Security and Scans

What is a Computer Security Risk?

A security risk is a kind of software that places itself on your computer without your knowledge whilst, for example, browsing the internet or installing updates. Without the correct security software installed, you open your computer to many different infections.

The foremost risk would probably come from malicious code like Viruses, Spyware, and Trojan horses. These can be infected on a system or number of systems through flaws in operating system software or web browsing software. Also a common trend is a technique known as "phishing" where a spammer (someone who sends unwanted emails (often in bulk), will send an email that looks like it’s from someone else, for example, an email that looks like it has been sent by your bank/building society, and by clicking on a link/opening an attachment you may be downloading malware.  

Some forms of malware can "phone home" back to the attacker which is how botnets (A network of private computers infected with malicious software and controlled as a group without the owners' knowledge) are created which can be used to take down entire websites or be used as a launch pad to send lots of spam. 
The biggest computer security risk is the user behind the computer in most cases. That is why it is important to practice safe internet habits and keep virus protection up to date. 

A risk is a vulnerability that could and most likely will, allow loss of confidentiality, integrity, or availability of computer services where there is a possibility of the flaw being exploited. Sometimes, the risks can be natural (like power surges, floods, fires, etc.) or man-made. The man-made risks can be both intentional (hackers, thieves, spammers etc.) and unintentional (coding mistakes, mistyping, loss of data storage media).

Common types of virus

Resident viruses:

These are permanent viruses which linger in the RAM memory. In this case, they would be in a position to overcome, as well as interrupt, all operations that the system executes. Their effects include corrupting programs and files that are closed, opened, renamed or copied.

Overwrite viruses:

These viruses delete information that is in the infected files. In this case, the infected files would be rendered totally or partially useless. Unfortunately, you would only clean the infected file by deleting it completely, therefore losing original content.

Direct action viruses:

This virus replicates itself, and acts when executed. This type of virus infects files located in the folders or computer directory. It is also in directories specified in the AUTOEXEC.BAT PATH. In most cases, it is located in a hard drive’s root directory and takes particular action when the computer boots.

File infectors:

This virus infects executable files or programs. On running the programs, the virus would be activated, then be able to carry out its damaging effects. Most of the existing viruses are in this category.

Boot viruses:

This virus infects the hard disk or floppy drive’s boot sector. This would make the computer unable to boot. These viruses can, however, be avoided by ensuring that the floppy disks and hard drive is well protected. Never start the computer using an unknown disk drive or floppy disk.

Directory viruses:

This virus alters the paths indicating a file’s location. In this case, when the infected program is executed, you will be running the program unknowingly, since the virus has moved the original program and file to another location. This therefore makes it impossible to locate the moved files.

Macro virus:

This virus affects files created using particular programs or applications containing macros. The mini-programs increase their ability to automate some operations, in which case they would be performed as single actions. The user would therefore be saved the trouble of executing them singularly.

There are numerous other types of computer viruses, as they are constantly being created. It is always important that you ensure that the anti-virus software is updated so that it can be effective against new computer viruses

Common types of Malware

What is Malware?

Malware is short for malicious software, meaning software that can be used to compromise computer functions, steal data, bypass access controls, or otherwise cause harm to your computer. Malware is a broad term that refers to a variety of malicious programs. Here we will define several of the most common types of malware; adware, bots, bugs, rootkits, spyware, Trojan horses, and worms.

ADWARE

Short for advertising supported software, this type of infection automatically delivers advertisements. The most common examples of adware include pop-up ads on websites and advertisements that are displayed by software. This type of infection is usually found in free or trial software. Although most adware is sponsored or authored by advertisers, it is not uncommon for adware to come bundled with spyware that is capable of tracking your activity and stealing information. Due to this, adware becomes more dangerous.

Bot

These pesky little things are software programs created to automatically perform specific duties/tasks. While some are created for relatively harmless purposes i.e. gaming, internet auctions and online contests, they are more commonly being used for malicious use. They can be used in BOTNETS for DDoS attacks as spambots that render advertisements on websites as web spiders that scrape around server data distributing malware in disguise as legitimate search items on download sites.

Bug

In short, a bug is a flaw that produces an undesired outcome. These flaws are usually the result of human error and exist in the source or compilers of a program. Minor bugs lightly affect a programs’ behaviour and can go for long periods of time before they are discovered. As a bug manifests it can cause more significant problems i.e. crashing and/or freezing, unexpected closure and can be overcome by repairing the installation. Security bugs on the other hand, are the most severe and can allow attackers to bypass user authentication, override access privileges or even steal data.

Ransomware

This form of malware essentially holds the computer system captive whilst demanding a ransom, i.e. when you turn your computer on, a screen appears demanding a sum of money. This screen cannot be closed and you will be unable or have limited access to your computer. In some cases, the Ransomware can look very real and intimidating. Ransomware typically spreads like a normal computer worm ending up on a computer via a download or through vulnerability in a network service.

Rootkit

A Rootkit is malicious software designed to remotely access or gain control of a computer without being detected by users or security programs. If this kind of malware gets installed, it is possible for the malicious party who created it to remotely execute files, access or steal valuable information, modify your system configuration, alter software (especially security software that could detect it), install concealed malware, or control the computer as part of a botnet.

Spyware

Spyware is a function that spies on user activity without their knowledge. These types of spying capabilities can include activity monitoring, collecting keystrokes (keyloggers or keystroke loggers are software programs or hardware devices that track activity, i.e. what keys have been pressed on the keyboard), data harvesting (confidential data like account information or log in details), and more. It often has additional capabilities as well, ranging from modifying security settings of software or browsers to interfering with network connections. Spyware also exploits vulnerabilities in the host computer and spreads, attaching itself to legitimate software.

Trojan Horse

A Trojan Horse, more commonly known as a Trojan, is another type of malware that disguises itself as a normal file or program to trick you into downloading it. As with the Rootkit, a Trojan can also give a malicious party remote access to an infected computer. Once installed, an attacker has access to the infected computer and has the ability to steal data, install more malware, modify files, monitor activity (keystroke/keylogger), use the computer in botnets, and preserve anonymity of internet activity by the attacker.

Virus

This is a form of malware that is capable of copying itself and spreading to other computers through the internet/intranet, data sticks or any type of transfer method. They attach themselves to various programs and executing code (the code that defines the programs behaviour) when a user opens or launches one of the infected programs. They can also spread through script files, documents and cross-site scripting vulnerabilities in web apps. These can also be used to steal valuable information from your computer, harm host computers and networks, create botnets, and steal money and much more.

Worm

These are amongst the most common of malware types. They spread over the computer networks by exploiting operating system vulnerabilities. Typically, they cause harm to the host networks by consuming bandwidth and overloading web servers. They can also contain payloads that damage the host computer. Payloads are pieces of code written to perform actions on the affected computers by spreading the worm. These types of payloads are designed to steal data, delete files or create botnets. Worms often spread by sending mass emails with infected attachments to users’ contacts.

Computer symptoms if infected

If any of the above mentioned has found its way onto a computer, these are the typical symptoms that are likely to be found.

• Increased CPU usage
• Slow computer or web browser speeds
• Problems connecting to networks
• Freezing or crashing
• Modified or deleted files
• Appearance of strange files, programs or desktop icons
• Programs running, turning off, or reconfiguring themselves ( will often turn off firewall and /or antivirus software)
• Strange computer behaviour
• Emails/messages being sent automatically and without user knowledge (a friend receives an email/message from you that you never sent).

How to minimise security risks whilst online

First and foremost, make sure that you have up to date internet security including antivirus software installed on the computer. This will help a great deal when browsing the internet, downloading or sending emails.

• Try to avoid any free internet security software, these only come with a few elements enabled and most likely, as it’s free, have malware attached to it.
• Install anti malware/anti spyware detection software and keep it up to date. These are constantly being updated with new definitions of spyware and malware.

• Scan and update on a regular basis, both security software and malware software.
• Always be wary of any strange emails, especially ones with attachments.
• When browsing the internet, always watch what you click and install.

Read the end user licence agreement before installing any software that has been downloaded.

• Do not tell or reveal your personal information to anybody
• Turn on cookie notices in your browser or use cookie management software
• Keep a clean email address
• Install anti rootkit software
• If it looks suspicious, it most likely is. Avoid opening or downloading
• Enable phishing filtering in your web browser
• Setup a screen saver with password protection on resume
• Set the computer to sleep after a period of inactivity
• Create strong passwords, for example, use a mix of letters and numbers
• DO NOT use a root/admin account as your primary account. Create a regular account for normal use
• Setup a firewall
• Do not save passwords in your web browser
• Try not to keep any sensitive data on your computer unless it’s necessary. If you must, make sure it’s secure.
• Never submit your bank/card details or any personal information on an unsecure website
• If you use chat rooms, never use/give your proper name

Scans

Completely and correctly scanning your computer for malware like viruses, Trojan horses, rootkits, spyware, adware, worms, etc. is often a very important troubleshooting step. A simple virus scan will no longer do.

Many forms of malware cause or masquerade as seemingly unrelated PC issues like Blue Screens of Death, issues with DLL files, and other serious Windows problems so it's important to properly check your computer for malware when working to solve many problems.

Note: These are general steps to scan and remove malware from your PC and should apply to any Windows operating system.

Here's How:

    Download and run the Microsoft Windows Malicious Software Removal Tool. This free, Microsoft provided malware removal tool won't find everything, but it will check for "specific, prevalent malicious software" which is a good start.

    Here's a list of everything it will find and remove.

    Note: You may already have the Malicious Software Removal Tool installed. If so, make sure you update it using Windows Update so it can scan for the latest malware.

    Update your anti-virus and any anti-malware software installed on your computer.

    Before running a virus scan or malware scan, you need to make sure the virus definitions are up to date. These regular updates tell your anti-virus software how to find and remove the latest viruses from your PC.

    Important: Don't have a virus scan program installed? Download one now! There are several free anti-virus programs available so there's no excuse for not running one.

    Run a complete virus scan on your entire computer. If you have a dedicated malware scanner that does more than look for viruses, run a full scan using that program too.

    Note: Don't simply run the default system scan which may not include many important parts of your PC. Check that you're scanning every part of every single hard drive and other connected storage device on your computer.

    Important: Make sure any virus scan includes the master boot record, boot sector, and any applications currently running in memory. These are particularly sensitive areas of your computer that can harbor the most dangerous malware.