Teknos

View Original

The Origins and Implications of Malware

Vivian Gao & Rachel Huang Thomas Jefferson High School for Science and Technology

The Internet is home to millions of malicious links and files. Users can accidentally install malware onto their computers by downloading or clicking on one of these files. Malware is software that is specifically designed to damage and gain unauthorized access to a computer. In 2020 alone, over 33 million malicious files were detected on the Internet, evidence that malware has recently become a major cyber threat [6].

Malware originated in the 1940s as a mere theory when mathematician John von Neumann theorized that a computer program could reproduce. Science fiction enthusiasts jumped on this idea and built an entire world around the concept, creating software games and books where “organisms” would fight for control of a laptop and uncontrollably infect software [14]. Approximately forty years later, American computer scientists gave this concept a name: “computer virus,” highlighting the many similarities between technological and biological viruses, both of which require a host entity and have the ability to spread rapidly.

The Creeper system was the first official computer virus and was built as an experiment [1]. Created by the company Raytheon BBN, the virus could fill up a hard drive and render its host inoperable. Other experimental computer viruses included the Brain and the Morris, which were initially designed with positive intentions, such as determining the size of the internet and protecting against copyright [3]. From here, viruses grew in complexity, transforming into the tools of mass destruction we know today. 

The most well-known form of malware is a virus, which differs from other forms of malware due to its self-replicating abilities. Once a virus is activated through a host, it can replicate by infecting other hosts on the device and even spread to other devices [2]. This ultimately causes damaging effects, such as harming system software and corrupting data. 

Another type of malware is a Trojan horse, named after the trick that allowed the ancient Greeks to capture the city of Troy. A Trojan horse is typically installed unknowingly onto a user’s computer through email attachments, downloads, or instant messaging. After the computer is infected, sensitive information such as personal account passwords and private conversations can be stolen without the user’s knowledge [11]. One example of a Trojan horse is ZeuS/Zbot, which records your keystrokes as you log into accounts to steal your credentials and account balance [13].

Powering these viruses from behind the screen is a host of internet hackers who exploit malware to make money through click fraud, cryptocurrency mining, and bank-credentials theft [10]. As computer systems have become more intricate, hackers have had to increase the complexity of their malware to continue to profit, which has allowed for easier evasion [9]. As a result, cybercrime resulting from malware now costs the world roughly 1 trillion dollars, a number that is expected to increase in future years [8].

Because of the dangers to personal finance and privacy that online malware poses, researchers are investigating potential ways to combat malware. Methods to combat malware include machine learning and deep learning [6]. Current machine learning models target different parts of the malware process. Some machine learning techniques focus on finding similarities between existing malware and variants, whereas others focus on malware detection [12]. Specifically, the two main types of malware detection techniques are anomaly-based and signature-based detection. An anomaly-based detection system uses its knowledge of what constitutes normal behavior to decide if a program is malicious. On the other hand, a signature-based detection system uses its knowledge of what constitutes malicious to determine the maliciousness of a program being inspected. The variety of approaches in malware analysis allows for malware to be quickly detected and stopped. 

Modern malware is designed to deceive users, so your device will likely have to battle malware at some point in its lifetime. What can you do at home to prevent malware? For one, you can install a reliable brand of security software on your device. In addition, be careful with the links that you click and the files that you download — pay attention to any security warnings that your browser may give you, don’t click on pop-up ads, and scan external devices before connecting them to your computer. If your computer has been compromised, you will likely notice it performing slowly, have pop-up ads show up frequently, and face problems with shutting down and starting up your device [4]. Fortunately, there are many ways to remove malware by yourself. If possible, disconnect your device from your Wi-Fi network immediately after you detect a potential sign of malware. This can delay your laptop’s communication with the server before a hacker finishes encrypting your files. Otherwise, have your security software scan your device for malware and remove anything that it identifies as a problem. You should backup your operating system to an external drive beforehand, so that you don’t lose any of your data [7]. If clearing your operating system does not successfully get rid of the malware completely, you can also completely reinstall your operating system [4]. With these strategies, you can protect your device, at least until the next time you see an enticing link…


References

[1] A Brief History of Computer Viruses & What the Future Holds. (2021, January 13). Www.kaspersky.co.in. https://www.kaspersky.co.in/resource-center/threats/a-brief-history-of-computer-viruses-and-what-the-future-holds

[2] Egele, M., Scholte, T., Kirda, E., & Kruegel, C. (2012). A survey on automated dynamic malware-analysis techniques and tools. ACM Computing Surveys, 44(2), 1–42. https://doi.org/10.1145/2089125.2089126

[3] FBI. (2018, November 2). The Morris Worm | Federal Bureau of Investigation. Federal Bureau of Investigation. https://www.fbi.gov/news/stories/morris-worm-30-years-since-first-major-attack-on-internet-110218

[4] How To Recognize, Remove, and Avoid Malware. (2021, May 27). Consumer Information. https://consumer.ftc.gov/articles/how-recognize-remove-avoid-malware#have

[5] Idika, N., & Mathur, A. (2007). A Survey of Malware Detection Techniques. https://profsandhu.com/cs5323_s17/im_2007.pdf

[6] Li, D., Li, Q., Ye, Y. (Fanny), & Xu, S. (2023). Arms Race in Adversarial Malware Detection: A Survey. ACM Computing Surveys, 55(1), 1–35. https://doi.org/10.1145/3484491

[7] McAfee. (2016, May 4). How To Protect Yourself From The Malware That’s Costing Consumers Millions. McAfee Blog. https://www.mcafee.com/blogs/internet-security/ransomware-costing-consumers-millions-year/

[8] Press Release. (n.d.). McAfee. Retrieved December 10, 2022, from https://www.mcafee.com/de-ch/consumer-corporate/newsroom/press-releases/press-release.html?news_id=6859bd8c-9304-4147-bdab-32b35457e629

[9] Rodríguez, R. J., Ugarte-Pedrero, X., & Tapiador, J. (2022). Introduction to the Special Issue on Challenges and Trends in Malware Analysis. Digital Threats: Research and Practice, 3(2), 1–2. https://doi.org/10.1145/3536319

[10] Thomas, K., Huang, D., Wang, D., Bursztein, E., Grier, C., Holt, T. J., Kruegel, C., McCoy, D., Savage, S., & Vigna, G. (2015). Framing Dependencies Introduced by Underground Commoditization. Google Research. https://research.google/pubs/pub43798/

[11] Trojan | computing. (n.d.). Encyclopedia Britannica. https://www.britannica.com/technology/trojan-computing

[12] Ucci, D., Aniello, L., & Baldoni, R. (2019). Survey of machine learning techniques for malware analysis. Computers & Security, 81, 123–147. https://doi.org/10.1016/j.cose.2018.11.001

[13] What is a Trojan? Is it a virus or is it malware? (n.d.). Us.norton.com. https://us.norton.com/blog/malware/what-is-a-trojan

[14] When did the term “computer virus” arise? (n.d.). Scientific American. https://www.scientificamerican.com/article/when-did-the-term-compute/