation
Virus and malware presentation
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
 
Cyber crime types
Cyber crime typesCyber crime types
Cyber crime types
 
Information cyber security
Information cyber securityInformation cyber security
Information cyber security
 
Information & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. onlineInformation & cyber security, Winter training ,bsnl. online
Information & cyber security, Winter training ,bsnl. online
 
11 Computer Privacy
11 Computer Privacy11 Computer Privacy
11 Computer Privacy
 
Amenazas Informática
Amenazas InformáticaAmenazas Informática
Amenazas Informática
 
CH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdfCH1- Introduction to malware analysis-v2.pdf
CH1- Introduction to malware analysis-v2.pdf
 

Recently uploaded

JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
Miro Wengner
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
panagenda
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
Neo4j
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving
 
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
Edge AI and Vision Alliance
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
Antonios Katsarakis
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
Hiroshi SHIBATA
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Precisely
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Tosin Akinosho
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
Alex Pruden
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
Ajin Abraham
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
ScyllaDB
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
Jakub Marek
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
akankshawande
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
MichaelKnudsen27
 

Recently uploaded (20)

JavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green MasterplanJavaLand 2024: Application Development Green Masterplan
JavaLand 2024: Application Development Green Masterplan
 
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUHCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAU
 
Leveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and StandardsLeveraging the Graph for Clinical Trials and Standards
Leveraging the Graph for Clinical Trials and Standards
 
Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving | Nameplate Manufacturing Process - 2024
Northern Engraving | Nameplate Manufacturing Process - 2024
 
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
“How Axelera AI Uses Digital Compute-in-memory to Deliver Fast and Energy-eff...
 
Dandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity serverDandelion Hashtable: beyond billion requests per second on a commodity server
Dandelion Hashtable: beyond billion requests per second on a commodity server
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024Introduction of Cybersecurity with OSS at Code Europe 2024
Introduction of Cybersecurity with OSS at Code Europe 2024
 
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their MainframeDigital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
Digital Banking in the Cloud: How Citizens Bank Unlocked Their Mainframe
 
Monitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdfMonitoring and Managing Anomaly Detection on OpenShift.pdf
Monitoring and Managing Anomaly Detection on OpenShift.pdf
 
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
zkStudyClub - LatticeFold: A Lattice-based Folding Scheme and its Application...
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
AppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSFAppSec PNW: Android and iOS Application Security with MobSF
AppSec PNW: Android and iOS Application Security with MobSF
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyFreshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-Efficiency
 
Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)Main news related to the CCS TSI 2023 (2023/1695)
Main news related to the CCS TSI 2023 (2023/1695)
 
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development ProvidersYour One-Stop Shop for Python Success: Top 10 US Python Development Providers
Your One-Stop Shop for Python Success: Top 10 US Python Development Providers
 
Nordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptxNordic Marketo Engage User Group_June 13_ 2024.pptx
Nordic Marketo Engage User Group_June 13_ 2024.pptx
 

Malware

  • 2. Module Overview In this module we’re going to be discussing:- • The danger that malware presents • How to avoid becoming infected with malware • The different types and varieties of malware • A case study to explore how malware can affect your business
  • 3. Malware is a term used to classify software that intends to cause unauthorised harm to a computer or network Malware includes viruses, worms, Trojan horses, ransomware and other malicious code This malware can be used to monitor your activity, record your keystrokes and even encrypt your files Malicious Software
  • 4. • The virus has become synonymous with computer infections • A virus is a piece of code which is capable of copying itself and typically has a detrimental effect • These effects include causing system and data corruption. • These viruses often run silently in the background, so you would never know they were there Viruses
  • 5. • A worm is a piece of malicious code that replicates itself repeatedly to spread and infect other computers • Unlike a virus, a worm doesn’t need a host computer to remain active and spread, it can do so autonomously • Worms rely on exploiting some kind of security weakness within a target system or its software Worms
  • 6. • Trojan horses are a particular kind of malware that disguise themselves as a trusted or legitimate application or file • Trojans are often distributed via emails, or via torrent files which are uploaded to file sharing websites • Many of these Trojans act as a secret back-door, which means they provide remote system access to attackers Trojan Horses
  • 7. • Macros are small reusable instructions that automate a particular task within a software application, such as MS Word • Virus writers exploited this functionality by creating evil macros, which perform malicious actions on a target system when run • Macros are difficult to detect and look like regular Office documents, which can be easily spread via email Macro Malware
  • 8. • Keyloggers are a type of malware that exist to monitor and record your digital activity, particularly your keystrokes • Keyloggers are usually installed for the purpose of information gathering, which is usually financially motivated • Attackers will use the information gathered from keyloggers for use in blackmail, identify theft and credit card fraud Keyloggers
  • 9. Infection Methods Emails Malware can be sent via email as attachments. Emails can also contain URLs to the malicious downloads Downloads Your downloads might be infected, this is especially true if you are downloading illegally shared content Web Browsing Malware can be spread by visiting gaming and gambling sites or using pirated software and hacking tools Security Holes Holes in your web browser or its plug-ins allow attackers to install malware onto your computer silently
  • 10. • AV software is an application that detects and prevents malware • It does this by downloading a list of software that’s known to be malicious, then comparing the files on your computer against this list • It’s important your anti-virus is to date and running regular scans Anti-virus Software
  • 11. Ways to prevent malware Install up to date anti-virus software on your computers Keep your system and its software current and up to date Be wary of email attachments, suspicious websites and downloads Report anything suspicious to your appropriate contact Always think before you click, if in doubt, report it 1 2 3 4 5
  • 12.
  • 13.
  • 14. Case Study - Target December 13th, 2013 Personal information of 40 Million Target customers exposed to fraud. December 14th, 2013 Target hire a 3rd party forensics team to investigate the hack. December 15th, 2013 Target confirm malware had been installed on PoS network, and was used to steal data.
  • 15. Case Study - Target December 19th, 2013 Target publicly acknowledges the breach, saying it’s under investigation. January 10th, 2014 Target says an additional 70 million customers had personal information stolen during the breach. January 22nd, 2014 Target lays off 475 employees and halts a further 700 vacancies worldwide. 70M
  • 16. Case Study - Target • In total 110M customer records were exposed • It was later discovered the breach was caused by a 3rd party contractor, who was fooled by a phishing email • Cases such as this one prove that malware is more than a mere nuisance, but a genuine threat to every business
  • 17. Recap  We’ve taken a look at the types of malware. We’ve talked about best practices, and walked through a virtual demonstration & case study.  So remember:-  Keep your system and its software current and up to date  Be wary of email attachments, suspicious websites and downloads  Report anything suspicious to your appropriate internal contact  Always think before you click, if in doubt, report it

Editor's Notes

  1. Hello and welcome to our module on malware. In this module we’re going to be learning about the dangers posed by malicious code and explore the ways that we can avoid becoming infected. We’ll be taking a look at the different types of malware, discussing their behaviour and finish up with a real life case study to examine the impact that malware can have on your business
  2. So it’s normally best to start with a definition. Malware is actually an umbrella term used to classify software that intends to cause unauthorised harm to a computer or network. This includes viruses, worms, Trojan horses, ransomware and other malicious code. Once you’re infected these software applications can be used to monitor your activity, record your keystrokes and encrypt your files – often silently in the background without you ever even knowing. Let’s take a look at some common examples
  3. So let’s start with an example you’ve all heard of – the computer virus. The virus has become synonymous with computer infections, but it seems not many people understand what it really is. A virus is essentially a piece of software that’s capable of copying itself in order to spread, much like a biological virus, and typically has a detrimental effect on its host. These effects can include causing system corruption or destroying data. Viruses often run silently in the background, so you’d never actually know they were there. They’re much less common these days, and most new malware will fall into one of the following varieties
  4. A worm is a piece of malicious code that replicates itself repeatedly in order to spread and infect other computers. Unlike a virus a worm doesn’t need a host computer to remain active, and is able to spread and replicate autonomously. These worms usually rely on security weaknesses within a target system or its applications. It’s difficult to defend against new worms however keeping systems up to date with the latest software is a great way to mitigate against any risks.
  5. Trojan horses are a particular kind of malware that masquerade as a trusted or legitimate application or file. They may for example be hidden inside an email attachment, or a torrent file that’s uploaded to a file sharing website. Many of these applications act as a secret back door to your system, providing their creators with remote access to your network. The word Trojan is originally derived from the Ancient Greek story of the wooden horse that was used to help the Greek troops invade Troy.
  6. Macros are small reusable instructions that automate a particular task, usually within a software application such as Microsoft Word. The macros are incredibly powerful and very useful, however can also be used maliciously. Virus writers have used this functionality to create evil macros, which perform malicious actions on a target system. These macros are difficult to detect and often look like regular Office documents, which makes them easy to distribute and spread via email.
  7. Keyloggers are a type of malware that monitor and record your digital activity, particularly your keystrokes – though it may also include capturing your screen. They are usually installed for the purpose of information gathering, which is often financially motivated. Attackers might use the information gathered from keyloggers to blackmail you, steal your identity or perform credit card fraud. Keyloggers fall into a category of malware known as spyware, which as the name suggests, are applications that can be used to monitor you.
  8. Malware can be spread through a variety of methods, including emails, downloads and software vulnerabilities. It can be sent as an email attachment, or distributed via websites hosting malicious content. Your downloads may even be infected, particularly from websites that you don’t usually trust. You can also be infected with malware via security holes might exist inside your web browser or its plug-ins. While it’s difficult to prevent malware, there are ways to detect it, and the most common is using a good up to date anti-virus application.
  9. Anti-virus software is an application that detects and prevents all kinds of malware from harming your system. It does this by downloading a list of software that’s known to be malicious and then comparing the files on your computer against this list. If there’s a match, it isolates and removes the threat from your computer. This blacklist is constantly changing – which explains why it’s important that your anti-virus software is always up to date and running regular scans. Like everything else in security – theres no gold bullet solution for preventing malware infections, and anti-virus software only forms one part of a larger defence strategy. It will however block and eliminate the most common attacks and continues to play and important role in keeping your networks and systems secure.
  10. While there’s no fool proof method for protecting yourself against malware there are many things that you can do to reduce your risk of becoming infected. Firstly, make sure that you have up to date anti-virus software running on your computer and that your system has no pending updates. Be wary of email attachments, pirate websites and downloads – and never open something that you don’t completely trust. It’s important that you report anything suspicious or that you’re not sure about to your appropriate contact - and always think before you click. If you’re ever in doubt, report it.
  11. This video shows a demonstration of a real attack using a macro trojan, and highlights the danger of opening files that you don’t trust. In this example you can see the attackers screen on the left and the victims screen on the right. At this stage the attacker has sent an email to the victim with the malicious attachment which has made it through their spam blocking systems. The victim proceeds to open up Microsoft Outlook and sees an email from a potential job applicant for a role which the company are publicly advertising. The recipient, believing this to be a resume, decides to open up the attachment to view its contents. On the left hand side we can see that the attacker is preparing his computer to receive a connection from the victim. Once the document is open the contents are blank and the victim receives two prompts. The first is to enable editing, and the second is to enable macros. Most of us would click through these prompts without a second thought, however in this case enabling the macros allows some code to run which grants the attacker full and exclusive access to the victims computer. We can see that on the left hand side the attacker is able to browse the list of programs running on the computer. Once he’s done he issues the command screenshot – which captures an image of the victims screen. From here the attacker can do anything that somebody sitting at the computer could do, all silently in the background, without them ever even knowing. This may include turning on their microphone or web camera, browsing files, stealing data or causing damage to their network. Now that we’ve seen how attackers can use malware to infiltrate your network, let’s take a look at a real life case study.
  12. On December 13th 2013 it was discovered that personal information, including names, mailing addresses and credit card information, of 40 million Target customers had been exposed to fraud. Shortly after Target hired a third party forensics team to investigate the hack, and on December 15th they confirmed that cyber criminals had infiltrated their systems. It was discovered that malware had been installed on Target’s point-of-sale network, and had been used to steal payment and credit card data. The public were completely unaware of the breach.
  13. On December 19th Target decide to publicly acknowledge the hack, saying it’s under investigation and confirming that the stolen data included payment information. In the hours following this announcement customers jam Target’s website and customer service hotlines. In response to the incident they announce a 10% discount on all in-store sales – but despite this effort their Christmas sales take a huge dive. On January 10th Target announce that an additional 70 million customers have been affected, and that their personal information was stolen during the breach. Following these events the company lower its forecast for the coming quarter, saying that sales were considerably weaker following news of the breach. On January 22nd 2014, Target announce that they’re laying off 475 employees at their headquarters in Minneapolis, and that a further 700 proposed vacancies worldwide will go unfilled.
  14. It’s certainly a frightening story – but it’s one that we can all learn from. In total 110 million customer records were exposed from stores across the United States. It was later discovered that the breach was caused to some extent by a 3rd party contractor who was fooled by a phishing email – a topic which we’ll be covering in later modules. It’s cases such as this that prove malware is more than a mere nuisance, but a genuine threat to every business.
  15. So let’s run through a recap. In this module we’ve taken a look at the various types of malware and the methods used to infect your systems. We’ve talked about some best practices for malware prevention, walked through a virtual demonstration and have finished up with a real life case study. So remember, always keep your system and its software current and up to date. Be wary of email attachments, suspicious websites and downloads. Report anything suspicious to your appropriate internal contact, and always think before you click. If you’re ever in doubt, report it