Cybercriminals exploit network weaknesses to steal information and money, and they’re skills are constantly developing. To combat cybercriminals, the Department of Homeland Security is calling for more cybersecurity professionals, given the potential damages and the increasing complexity of cybersecurity.
Adding to the complexity of cybersecurity is malicious code. Malicious code is part of a software system or script intended to cause some undesirable effect, such as a security breach or direct damage to a system. The code cannot be efficiently controlled by conventional antivirus software alone, and it can take a number of forms. For instance, several types of malicious code can be found online in Java applets, scripting languages, ActiveX controls, browser plug-ins and pushed content.
“The code gives a cybercriminal unauthorized remote access to the attacked system — called an application back door — which then exposes sensitive company data,” according to cybersecurity and antivirus company Kaspersky Lab. “By unleashing it, cybercriminals can even wipe out a computer’s data or install spyware.”
Potentially, a cyberattack can shut down a business and result in financial losses for the business. The cost of a data breach in North America increased in 2017, with the total impact of a data breach amounting to $1.3 million for large companies and $117,000 per incident for small- and medium-sized businesses, TechRepublic reported. The top financial losses for enterprises result from additional staff wages needed ($207,000), while for small- and medium-sized businesses, it’s from loss of business ($21,000) and employing external professionals ($21,000). A report found that American companies’ cybersecurity budgets have grown twice as much as information technology budgets over the past two years, and more than 75 percent of U.S. executives surveyed said they were more concerned about cybersecurity threats than the previous year.
Interested in a Cybersecurity Career?Explore Degree
Types of Malicious Code
Here are a few categories of viruses and malicious code, according to software company Symantec Corporation.
File Infector Viruses
This type of virus infects other files or programs on a computer system. It is present inside a system’s memory after a “host” program is run. The virus can spread to other programs as they are opened or lie dormant inside another program until the program starts.
A more complex file infector alters the route a computer takes to open a file. The virus is opened first, followed by the original program. If the virus, via an infected program or file, is passed over removable discs or a network, it will infect the new computer once the program or file is opened.
Boot Sector Viruses
Instead of infecting programs, boot sector viruses infect hard drives and removable discs. The boot sector is located at the beginning of a hard drive or disc. When infected, the system may have no noticeable problems, or it may fail to boot or display error messages while booting.
Macro viruses distribute themselves through an application’s own macro programming language. Instead of infecting programs, they infect documents. According to Symantec, they are by far the most common type of malicious code due to the popularity of software like Microsoft Office, which uses macro programming languages extensively in the suite of products.
For example, when an infected file is opened in Microsoft Word, the virus infects the base template (Normal.dot), which is the framework for all created Word documents. The infected template causes all documents opened to be infected as well. The program becomes a carrier of the macro virus.
A worm is a piece of code that replicates itself and can travel via a computer network, across the Internet or by other means. Most worms are created using simple scripting languages, which can be formed by a text editor.
In 2017, the NotPetya worm attacked several companies across the globe.
- The world’s second-largest confectionary company, Modelez International, which owns brands like Oreo, Nabisco and Ritz, reported a five percent drop in quarterly sales due to the worm causing shipping and invoicing delays.
- Merck, a U.S.-based pharmaceutical giant, stopped production of some drugs and has yet to determine the full costs associated with the attack.
- Others affected include British consumer goods maker Reckitt Benckiser and shipping companies FedEx and A.P. Moller-Maersk.
Worms have also undermined IoT security measures. For example, BrickerBot has found thousands of IoT devices by taking advantage of their default passwords, and the Hajime worm has built a network of 300,000 malware-compromised devices.
Trojan horses are malicious programs that disguise themselves as harmless software. Some Trojans are within other programs, so when the original program is installed, the Trojan program is also installed.
Trojans have a server, which is installed on the victim’s computer, and they have a client on the Trojan owner’s computer. The Trojan allows the remote owner to send commands to the victim’s computer as if the remote owner were sitting at the victim’s computer. There are several types of Trojans that can take over a computer, steal account data, download and install new malicious programs, spy on the user and more.
Guarding Against Malicious Code
The number of cyberattacks per year is surging; in the first six months of 2017, there were 918 data breaches globally. That number of breaches is up 164 percent from the previous year. The sophistication of malicious code is evolving, and so is the technology used to guard against it. Ensure your industry knowledge is up-to-date with an online master’s degree in Cyber and Homeland Security Administration from Fairleigh Dickinson University. Earning your homeland security degree online means you can attend class when and where it’s right for you, and complete your education at your own pace.