Report on Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

Malware of Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

The malware represents the malicious software which is written and developed to damage the workability as well as the functionality of the software and the computer systems. These are generally written and developed to attack the security of the systems and the network systems of the company to steel the data and confidential information. Such kind of malicious scripts is also used to bypass the access controls as well as harm to the host of the computer. With the passage of time, the attackers, data breachers as well as hackers have developed a variety of scripts of malware (Regan, 2019). There are several types of malware present throughout the world that can be most dangerous as well as harmful for the businesses and many times many companies cannot survive after attacking the system. A wide variety of malware is available in the world with the different names and forms. Each of this malware type has different types of characteristics. Every type of malware has its own characteristics as well as its power to damage and affect the system. In this paper, some significant forms of malware are discussed (Rouse, 2020)

Three Forms of Malware

Worms of Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

Worms are most common types of the malware and can be very harmful for the network as well as very harmful for the host computers. It is important to understand that Worms have never been involved in any kind of legitimate use; rather it was a type of malware, which always had bad intention to corrupt the systems. The worms can be damageable scripts which spread through the computer networks. Once the worms attack on the network and enter in the network system for the computers, it makes the operating system vulnerable by damaging the firewalls and the security protocols of the operating systems installed on the servers and the computers. The main function of the worms is to harm the networks or harm to the complete computer networks through the consumption of the network bandwidth (Norton Antivirus, 2020). One thing is noticeable here is that the worms uses the bandwidth of the computer network system which cause of the low speed. Furthermore, the worms consume also the bandwidth of the network in which various computer are connecting and receiving or the transmitting the data, they also harm those connected devices and their functions. In addition to consumption of the bandwidth of the network, the worms badly damage the speed of the internet and cause of overloading of the web servers (Zhongyang et al., 2013).

Worms have another element that is called payload which can be very dangerous and harmful to damage the host computers connected in the network. The payloads are basically the parts or elements of the codes which are written to perform the actions on those computers which are affected already by the worm because worms have the ability to enter in the computers which are connected to the network. The payloads are commonly developed and written to attack and enter in the computers to steal the important information from the computer, the delete the significant files from the computer or the generate the botnets into the host or other computers connected to the network (Zhou, 2008).

Mostly the computer worms can also be characterized as the type of the computer viruses. Most of the people also said the virus while there are many characteristics exist that makes the computer worms different form the regular viruses. The main difference between the regular viruses as well as the computer worms is that the computer viruses completely rely on the activities of humans to go further in the computer and networks while the computer worms are very powerful and intelligent. They have the ability to self-replicate and spread independently. The main source of spreading the computer worms are the use of the mass emails containing the infected attachments. When the user or receivers click or download the attachment the worms will be activated (Zhou and Inge, 2008).

Trojan horses of Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

The Trojan horses are commonly called as the Trojan and it is also the form of malware. There is no history to trace which may show that Trojan horses were developed or used for any legitimate purpose. It is basically the mask. It can be spread by using a trick in which the user is persuaded to download the normal file into the computer or the computing device and install. The file is shown and represented as normal in this trick but this file contains the malicious malware scripts which will be activated automatically when the user of the computer installs it on the computer (REGAN, 2019). A malicious party remote access can be given by Trojan house to the infected computer. In simple words, when the user of the computer will download and install in the computer, the malware will get the access of the computer and is ready to steal or delete the information from the user’s computer remotely (Sheldon and Wallau, 1998).

The Trojan horses are basically the malicious scripts which are written by the attacker and he started trick on the computer users to install the file into the computer. Once the hacker has gotten the access to the infected computer or the device, he can easily steal the confidential information form the computer such as the electronic money, emails and passwords, as well as the financial data. It is also possible that the user can also install the additional malware into the computer and modify the botnets to damage the computing device badly. Furthermore, the Trojan horses can also be used to perform illegal tasks through the infected computers such as hacking any account, trying to take access of any bank or to perform other dangerous criminal acidity (Kang, 2004).

Rootkit of Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

The rootkits are also the types of malware which are the malicious scripts to get access of the computer user remotely to control the infected computer without being identified by the user of the computer or any antivirus software. Once rootkit has been installed into the computer, it will be easy for the attacker to take full control of the computer. After installing the rootkit into the computer, the main task of the attacker is started in which he can easily execute several scripts, modify the botnets, steal the confidential information, change the configuration of the computer, as well as install other types of malwares into the computer to perform various actions automatically (Riley, Jiang and Xu, 2009).

Legitimate Development and Use of Malware

The developers of computer malware can use the technique of repacking to develop new type of malware to attack on the computers and the mobile devices. Nowadays, mostly developers of the malware are developing the malware for the Android mobile devices by using the repacking method. The repacking technique or process contains the decompiling or disassembling the common application which can be pad or totally free as well as it can be downloaded from the Appstore of the mobile. In this step, the malware code is inserted and appended, reassembled the trojan application, as well as this application will be distributed by those App stores which are not much common and secured. The developers of the malware use the tools which are used in the reengineering to perform the repacking technique on the application. The diagram which is given below, is illustrating the whole procedure (Ollmann, 2008).

                                                                                                                           

 

Steps Taken to counter the use of the malware

 

There are some steps which can be taken to counter the use of the malware. These steps can easily save the computer and the computing device and prevent to give remote access to the hacker or attackers.

·         Only Use Trusted Antivirus and Malware Software

Every computer and mobile users have used trusted antimalware and antivirus software to protect the computer. The trusted antivirus is because there are several fake or non-trusted antivirus software present which have no ability to detect and quarantine the viruses. The trusted software has the ability to detect the malicious scripts as well as files from the computer. There are some significant antimalware and antiviruses are given in the diagram. They are trusted and helpful to increase the security of the operating system.

 

                                                                                                                 

·         Configure Regular Scans and Monitor Settings.

After installing any software into the computer or the computing device, every user of mobile and computer should have to scan his computer on daily basis as well as must have to monitor the settings and configuration of the computer.

 

                                                                                                                      

·         Always Update Your Operating System

Every operating system provides the updates for the computer and the computing devices, but most of the computer users do not focus much on the updates of the computer as well as they mostly turn off their updates. They should not turn off their computer’s operating system updates because the updates have the latest software and scripts for the operating systems which enhances the security of the computer device.

 

·         Rely Only on Secure Networks (Encrypted)

If the user of the computer is using the internet wirelessly then he should always rely only on the trusted network which will be encrypted because those networks create hurdles for attackers to get access.

                                                                                                                                   

 

Question 3

False Positives in the Application of Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

The false positive comes into shape at the time of the scanning of the web application firewall or at the time of the intrusion prevention system which cause of creating the vulnerabilities in the security system of the computer. The false positive is the basically an alarm that represents any kind of vulnerability into the computer system. It can be seen into the computer when the windows firewall started scanning and at that time if the computer finds any kind of threat then the security system will automatically alert the user to quarantine the threat. The interesting part of this concept is that vulnerability or threat identified and notified by system security actually does not exist. It means that the security system has warned about a threat, and one may get worried, but when a deep investigation is done, it is noticed that there was no such error or threat. If an opposite happens, where the system does not show a threat, but it actually exists, then it is called false negative (Potdar, 2019).

Examples of a False Positive of Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

There are some significant examples of false positive which are given in this document. They are always in front of the user but most of the time the user is unable to understand and have no knowledge that what is the false positive. One good and detailed example of false positive is file integrity monitoring software, which will alert for a change in a file, and one may think that an intrusion is made by any malware, but in reality, the patch of the system can come up with various changes in the files, which is never a threat of any kind. The other example could be shown by a window firewall regarding a threat from the internet, but actually it was shown because some of the software was outdated, and it needed an update. The third example to understand false positive is a general one to get the idea in the simplest manner. If someone has been given the report of having cancer, whereas it was a wrong report, and the other person did not have cancer (Violino, 2015).

·         Unaffordable Web Application Security because of False Positives

·         Ignoring the Real Web Application Vulnerabilities

·         Lack of knowledge from Pen Testers means Scanners Report a lot of False Positives

·         Web Application Security Scanner vs Penetration Tester

·         Lack of knowledge from Pen Testers means Scanners Report a lot of False Positives

According to studies, false positives are relatively better than false negatives even than both are unacceptable in the systems. False-positive at least respond positively to the security scanners for the identification of vulnerabilities in a system. Furthermore, false positives enable the signature triggered by false alerts. However, issues concerning false alerts and vulnerabilities can be handled by reducing false positives in intrusion detection systems. Apparently, it can make a network based instruction detection system strong by comprising filters containing major elements of the alerting system. Although, the proposed approach of abnormalities control will reduce the total percentage of false positives recorded in a system and result in the increase of system functionality (Smet et al., 2004).  

Conclusion of Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

It is concluded that the document is showing about the malware and its type which is totally based on the cybersecurity. Malware is the basically representing the malicious software which are written and developed to damage the workability. The attackers, data breachers as well as hackers have developed a variety of scripts of malwares. The worms can be damageable scripts which spread through the computer networks. One thing is noticeable here is that the worms uses the bandwidth of the computer network system which cause of the low speed. Worms have another element that is called payload which can be very dangerous and harmful to damage the host computers connected in the network. The trojan horses are commonly called as the trojan. When the user of the computer will download and install in the computer, the malware will get the access of the computer and is ready to steal or delete the information from the user’s computer remotely. Once the hacker has gotten the access to the infected computer or the device, he can easily steal the confidential information form the computer such as the electronic money, emails and passwords, as well as the financial data. The developers of computer malware can use the technique of repacking to develop new type of malware to attack on the computers and the mobile devices. The false positive comes into shape at the time of the scanning of the web application firewall or at the time of the intrusion prevention system which cause of creating the vulnerabilities in the security system of the computer.

 References of Cyber-security, cyber-crime, cyber-warfare security and forms of Malware

Kang, J. (2004) ' Trojan horses of race. Harv. L. Rev.', trojan, vol. 118, p. 1489.

Norton Antivirus (2020) What is a computer worm, and how does it work?, [Online], Available: https://us.norton.com/internetsecurity-malware-what-is-a-computer-worm.html [30 March 2020].

Ollmann, G. (2008) 'The evolution of commercial malware development kits and colour-by-numbers custom malware. ', Computer Fraud & Security, pp. 4-7.

Potdar, (2019) The Curious Case of False Positives in Application Security, [Online], Available: https://dzone.com/articles/the-curious-case-of-false-positives-in-application [30 March 2020].

REGAN, J. (2019) What is a Trojan Horse? Is it Malware or Virus?, [Online], Available: https://www.avg.com/en/signal/what-is-a-trojan [30 March 2020].

Regan, (2019) What is Malware? How Malware, [Online], Available: https://www.avg.com/en/signal/what-is-malware [30 March 2020].

Riley, R., Jiang, X. and Xu, D. (2009) ' Multi-aspect profiling of kernel rootkit behavior. ', In Proceedings of the 4th ACM European conference on Computer systems, pp. 47-60.

Rouse, (2020) malware (malicious software), [Online], Available: https://searchsecurity.techtarget.com/definition/malware [30 March 2020].

Sheldon, R.A. and Wallau, M. (1998) 'Heterogeneous catalysts for liquid-phase oxidations: philosophers' stones or Trojan horses?', Accounts of Chemical Research, pp. 485-493.

Smet, , , Moreau, , Engelen, , Timmerman, D., Vergote, I. and Moor, , (2004) 'Balancing false positives and false negatives for the detection of differential expression in malignancies', Br J Cancer., vol. 91, no. 6, pp. 1160–1165.

Violino, (2015) Security tools' effectiveness hampered by false positives, [Online], Available: https://www.csoonline.com/article/2998839/security-tools-effectiveness-hampered-by-false-positives.html [30 March 2020].

Zhongyang, Y., Xin, Z., Mao, B. and Xie, L. (2013) 'DroidAlarm: an all-sided static analysis tool for Android privilege-escalation malware.', In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security, pp. 353-35.

Zhou, Y. (2008) ' Malware detection using adaptive data compression. ', In Proceedings of the 1st ACM workshop on Workshop on AISec, pp. 53-60.

Zhou, Y. and Inge, W.M. (2008) 'Malware detection using adaptive data compressionpp.', In Proceedings of the 1st ACM workshop on Workshop on AISec, pp. 53-60).