Malware - THE MALWARE DOMAIN MATONIS 1 The Malware Domain...

Info iconThis preview shows pages 1–5. Sign up to view the full content.

View Full Document Right Arrow Icon
THE MALWARE DOMAIN MATONIS 1 The Malware Domain Michael Matonis SUNY Cobleskill
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
THE MALWARE DOMAIN MATONIS 2 Executive Summary: Malicious computer software also referred to as malware has been a tremendous concern in recent years for the information and network security community. Offering itself in several forms somewhat analogous to the human virus, it is becoming increasingly vexing to combat these damaging strains and has cost industries billions of dollars in funds to recover and prevent these outbreaks. What was once referred to as purely theoretical in application, computer malware has successfully exploited these rudimentary concepts which have been able to bypass seemingly acceptable means of prevention in mitigation questioning the integrity of what we deem to be sufficient security controls in our computing and enterprise networks.
Background image of page 2
THE MALWARE DOMAIN MATONIS 3 Whether it be the faults of the antivirus industry or the ignorance of the administrator the problem of computer malware has proved that we need to be literate in understanding the techniques and the effects they can have on organizations and the perceived security of our systems. Background: Sinowal and Conficker better known as Torpig/Mebroot are primary examples of malicious computer software on the internet with goals to extract financial information. Once executed, these strains of malicious computer software take control of the master boot record and assumes administrator level privileges to execute arbitrary commands that allow for full stealth control of all activity on a computer system, intervene with traditional DNS translations (the primary system for internet navigation via URLs) and provides phished banking websites to gather information on the individual’s financial account. The malware would then forward that information to a remote server located in Eastern Europe where it would reside for pickup. In late 2008, one of these servers was acquired and it was determined that over 500,000 unique instances of personal information including credit information was found. As of January 2009, it is believed that the strains of malware were currently on their 3rd generation of unique code using the same methods. Even more so, by Microsoft’s admission along with many industry detection companies, many of the strains were considered undetectable. The Malware Domain: In the infancy of computing, hackers, computer viruses and their subsequent effects were considered negligible and an annoyance. But in recent months, their presence has been cause for alarm separating the script kiddy from the cybercriminal in a fascinating dichotomy. In 2008,
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
THE MALWARE DOMAIN MATONIS 4 the emergence of new forms of computer malicious software (malware) such as Sinowal and Conficker have been characterized with new faces of malice - faces, that none other of organized crime, propagating itself to millions of systems to surreptitiously extract vital financial information in an elaborate display of electronic information reconnaissance. (Kasslin, 2009).
Background image of page 4
Image of page 5
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 17

Malware - THE MALWARE DOMAIN MATONIS 1 The Malware Domain...

This preview shows document pages 1 - 5. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online