Malwares are malicious softwares that are created with a intention to damage information processing facilities. It is different from error in software which may cause the same end result but is not intentional. Malwares are written with a specific purpose to cause damage. What are the controls you can use for protection
Of late there have been various news reports about malware.
ATM Virus on the prowl – Russia’s leading computer security labs have warned of a new software virus which infects Automatic Teller Machines (ATM) to steal money from bank accounts of their users.The virus is reported to be a Trojan which is able to infect the popular American Diebold brand of ATMs. Click this link for the full news article
Cybercriminals Have Penetrated US Electrical Grid
In this case Cyperspies from China, Russia and elsewhere have gained access to the U.S. electrical grid and have installed malware tools designed to shut down service. ‘The cyberspies have left behind “software tools” that could be used to destroy components of the grid, If we go to war with them, they will try to turn them on,” says the article that quoted anonymous US national security officials.
The threat of malwares has been there since computing systems were created but is growing signficance and has come to be recognised as one of the major risks faced by IT Systems. When we consider businesses and the criticality of business data, there are huge risks from malware, which has not been fully understood.
There are many tools that are developed for malware detection and elimination. Microsoft has also released a tool for the Windows suite of products. Generally the following minimal controls mitigate the threat from malwares to a large extent.
Protect the Administrator Account – Use only Non Administrator account for regular activities and computing operations. Use strong passwords to protect the administrator account
A bit of disparate systems help in controlling malware. Organisations that use hetrogeneous OS are less susepctible to malwares than those that use one single OS across the organisation.
Patching – Most malwares have to exploit the OS, regular patching can prevent known attacks and exploits
Configure OS and other software such as web browsers to obtain user permissions before running any external code.
Disable automatic booting from removable devices such as USB, CD Drives
Do not install any software on a live production server. Install on a test server, check for malwares before using on production systems. Even home users can create virtual machines where they can install the software and test it out for malwares before installing on the main computer.
Run tools to check registry changes before and after installing software. Store these changes for analysis at a later date.
Malware detection tools – There are many tools in the market. Please evaluate and use one that meets your needs.