A Case Study on Malware

By:Jill Lehman

Tracy Clegg

Clayton Nichols

Nattapon Nattigon

Robert Loggins

Malware - Defined

Short for “malicious software.” Designed to infiltrate a system without

owner’s consent. General term that defines a variety of

hostile, intrusive, or annoying program code.

Creator’s perceived intent defines

software as malware.

Pop-Up Example

Malware - Origins

A 2008 report released by Symantec suggested: Releases of malicious code may be exceeding rates of

legitimate software applications.

Primarily released through the Internet. Email Web sites

Shaoxing, China was named the malware capital of the world by Symantec in 2010.

Malware - Nature

Early malware, including worms & viruses were written as pranks.

Today, most malware possesses intent to destroy systems including: Files Web pages

• Estimated that about 1 in 10 web pages contain malicious code.

Malware – Nature (cont.)

Many others create “zombie computers” that aid in advertising for profit motive. Tells infected computers to send spam email.

Spyware is a form of malware. It monitor’s web browsing & displays

unsolicited advertisements. Do not spread like viruses.

• Simply exploit security holes

Cybercrime Laws – U.S.

Basis of laws against malware include: Hacking Copyright Infringement Child Porn Privacy Fraud Destruction of property (Denial-of-Service attacks) Harassment Identity theft

Cybercrime Laws – U.S.

The basis for cybercrime laws is large in scope. As endless as non-cyber crime laws.

U.S. laws continually get passed at the state & Federal levels of government. Protect users of the web.

• Civil and criminal means of prosecution

Example: http://www.informationweek.com/news/security/cybercrime/showArticle.jhtml?articleID=210602182

Cybercrime Laws – U.S.

US cybercrime laws are catching up. Some that help to combat malware are not as

archaic. However, there are still hurdles when the

courts are out touch with reality.• Example: Virginia anti-spam law struck down by

the state’s Supreme Courto Said it violated 1st Amendment right to freedom of

speech.o http://www.cybercrimelaw.org/2008/09/12/virginia-

supreme-court-strikes-down-states-anti-spam-law/

Cybercrime Laws - World Technology is constantly changing.

Creates concern that at any given time, cybercrime legislation falls out of date.

Large amounts of malware originate in foreign countries. Extradition laws not always up-to-date. New treaties help to combat problems.

• http://www.arnnet.com.au/article/345145/efa_cybercrime_treaty_will_trigger_tougher_laws/

Example Case Study: “Google Claims Vietnam Malware Attack”

Google said malicious software has been used to spy on Vietnamese computers

The malware targeted tens of thousands of people.

The malware has been used to attack blogs containing messages of political dissent.

Issues enabling this Behavior

Security Issues

The prevalence of broadband internet has

allowed for a wave of malware solely

intended to reap benefits.

Downloading programs & sharing software

has created opportunities for malware

Security Issues Continued

Use of a standard password for access control can create vulnerabilities

A large percentage of users do not change their passwords from that established by the manufacturer causing the passwords to be easily obtainable

Public access points, such as airports & coffee shops, offer little or no security.

Malware Penalties in General Penalties are depend on the level of severity of the attack.

In some cases, credit & debit card data is stolen; this level of mayhem constitutes malware fraud felony, which can lead the perpetrators to serve numerous years in prison as well as pay enormous fines.

Eg. Steal data such as credit card inf., login to banks and passwords, etc.

If a site has links to malware sites, then the link is removed from their name in the SERPs (search engine results pages).

This feature is designed so that the site owners become aware of the malware issue.

What is a Google penalty?

Google Penalty Types There are various penalty types that have been found as

follows;I. The “Minus Thirty” Penalty II. The “950 Penalty”III.The Position 6 Penalty

Drop in rankings to the end of the listings for that keyword

A Google penalty is a punishment Google gives to sites they feel do not meet certain quality standards.

This can spell disaster for companies who run their business through their web sites.

Above google penalties can be fixed by following google’s webmaster guidelines.

How these penalties related to this case?

Very difficult to identify the criminals who spy on Vietnamese’s websites as the other side are Chinese government.

Using Malware for damaging purposes:

To attack blogs containing messages of political dissent. (Invasion of Privacy)

Vietnam is lack of laws & investigators with the requisite experience or even the equipment to collect evidence to fight cyber crime which include malware through google.

The U.S. Penalties on Cyber Crime

Compromising Confidentiality: 18 U.S.C. § 1030(a)(2)(c)

Intentionally access a computer without or in excess of authorization

Penalties: Violations of section 1030(a)(2) are misdemeanors punishable by a fine or a one-year prison term, unless aggravating factors apply.

A violation or attempted violation of section 1030(a)(2) is a felony if: committed for commercial advantage or private financial gain, committed in furtherance of any criminal or tortuous act in violation of the Constitution or laws of the United States or of any State, or the value of the information obtained exceeds $5,000.

Conclusion about the Penalties

Historical Data: Computer crime cost Vietnam US$1.76 billion in 2008

Vietnam should have security systems& computer crime laws as fast as possible by using the U.S. laws as a benchmarking.

With penalties, cyber crime might be reduce.

Better Economic Situation as investors will have more confidence to invest in Vietnam bec less cyber crime issues.

Source:http://www.straitstimes.com/Breaking%2BNews/SE%2BAsia/Story/STIStory_354440.html

Effects on Management

Must be aware at all times of potential attacks.

Must make employees aware of the dangers of malware.

Must take preventive measures against malware attacks.

Must be aware of the legal & reporting measures to stop the spread of malware.