{"id":175,"date":"2009-04-10T17:09:42","date_gmt":"2009-04-10T11:39:42","guid":{"rendered":"https:\/\/www.qadit.com\/blog\/?p=175"},"modified":"2009-04-15T17:18:36","modified_gmt":"2009-04-15T11:48:36","slug":"increasing-threats-from-malwares-controls","status":"publish","type":"post","link":"https:\/\/qadit.com\/blog\/increasing-threats-from-malwares-controls\/","title":{"rendered":"Increasing threats from Malwares &#8211; Controls"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"color: #000000;\">Malwares are malicious softwares that are created with a intention to damage information processing facilities. It <\/span><span style=\"color: #000000;\">is different from error in software which may cause the same end result but is not intentional. Malwares are written\u00a0with a specific purpose to cause damage. What are the controls you can use for protection<\/span><\/p>\n<p style=\"text-align: justify;\"><!--more--><\/p>\n<p style=\"text-align: justify;\">Of late there have been various news reports about malware.<\/p>\n<p style=\"text-align: justify;\"><strong>ATM Virus on the prowl<\/strong> &#8211; Russia\u2019s leading computer security labs have warned of a new software virus which infects\u00a0Automatic Teller Machines (ATM) to steal money from bank accounts of their users.The virus is reported to be a\u00a0Trojan which is able to infect the popular American Diebold brand of ATMs. Click this link for the full news article<\/p>\n<p style=\"text-align: justify;\"><a class=\"alignleft\" href=\"https:\/\/www.financialexpress.com\/news\/Software-labs-warn-of-ATM-virus\/439575\/\" target=\"_blank\">https:\/\/www.financialexpress.com\/news\/Software-labs-warn-of-ATM-virus\/439575\/<\/a><\/p>\n<p style=\"text-align: justify;\">\u00a0<\/p>\n<p style=\"text-align: justify;\"><strong>Cybercriminals Have Penetrated US Electrical Grid<\/strong><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><a class=\"aligncenter\" href=\"https:\/\/www.pcworld.in\/india\/news\/5963904\/ Spyware__Security\/Report_Cybercriminals_Have_Penetrated_US_Electrical_Grid#\" target=\"_blank\">www.pcworld.in\/india\/news<\/a><\/span><strong><br \/>\n<\/strong><\/p>\n<p style=\"text-align: justify;\">In this case Cyperspies from China, Russia and elsewhere have gained access to the U.S. electrical grid and have\u00a0installed malware tools designed to shut down service. &#8216;The cyberspies have left behind &#8220;software tools&#8221; that could\u00a0be used to destroy components of the grid, If we go to war with them, they will try to turn them on,&#8221; says \u00a0the article that quoted anonymous US national security officials.<\/p>\n<p style=\"text-align: justify;\">The threat of malwares has been there since computing systems were created but is growing signficance and has come\u00a0to be recognised as one of the major risks faced by IT Systems. When we consider businesses and the criticality of\u00a0business data, there are huge risks from malware, which has not been fully understood.\u00a0<\/p>\n<p style=\"text-align: justify;\">There are many tools that are developed for malware detection and elimination. Microsoft has also released a tool\u00a0for the Windows suite of products. Generally the following minimal controls mitigate the threat from malwares to a\u00a0large extent.<\/p>\n<p style=\"text-align: justify;\"><strong>Protect the Administrator Account<\/strong> &#8211; Use only Non Administrator account for regular activities and computing\u00a0operations. Use strong passwords to protect the administrator account\u00a0<\/p>\n<p style=\"text-align: justify;\">A bit of<strong> disparate systems<\/strong> help in controlling malware. Organisations that use\u00a0hetrogeneous OS are less susepctible\u00a0to malwares than those that use one single OS across the organisation.<\/p>\n<p style=\"text-align: justify;\"><strong>Patching<\/strong> &#8211; Most malwares have to exploit the OS, regular patching can prevent known attacks and exploits<\/p>\n<p style=\"text-align: justify;\"><strong>Configure OS and other software<\/strong> such as web browsers to obtain user permissions before running any external code.<\/p>\n<p style=\"text-align: justify;\"><strong>Disable automatic booting<\/strong> from removable devices such as USB, CD Drives<\/p>\n<p style=\"text-align: justify;\"><strong>Do not install any software on a live production server<\/strong>. Install on a test server, check for malwares before using\u00a0on production systems. Even home users can create virtual machines where they can install the software and test it\u00a0out for malwares before installing on the main computer.<\/p>\n<p style=\"text-align: justify;\"><strong>Run tools to check registry changes before and after installing software<\/strong>. Store these changes for analysis at a\u00a0later date.<\/p>\n<p style=\"text-align: justify;\"><strong>Malware detection tools <\/strong>&#8211; There are many tools in the market. Please evaluate and use one that meets your needs.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Malwares are malicious softwares that are created with a intention to damage information processing facilities. It is different from error in software which may cause the same end result but is not intentional. Malwares are written\u00a0with a specific purpose to cause damage. What are the controls you can use for protection<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[12,13,1],"tags":[46,29,45],"class_list":["post-175","post","type-post","status-publish","format-standard","hentry","category-itsec","category-network","category-uncategorized","tag-malware","tag-qadit","tag-vijay"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p9AH7Q-2P","_links":{"self":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/comments?post=175"}],"version-history":[{"count":0,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/posts\/175\/revisions"}],"wp:attachment":[{"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/media?parent=175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/categories?post=175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/qadit.com\/blog\/wp-json\/wp\/v2\/tags?post=175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}