Sample Secondary Research Report Reviews

profileAbdull2004
SSRExample4.doc

Malware in a New Digital Age

Introduction

Malware is a consistent issue in the world today. As all network security personnel know, Malware affects many different facets of the commercial and residential sectors. From fishing emails to full-fledged computer Worms, Malware can be a devastating hazard to businesses and people. This article identifies and discusses some of the basic Malware threats and gives suggestions for ways to prevent and combat those threats.

Research and Malware Threats

The sections below discuss a variety of Malware threats and ways to combat and study them. These sections include:

· Types of Malware

· Ways that Malware attacks a system or network

· Ways to defend against Malware

· Analysis methods

Identifying potential threats is the most important way to combat these malicious attacks. A network is never completely safe from attack. However, good knowledge of network and machine vulnerabilities can lower the risk significantly and allows the study of known threats for more comprehensive defense.

Types of Malware

Malware comes in many different forms. Malware can even be grouped into categories depending on how each one interacts with a target. Contagious threats contain viruses and worms which spread through a network independently (Uppal et al, 2014). Masked threats are Malware such as trojan horses which “hide” in the background and provide access to the attacker (Uppal et al, 2014). Finally, financial threats can consist of spyware or keyloggers. These programs send information back to the creator after installing from an infected website or malicious email (Uppal et al, 2014).

The Malware listed above are the most prominent at this time. Research shows that the most used type of Malware is the Trojan Horse at approximately 70% of intrusion (Eze et al, 2018). This versatile type of Malware is mostly used to deliver or install other types of Malware (Uppal et al, 2014). This shows just how dangerous Malware can be.

Malware Plan of Attack

Malware attacks happen in a variety of ways. For example, an email arrives with a short message and a link to a website. By clicking on the link Malware has likely been placed on the machine. What is the intent for such an attack? This question can be broken down further by asking: how do these attacks affect the systems they infect?

One such attack was the WannaCry virus which infected the British health care system, effectively crippling many hospitals and emergency services (Debar, 2017). In the case of WannaCry, the attacker used Malware to cause harm on massive scale. With these important industries relying heavily on the use of the internet, an attack such as WannaCry can cause incredible damage.

Some attacks are much less damaging. In 2014, an intrusion was performed to steal Bitcoin in Canada. The Canadian Bitcoin Highjack is an example of attackers using Malware for pure financial gain. The Bitcoin network was unaffected and operated normally even during the attack (Dubar, 2017).

These examples show some of the ways that Malware is used to affect the world. Some other ways include:

· Identity theft

· Bank fraud

· Blackmail

· Election tampering

With so many different forms of attack, the trouble turns towards defense. Though many of these computer bugs have been rendered obsolete, more and more are created toward the benefit of the creator. By analyzing and defending against these programs, the internet is made a safer place.

Malware Defense

Among the network security community personal awareness is the most potent form of defense against Malware. According to Kaspersky Lab (2018), “a combination of personal awareness and well-designed protective tools will make your computer as safe as it can be.” Tools such as virus protection software are helpful in mitigating damage and vulnerability to a machine, but those tools must be up to date to be effective.

Other layers of defense exist, but most are used primarily in the business sector. These forms of defense require a look into the different defensive layers available for implementation. First, physical access to customer equipment must be managed tightly since the easiest way to affect a network or machine is physically accessing that machine with cables and a laptop (Eze et al, 2018). Limiting access to these devices can greatly reduce the likelihood of intrusion.

Next, businesses should use anti-virus software as a deterrent to outside intrusion (Eze et al, 2018). With the use of anti-virus software, the more common intrusion programs are identified, quarantined, and deleted. This kind of software is unable to guarantee 100% safety, but anti-virus programs help to mitigate the most common forms of Malware.

Finally, proactively assessing the risks and vulnerabilities of a system, and mitigating them, will greatly increase the security of a network or device (Eze et al, 2018). Finding risks and vulnerabilities is challenging since Malware becomes more sophisticated as new exploits are discovered. Only by analyzing the current known threats are security professionals able to combat the ever-growing pool of Malware.

Analyzing Malware

Analyzing existing Malware increases understanding and effectiveness of security programs and personnel. The use of static and dynamic analysis methods provides a range of ways to identify and combat different types of Malware (Uppal et al, 2014).

When using a static analysis method, the user “does not perform execution code instead it checks the control and data flow of the program to determine its characteristics (Eze et al, 2018).” Static analysis, therefore, allows the security agent to assess how the virus performs when executed and uses that data to create a solution or block to the malicious program. Luckily, security personnel have many tools in which to perform these tasks.

A dynamic analysis program, in contrast, runs the virus code in a secure environment to report how the Malware behaves (Eze et al, 2018). This method allows identification of a virus’s signature so that a counter measure is implemented. Dynamic analysis is used to overtake the limitations of a static analysis method, which does not run the code of a virus (Uppal et al, 2014).

With these analysis methods, millions of viruses have been identified and counter measures implemented. Seeing no end to malicious behavior over the internet and digital world, security professionals must always identify and combat new threats.

Conclusion

Malware is a part of all network activity. The most prominent forms of Malware spread by individuals failing to stay aware of the potential threats. As network security professionals, educating employees and advising on the risks of Malware will help in curbing the threat of intrusion into a network.

A guaranteed secure service does not exist in the digital world today. Someone will always find a way to slip into a network and wreak havoc. Diligently assessing the current threats and searching for signs of malicious software will help decrease the impact of Malware. As stated before, personal awareness and up to date anti-virus software will go a long way in combating Malware attacks.

Works Cited

Debar, H. (2018, November 25). Viruses and malware: Are we protecting ourselves adequately? Retrieved from https://theconversation.com/viruses-and-malware-are-we-protecting-ourselves-adequately-88375

Eze, A. O., & Chukwunonso, C. (2018). Malware Analysis and Mitigation in Information Preservation. IOSR Journal of Computer Engineering (IOSR-JCE), 20(4), 1st ser., 53-62.

Uppal, D., Mehra, V., & Verma, V. (2014). Basic survey on Malware Analysis, Tools and Techniques. International Journal on Computational Science & Applications, 4(1), 103-112. doi:10.5121/ijcsa.2014.4110

What is Malware and How to Defend Against It? (n.d.). Retrieved from https://usa.kaspersky.com/resource-center/preemptive-safety/what-is-malware-and-how-to-protect-against-it