June 8, 2015
The Three Most Common Venues of Infection
Peer-to-peer (P2P) software has a long, controversial history riddled with issues of misuse. While P2P software is not inherently bad, it is often used by individuals wishing to illegally acquire media (movies, music, other software) for free. As such, the type of person who uploads this pirated content to share with others often engages in other unethical practices, such as backdooring their uploads with viruses and malware. When you or someone in your organization uses P2P software to download pirated media, you put both your machine and environment at great risk. Using these types of software for illegitimate purposes is much akin to wandering down a dark alley in a bad part of town: you’re asking for trouble!
Solution: Avoid using P2P software entirely. As an IT administrator, prohibit its use within your organization.
Drive-by download, like malware, is an umbrella term used to describe any type of situation where software is installed and the user is unaware of the software’s intent. This can happen a number of different ways. If you are browsing a shady website, the website may attempt to automatically and silently exploit third party applications used by your web browser to display content. Alternatively, you could visit a site that suggests you have a problem with your computer and that you need to download and install a cleaning tool to fix the problem. Both of these situations lead to an infection.
Solution: Keep your computers well patched with frequently updated applications like Adobe Flash. More importantly, avoid unscrupulous websites that may attempt to take advantage of your machine.
Infected email attachment
An increasingly popular method of distributing malware involves sending victims an infected email attachment. These are frequently sent out under the guise of an official, well-known organization and appear to have urgency requesting the victim’s attention. For example, you may receive an email appearing from UPS suggesting that you have an outstanding invoice that needs to be paid, with an attached PDF allegedly describing the charge. The PDF is actually infected, and opening it results in the compromise of your computer.
Solution: Utilize an effective spam filter to prevent the delivery of these types of emails. Additionally, learn how to spot spoofed and infected emails through an IT Security Awareness Training session from a reputable vendor.
IT Security is a global landscape that is constantly evolving. With increasing levels of connectivity, security events that happen on the other side of the planet can reach you in seconds. While there is no practical and sure-fire way to entirely eliminate the threat of malware infection, providing user education on infection venues and easy-to-learn solutions will significantly lessen the likelihood you and your organization run into problems.
For more information on malware, including outbreak containment, incident response, and risk assessment services please contact the OST Security Practice by emailing firstname.lastname@example.org