Malicious Software

1. Malicious Software All your bytes are belong to me. Omar Hemmali 12-Mar-14

2. Objectives • Define Malicious Software and some relevant terms • Define and explain some of the types of Malicious Software • Talk about how we can get Malicious Software • Talk about ways to prevent transfer of Malicious Software • Talk about Malicious Software Laws • Show a few examples Omar Hemmali - Malicious Software

3. Malicious Software = Malware • A catch-all term to refer to any software designed to cause undesirable effects or damage to a single computer, server or computer network. • Bug = Malware? • Viruses, Worms, Trojan Horses, Spyware, Adware • High Level, Assembly, Script Omar Hemmali - Malicious Software

4. Scripting Language • A programming language that mimics user interaction with a computer. • Very easy to use. • More later. Omar Hemmali - Malicious Software

5. Virus • A segment of code designed to attach to another file, run when the file is executed, and have a mechanism to replicate itself. • Needs a host. • User must spread the virus. Omar Hemmali - Malicious Software

6. Michelangelo Virus • Discovered April 1991 • Activates on March 6th • Changes MBR • Infects Disks • Intel LANSpool Omar Hemmali - Malicious Software

7. Worms • Scripts designed to create an undesired effect and replicate. • Worm = Virus? • No host – Self contained • Internet Connectivity greatly help the spread of worms Omar Hemmali - Malicious Software

8. Benjamin Worm • Spread through File Sharing Programs • User thinks they are getting a movie or song • File is actually the worm with dummy bytes • Creates multiple copies with names of popular files • Takes a lot of hard drive space Omar Hemmali - Malicious Software

9. Code Red worm • Discovered July 2001 • Infected 300,000+ machines in 14 hours Omar Hemmali - Malicious Software

10. Code Red worm • Exploited a flaw in Microsoft’s Internet Information Server (IIS) software • Required no user interaction • Only a network connection • Compiled a list of IP addresses and then attacked them Omar Hemmali - Malicious Software

11. Trojan Horses • Masquerades as a program the user wants or finds interesting • Creates a security hole so that the attacker may gain control later on • Sometimes used as a method of implanting another form of malware Omar Hemmali - Malicious Software

12. Storm Trojan • Discovered January 17, 2007 • Sent as an email with a fictitious news story as the subject • Contains program with name similar to subject • Joins the Storm botnet structured like a peer-to-peer network • Each node is connected to 30-35 other nodes • Utilizes some of the infected machines to send spam messages containing the Trojan Omar Hemmali - Malicious Software

13. Spyware • Installed without user knowledge or consent and monitors user activities. • This is used for advertising and monitoring, or to sell to another party. • Considered invasion of privacy • Slows down the computer significantly Omar Hemmali - Malicious Software

14. Adware • Users consider malicious, legally isn’t. • Present ads catered to users surfing habits • Considered invasion of privacy • User must agree to have adware installed usually bundled with sponsored software. Omar Hemmali - Malicious Software

15. Malware Prevention • Ounce of prevention is worth a ton of cure • Stay away from illegally shared files • Not worth the hassle of losing valuable data to identity thieves • Not worth the jail time either Omar Hemmali - Malicious Software

16. Malware Protection • ALWAYS get the latest security updates • Code Red could have been prevented • Keep Anti-Virus / Anti-Spyware running • Keep a software Firewall running Omar Hemmali - Malicious Software

17. Malware laws • Developing viruses, worms, Trojans, and spyware for distribution is illegal. Period. • Florida Statute §815.06 outlines what constitutes illegal activity Omar Hemmali - Malicious Software

18. Malware laws • Software cannot destroy, injure, damage, disrupt, deny, or cause to deny service of a computer. 3rd degree felony • Above and damage exceeds $5,000. 2nd degree felony • Above and endangers a human life. 1st degree felony Omar Hemmali - Malicious Software

19. Examples Omar Hemmali - Malicious Software

20. Omar Hemmali - Malicious Software

21. Omar Hemmali - Malicious Software

22. Omar Hemmali - Malicious Software

23. Omar Hemmali - Malicious Software

24. Omar Hemmali - Malicious Software

25. Omar Hemmali - Malicious Software

26. Omar Hemmali - Malicious Software

27. Omar Hemmali - Malicious Software

28. Summary • Subtle differences between viruses, worms, and Trojans • Spyware and Adware are annoying • Prevention is easier than fixing • Easy to protect yourself Omar Hemmali - Malicious Software

29. Questions • What is one way to protect yourself from malicious software? • What was one of the viruses/worms/Trojans discussed? Omar Hemmali - Malicious Software

30. Omar Hemmali - Malicious Software

31. Sources • Fundamentals of Network SecurityBy Eric Maiwald • http://www.pcworld.com/article/id,103992-page,1/article.html • http://www.msnbc.msn.com/id/20534080/ • http://www.microsoft.com/technet/security/alerts/info/malware.mspx • http://www.caida.org/research/security/code-red/coderedv2_analysis.xml • http://www.cert.org/advisories/CA-1992-02.html • http://www.research.ibm.com/antivirus/SciPapers/White/VB95/vb95.distrib-node7.html#SECTION00041000000000000000 • http://www.webopedia.com/DidYouKnow/Internet/2004/spyware.asp Omar Hemmali - Malicious Software