Bureaucrats, staff, Administrators
8,157
edits
Changes
12th DNS Seal Wiki article.
{{Glossary|
|note = '''This information is brought to you by<br> [http://dnsseal.wiki/ DNS Seal], a best practices wiki for DNS'''
| logo = DNS Seal.png
|link = http://dnsseal.wiki/
}}
'''Malware''', an abbreviated version of malicious software, is "software designed specifically to damage or disrupt a system."<ref>[http://www.webopedia.com/TERM/M/malware.html Malware] at Webopedia</ref> Malware remains a major security threat for Internet users.
==Common Examples of Malware==
*'''Adware''': This software is responsible for undesired pop-ups and other kinds of aggressive advertisements.<ref name="vera">[http://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/ Common Malware Types: Cybersecurity 101] (October 12, 2012), Veracode</ref><ref>[http://en.wikipedia.org/wiki/Adware Adware] at Wikipedia</ref>
*'''Bots''': This software, once installed, operates based on orders given from an outside party, such as a hacker.<ref name="vera"/> While bots can be used for harmless purposes, they can also create large security threats if programmed to "infect a host and connect back to a central server or servers that act as a command and control (C&C) center for an entire network of compromised devices."<ref name="cisco">[http://www.cisco.com/web/about/security/intelligence/virus-worm-diffs.html What Is the Difference: Viruses, Worms, Trojans, and Bots?], Cisco Systems</ref> Bots can be used in [[Botnet Attacks|botnets]], [[DDoS Attacks|DDoS]], [[Spam|spam]] or [[Fast Flux|fast flux]] attacks. Botnets have become an increasing problem in recent years, and individuals with compromised computers may not be aware they are infected.<ref>[http://www.fbi.gov/news/news_blog/botnets-101 Botnets 101: What They Are and How to Avoid Them] (June 5, 2013), Federal Bureau of Investigation</ref>
*'''Ransomware''': this allows a malicious third party to essentially stop users from accessing their computers, often by locking the users' system or encrypting files, until a specified amount of money is paid.<ref name="micro ransom">[http://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx Ransomware], Microsoft Malware Protection Center</ref><ref name="vera"/> Sometimes attackers using ransomware will pose as legitimate authorities.<ref name="micro ransom"/> McAfee security observed a large increase in ransomware in 2012 with 200,000 new versions of it found per quarter.<ref name=state>[http://www.scmagazine.com/the-state-of-malware-2013/slideshow/1255/#5 The state of malware 2013], ''SC Magazine''</ref>
*'''Spyware''': this software monitors the user's activities and then sends the information to other "interest parties."<ref>[http://ist.mit.edu/security/malware Viruses, Spyware, and Malware], Information Systems and Technology</ref> Spyware can track a user's Internet history, log keystrokes, and steal data.<ref name="vera"/> A recent Kindsight Security Report indicated that spyware is also targeting and spreading to mobile devices.<ref>[http://www.kindsight.net/sites/default/files/Kindsight-Q2-2013-Malware-Report.pdf Kindsight security Labs MaLware report – Q2 2013] (PDF), Kindsight</ref>
*'''Trojans''': trojans or trojan horses are a fairly well known classification of malware. They disguise themselves as harmless files and downloads; however, after they are installed, they can severely hobble a computer or system by creating backdoors or distributing other malware.<ref name="cisco"/> Trojans can also harvest personal data, change files and settings, or allow a hacker to control the computer.<ref name="vera"/>
*'''Viruses''': this type of malware can spread from system to system, often by using infected attachments.<ref name="vera"/> Unlike some of the other kinds of malware listed, viruses can copy themselves or insert themselves into other programs.<ref name="cisco"/>
*'''Worms''': this malware can also replicate itself and does not "require a host program or human help to propagate."<ref name="cisco"/> Worms often use system vulnerabilities to infect computers or networks.<ref name="cisco"/>
==Public Perception==
Spreading malware is a practice that is viewed very negatively. Malware can be used to crash a computer, steal data, or freeze an entire network. As such a large threat, many users are aware of the dangers posed by malware and choose to use Internet security services. However, malware is a constantly evolving threat.
==Outcome==
Malware is dangerous and has equally severe consequences. Malware can slow down a computer's operating system, use infected computers in cyber attacks, completely disable a network, or steal private or financial data.
==Historical Use==
Malware is evolving and changing, both in the sophistication of the malware used and the type of malware favored by attackers.<ref name=state/> For example, in the late 1990s and early 2000s, worms and viruses that spread through email attachments were a major threat.<ref name="ten">[http://www.microsoft.com/security/sir/story/#!10year_timeline Evolution of Malware], Microsoft Security Intelligence Report</ref> The early 2000s also saw the emergence of using links and social engineering in emails to spread malware.<ref name="ten"/> In recent years, attention has shifted to trojans and botnets. According to a 2013 PandaLabs Report, trojans represented about 80% of computer infections.<ref name="panda">http://press.pandasecurity.com/usa/news/pandalabs-q1-report-trojans-account-for-80-of-malware-infections-set-new-record/</ref> Sophos's 2014 Threat Report highlights the growing threat that botnets pose to Internet users. The amount of malware available also seems to be growing. The same PandaLabs Security Report found that as many as 6.5 million pieces of malware were created in the first quarter of 2013.<ref name="panda"/> The increasing amount of malware available reveals the serious threat faced by Internet users.
==ICANN Policy==
*ICANN does not have a policy or reporting procedure relating to malware as "malware are outside of ICANN's scope and authority."<ref>[http://www.icann.org/en/resources/compliance/complaints/web/malware About Malware], Internet Corporation for Assigned Names and Numbers (ICANN)</ref>
*2013 [[Registry Agreement]] (RA): This agreement, which all new gTLD applicants were required to sign, states that registries must require their registrars to include policies that prohibit registrants from activities like creating and distributing malware.<ref name="registry">[http://newgtlds.icann.org/en/applicants/agb/base-agreement-contracting View the Updated Registry Agreement] (PDF), ICANN</ref> Additionally, registries are required to "periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats" and to keep security files on threats and the remedial actions taken by the registries.<ref name="registry"/>
==Legislation==
*[[Computer Fraud and Abuse Act]] (CFAA): This act makes it illegal to use "malicious code" to damage protected computers.<ref>[http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act Computer Fraud and Abuse Act] at Wikipedia</ref>
**In addition to this act, many states also have legislature that addresses computer crimes.<ref>[http://www.irongeek.com/i.php?page=computerlaws/state-hacking-laws State Hacking/Computer Security Laws], IronGeek.com</ref>
*Many other countries also have laws that address malware and other computer crimes.<ref>[http://www.infosecisland.com/blogview/16567-What-the-Law-Says-about-Distributing-a-Virus-or-Malware.html What the Law Says about Distributing a Virus or Malware] by Craig S. Wright (September 20, 2011), Infosec Island (Wired Business Media)</ref> In some countries, it is illegal not only to use malware but to have or create malware, such as in Japan.<ref>[http://resources.avg.com.au/business/japan-makes-malware-writing-illegal/# Japan makes malware writing illegal], AVG Australia</ref>
*In 2004, the Computer Software Privacy and Control Act was introduced in congress with the goal of addressing adware and spyware, particularly.<ref name="paper">[http://www.sans.org/reading-room/whitepapers/legal/federal-computer-crime-laws-1446 Federal Computer Crime Laws] by Maxim May (June 1 ,2004), SANS Institute</ref><ref name="track">[https://www.govtrack.us/congress/bills/108/hr4255#summary H.R. 4255 (108th): Computer Software Privacy and Control Act], Govtrack.us</ref> However, the bill was not enacted.<ref name="track"/>
==Additional Resources==
*Read Microsoft's [http://www.microsoft.com/security/sir/story/#!10year Malware, a Ten Year Review]
*See [http://www.kindsight.net/sites/default/files/Kindsight-Q2-2013-Malware-Report.pdf Kindsight Security Lab's Malware Report: Q2 2013]
*View [http://www.sophos.com/en-us/medialibrary/PDFs/other/sophos-security-threat-report-2014.pdf Sophos Security Threat Report for 2014]
==Related Articles==
*[[Botnet Attacks]]
*[[DDoS Attacks]]
*[[Pharming]]
*[[Phishing]]
*[[Spam]]
==References==
<references/>
[[Category: Bad Practice]]
|note = '''This information is brought to you by<br> [http://dnsseal.wiki/ DNS Seal], a best practices wiki for DNS'''
| logo = DNS Seal.png
|link = http://dnsseal.wiki/
}}
'''Malware''', an abbreviated version of malicious software, is "software designed specifically to damage or disrupt a system."<ref>[http://www.webopedia.com/TERM/M/malware.html Malware] at Webopedia</ref> Malware remains a major security threat for Internet users.
==Common Examples of Malware==
*'''Adware''': This software is responsible for undesired pop-ups and other kinds of aggressive advertisements.<ref name="vera">[http://www.veracode.com/blog/2012/10/common-malware-types-cybersecurity-101/ Common Malware Types: Cybersecurity 101] (October 12, 2012), Veracode</ref><ref>[http://en.wikipedia.org/wiki/Adware Adware] at Wikipedia</ref>
*'''Bots''': This software, once installed, operates based on orders given from an outside party, such as a hacker.<ref name="vera"/> While bots can be used for harmless purposes, they can also create large security threats if programmed to "infect a host and connect back to a central server or servers that act as a command and control (C&C) center for an entire network of compromised devices."<ref name="cisco">[http://www.cisco.com/web/about/security/intelligence/virus-worm-diffs.html What Is the Difference: Viruses, Worms, Trojans, and Bots?], Cisco Systems</ref> Bots can be used in [[Botnet Attacks|botnets]], [[DDoS Attacks|DDoS]], [[Spam|spam]] or [[Fast Flux|fast flux]] attacks. Botnets have become an increasing problem in recent years, and individuals with compromised computers may not be aware they are infected.<ref>[http://www.fbi.gov/news/news_blog/botnets-101 Botnets 101: What They Are and How to Avoid Them] (June 5, 2013), Federal Bureau of Investigation</ref>
*'''Ransomware''': this allows a malicious third party to essentially stop users from accessing their computers, often by locking the users' system or encrypting files, until a specified amount of money is paid.<ref name="micro ransom">[http://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx Ransomware], Microsoft Malware Protection Center</ref><ref name="vera"/> Sometimes attackers using ransomware will pose as legitimate authorities.<ref name="micro ransom"/> McAfee security observed a large increase in ransomware in 2012 with 200,000 new versions of it found per quarter.<ref name=state>[http://www.scmagazine.com/the-state-of-malware-2013/slideshow/1255/#5 The state of malware 2013], ''SC Magazine''</ref>
*'''Spyware''': this software monitors the user's activities and then sends the information to other "interest parties."<ref>[http://ist.mit.edu/security/malware Viruses, Spyware, and Malware], Information Systems and Technology</ref> Spyware can track a user's Internet history, log keystrokes, and steal data.<ref name="vera"/> A recent Kindsight Security Report indicated that spyware is also targeting and spreading to mobile devices.<ref>[http://www.kindsight.net/sites/default/files/Kindsight-Q2-2013-Malware-Report.pdf Kindsight security Labs MaLware report – Q2 2013] (PDF), Kindsight</ref>
*'''Trojans''': trojans or trojan horses are a fairly well known classification of malware. They disguise themselves as harmless files and downloads; however, after they are installed, they can severely hobble a computer or system by creating backdoors or distributing other malware.<ref name="cisco"/> Trojans can also harvest personal data, change files and settings, or allow a hacker to control the computer.<ref name="vera"/>
*'''Viruses''': this type of malware can spread from system to system, often by using infected attachments.<ref name="vera"/> Unlike some of the other kinds of malware listed, viruses can copy themselves or insert themselves into other programs.<ref name="cisco"/>
*'''Worms''': this malware can also replicate itself and does not "require a host program or human help to propagate."<ref name="cisco"/> Worms often use system vulnerabilities to infect computers or networks.<ref name="cisco"/>
==Public Perception==
Spreading malware is a practice that is viewed very negatively. Malware can be used to crash a computer, steal data, or freeze an entire network. As such a large threat, many users are aware of the dangers posed by malware and choose to use Internet security services. However, malware is a constantly evolving threat.
==Outcome==
Malware is dangerous and has equally severe consequences. Malware can slow down a computer's operating system, use infected computers in cyber attacks, completely disable a network, or steal private or financial data.
==Historical Use==
Malware is evolving and changing, both in the sophistication of the malware used and the type of malware favored by attackers.<ref name=state/> For example, in the late 1990s and early 2000s, worms and viruses that spread through email attachments were a major threat.<ref name="ten">[http://www.microsoft.com/security/sir/story/#!10year_timeline Evolution of Malware], Microsoft Security Intelligence Report</ref> The early 2000s also saw the emergence of using links and social engineering in emails to spread malware.<ref name="ten"/> In recent years, attention has shifted to trojans and botnets. According to a 2013 PandaLabs Report, trojans represented about 80% of computer infections.<ref name="panda">http://press.pandasecurity.com/usa/news/pandalabs-q1-report-trojans-account-for-80-of-malware-infections-set-new-record/</ref> Sophos's 2014 Threat Report highlights the growing threat that botnets pose to Internet users. The amount of malware available also seems to be growing. The same PandaLabs Security Report found that as many as 6.5 million pieces of malware were created in the first quarter of 2013.<ref name="panda"/> The increasing amount of malware available reveals the serious threat faced by Internet users.
==ICANN Policy==
*ICANN does not have a policy or reporting procedure relating to malware as "malware are outside of ICANN's scope and authority."<ref>[http://www.icann.org/en/resources/compliance/complaints/web/malware About Malware], Internet Corporation for Assigned Names and Numbers (ICANN)</ref>
*2013 [[Registry Agreement]] (RA): This agreement, which all new gTLD applicants were required to sign, states that registries must require their registrars to include policies that prohibit registrants from activities like creating and distributing malware.<ref name="registry">[http://newgtlds.icann.org/en/applicants/agb/base-agreement-contracting View the Updated Registry Agreement] (PDF), ICANN</ref> Additionally, registries are required to "periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats" and to keep security files on threats and the remedial actions taken by the registries.<ref name="registry"/>
==Legislation==
*[[Computer Fraud and Abuse Act]] (CFAA): This act makes it illegal to use "malicious code" to damage protected computers.<ref>[http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act Computer Fraud and Abuse Act] at Wikipedia</ref>
**In addition to this act, many states also have legislature that addresses computer crimes.<ref>[http://www.irongeek.com/i.php?page=computerlaws/state-hacking-laws State Hacking/Computer Security Laws], IronGeek.com</ref>
*Many other countries also have laws that address malware and other computer crimes.<ref>[http://www.infosecisland.com/blogview/16567-What-the-Law-Says-about-Distributing-a-Virus-or-Malware.html What the Law Says about Distributing a Virus or Malware] by Craig S. Wright (September 20, 2011), Infosec Island (Wired Business Media)</ref> In some countries, it is illegal not only to use malware but to have or create malware, such as in Japan.<ref>[http://resources.avg.com.au/business/japan-makes-malware-writing-illegal/# Japan makes malware writing illegal], AVG Australia</ref>
*In 2004, the Computer Software Privacy and Control Act was introduced in congress with the goal of addressing adware and spyware, particularly.<ref name="paper">[http://www.sans.org/reading-room/whitepapers/legal/federal-computer-crime-laws-1446 Federal Computer Crime Laws] by Maxim May (June 1 ,2004), SANS Institute</ref><ref name="track">[https://www.govtrack.us/congress/bills/108/hr4255#summary H.R. 4255 (108th): Computer Software Privacy and Control Act], Govtrack.us</ref> However, the bill was not enacted.<ref name="track"/>
==Additional Resources==
*Read Microsoft's [http://www.microsoft.com/security/sir/story/#!10year Malware, a Ten Year Review]
*See [http://www.kindsight.net/sites/default/files/Kindsight-Q2-2013-Malware-Report.pdf Kindsight Security Lab's Malware Report: Q2 2013]
*View [http://www.sophos.com/en-us/medialibrary/PDFs/other/sophos-security-threat-report-2014.pdf Sophos Security Threat Report for 2014]
==Related Articles==
*[[Botnet Attacks]]
*[[DDoS Attacks]]
*[[Pharming]]
*[[Phishing]]
*[[Spam]]
==References==
<references/>
[[Category: Bad Practice]]