«

»

Mar 17 2014

Oh No! You’ve Been Hacked! Pt.1

Hacked

Photo credit: Flickr/Johan.V.

Good morning,

Oh no! You’ve been hacked! No one wants to ever hear those words. But, with this technological nation, it is becoming very common. This article from NALS gives us a cyber breakdown. Check it out below.

 

“You’ve Been Hacked!

 

Introduction

You’ve been hacked! These are words no one wants to hear, but that are becoming increasingly common in our cyber-connected lives, both at work and at home. Not only are these attacks becoming more frequent, but the variety and cunning of those creating them are also increasing. Although protection against these attacks is also becoming much more sophisticated, as soon as one potential malware problem is addressed two others spring up to replace it.

 

Horror Stories

Imagine any of the following scenarios:

 

  • You are working on your computer and a message pops up that says all your files have been encrypted and demands that you pay several hundred dollars to get them back. When you check further, it turns out that your problem has spread to the entire firm.
  • Your Director of Information Services shows up in your office and says your workstation is bringing down the entire firm’s network and must be shut down immediately.
  • You get a call from the bank asking if you have ordered computer equipment totaling several hundred dollars to be delivered to Cairo, Egypt, because an unusually large charge has been made to your credit card.

 

These are all recent examples of the types of damage that malware causes.

 

We are going to explore in a little more depth the types of malware currently making the rounds, their characteristics, and what you can do to avoid being a victim. Keep in mind that many malware infections are designed to spread throughout your firm including all its users and servers. Also, many types of malware extract data from your email system so that it can then propagate by emailing itself out to your clients, friends, and coworkers to infect them.

 

Before we get into the details, we need to make a distinction between malware and phishing attacks. Malware can be loosely described as unwanted and malicious software applications that are loaded onto your machine, either through a specific action by a user or without the user’s knowledge. Phishing attacks are deceptive communications that solicit information by fooling you into revealing your personal information in some fashion. We will discuss malware first.

Malware Types

You may have heard of several types of malware including viruses, Trojans, worms, or rootkits. It is not really as important to understand the technical differences between these as it is to understand the types of damage they cause and what you can do to avoid them.

 

The types of problems that malware can cause can be lumped into one of two categories: 1) using your computer to do bad things, and 2) stealing information. These are described below.

 

USING YOUR COMPUTER TO DO BAD THINGS

 

Denial of Service Attacks

You may have heard of this problem. It occurs when malware is installed on many computers, sometimes thousands or even millions, which then begin to flood a particular third-party site on the Internet with requests for information. The flood becomes so great that the site that is attacked is so overwhelmed with these spurious requests that it cannot process legitimate requests for information. Sometimes it will crash or it will operate so slowly that it becomes unusable. Political and commercial sites are often attacked. If your computer is one of the ones doing the attacking, your system may slow down tremendously, flood your network with useless data, and slow down your entire operation—in addition to the problems caused for the site that is being attacked.

 

Sending Spam

Spammers do not send spam from their own computers; they use yours! Malware gets installed on people’s computers and then those infected computers are used to send thousands or millions of spams to others, often including everyone in your email address book. Typically, the spammers prefer to send emails from a user to the people in his or her address book because the recipients will trust the sender more than they would an email from an unknown user. In a law firm or other business, this might result in everyone in your offices receiving the same phony email from a partner or firm management.

 

Infecting Other Computers

In addition to sending spam, your computer can be used to send the same kind of message that resulted in your computer’s infection in the first place, often to everyone in your email address book along with others. Any spammer can go online and purchase hundreds of thousands of email addresses to attack and can harvest more from the victims who have been attacked.

 

 

Chaos

Some malware exists only to cause chaos to those who are infected. This might mean erasing files off your hard drive (or your entire hard drive), sending threatening email to important political figures, or doing other unsavory things to generally make your life miserable. Some malware intercepts social media communications and makes you look bad to your friends or coworkers.

 

STEALING INFORMATION

 

Acquiring Information Off Your Computer or Network

Some malware either sifts through all your files looking for valuable information and reporting it back to the thief who infected your system or the malware intercepts and records every keypress you make (keystroke logging) and sends the results back over the Internet to an unknown party.  Items typically stolen include passwords, personal information which can be used for identity theft (addresses, phone numbers, social security numbers, etc.), or other valuable information.  The criminals behind these schemes typically automate the whole process so that the stream of data being returned is automatically screened and only the pertinent information is conveniently extracted and presented to them using pattern recognition.

 

Valuable Business-Related Data

Sometimes, the goal is corporate espionage where valuable trade secrets are stolen or information is gathered that can harm a firm by making it look bad or by exposing confidential information.

 

Harvesting credit card numbers, along with stealing user IDs, passwords, and social security numbers are the holy grail to information harvesters. You have all seen stories where large numbers of IDs and passwords have been stolen or where Protected Health Information (PHI) has been exposed.

 

Harvesting Email Addresses

A sideline for data harvesters is identifying and stealing email addresses. The more email addresses a spammer has, the more people that can be sent malware. Sending 100,000 emails is no more difficult for a spammer than sending a single one. Even if the infection rate is only 1%, if 100,000 emails are sent out, 1,000 people will be affected. There is a thriving business opportunity on the web for criminals selling vetted (i.e., legitimate) emails to send malware and phishing attempts to.

 

How Does This Stuff Get on My Computer in the First Place?

 

How does malware get onto your computer in the first place? There are several routes that generally fall into one of the following categories:

 

Email

Email is the delivery mechanism for malware that can be included in attached documents or in links embedded in the email. Therefore:

 

  • Be suspicious of all email attachments—even those sent from friends or coworkers. Scan all attachments for malware before opening them.
  • Emails asking for money or personal information are almost universally dangerous.
  • Never open attachments or click on links in emails sent from unknown or untrusted senders.
  • Just because an email appears to be from someone you know, you must NOT automatically trust it.

 

Documents

As mentioned above, malware can be embedded in documents such as Microsoft Word documents or PDFs. You should always scan documents before opening them when they are received via an email or given to you on some type of portable media….”

To be continued…

Deanna Pepe Law Firm Trainer