Web security and the vexing problem of malicious software made headlines again last week when computer antivirus software maker McAfee sent out a botched update that crashed thousands of computers around the world.
Such hiccups in computer security software are rare. What isn't rare is the damage caused by the malicious software known as malware that antivirus software is designed to thwart. Last year hackers stole approximately 130 million credit card numbers, according to an Internet Security Threat Report released this month by security software maker Symantec. And in the third quarter of 2009 alone, there was over $120 million in reported losses due to online banking fraud.
David Perry, global director of education for security software maker Trend Micro, is a 22-year veteran of fighting malware. He gave TechNewsDaily a guided tour of malware's trinity, the three most likely sources of malware infection.
Ground Zero for malware is the Internet itself. The Web is by far the most common vector for malware infection, Perry said. "The most universal thing of all that's involved in cyber bad guy activity is the Web."
Users don't even have to click anything on websites to infect their computers. Just looking is enough. "Look at the web page and Bang!, you're infected without so much as a how-do-you-do," he said.
Forsaking Internet Explorer and replacing it with another browser such as Firefox won't give you much protection either, Perry said. Malware is basically equal opportunity when it comes to browsers and browser plug-ins.
A Trojan downloader is the most common malicious software to get hit with, he said. A Trojan is any program that pretends to be something other than what it really is — a downloader is a program that downloads another program. "It's like Robin Hood," Perry said. "He shot an arrow with a string over a tree branch. He used the string to drag up a rope and the rope to drag up a basket of stuff."
In the past, sites devoted to porn and file sharing were the usual suspects for being sources of infection. "It used to be true," but no longer, Perry said. “We’ve seen government agencies and the Roman Catholic Church get infected; we’ve seen railroads and airlines and the British Museum get infected. There is no safe web page.”
To make matters worse, infected computers are often asymptomatic and appear to be functioning normally. Many Trojan viruses don't slow your computer down or make your cursor go crazy. Like high blood pressure, malware is a silent killer.
"Unfortunately, there's a big cognitive disconnect on the part of users who have seen movies where the virus comes on the screen and announces that it is infecting you," Perry said. "Any malware you see today will be by design as symptom free as they can possibly make it."
The web is also where you risk contracting a drive-by bot infection that will enlist your computer as an agent in a fraudster's arsenal.
"A botnet is a collection of infected PCs that the bad guys now own," Perry said. "Botnets are the source of all spam – they're used for ID theft, extortion, industrial espionage and finding other web pages to infect. I would call it the Swiss Army Knife of the malware world. It does a lot of things for a lot of people."
Like the majority of malware software, botnets are asymptomatic. Until you wake up and find your bank account has been drained, that is, or discover that your ID has been appropriated for use by someone else.
Fake antivirus programs, which are often referred to as "scareware," is the third and arguably most irritating leg of the malware stool.
With scareware, a warning pops up on your computer screen telling you that your computer is infected and attempts to sell you a program to disinfect the program. This is the ultimate no-win situation.
If you click anywhere on the warning, you get infected. If you ignore the warning, it will never go away. And if you fall for the ruse and buy the fake antivirus program, your computer will then become another warrior in the scammer's botnet army.
"This is the one thing in the world of malware that is visible," Perry said. "If you're infected, you'll know it because it's visible and bugs you all the time."
If you think you can simply hit Alt-Control-Delete — the keyboard combination that brings up the Task Manager in Windows — to rid shut down the offending program, think again. Many malware programmers expect panicked users to do this, and create fake Task Manager windows that trigger the infection.
So how big is the problem? Over 100,000 new Trojan downloaders are created every day, Perry said. Most computer users aren't knowledgeable enough to deal with the problems themselves without help, he added. "It's too vast and too pervasive."
The best defense, he said, is to install a suite of Internet security software and religiously update it.
"For right now, count your change and watch your Ps and Qs," he said. "There's no way to easily tell that something wrong is going on on the Internet."
If you’d like to learn more about the dos sand don’t of practicing safe computing, a good place to start is 13 Ways to Protect Your System, a list of security tips from McAfee’s Threat Center.