Over my career, Iāve used the words in this month topic many times, when mediating confusion between people or counseling someone on my team, maybe you have as well. While the old childhood mantra of āSticks and Stonesā¦.ā is technically accurate, it is misleading. While words wonāt leave a visual reminder [like sticks or stones would] they do have the ability to leave far more permanent internal wounds. Because, Words Matter. Words can hurt, BUT by the same token, words can be extremely good, increase morale, and be helpful & informative. That is the side Iām going to talk about [Iām all about optimism and positivity].
Last month we talked about reporting incidents, but what I didnāt mention was that to report something efficiently and speed up the resolution [read: limit the damage], we have to know what to say [Canāt tell you how many times, as the family IT guy, Iāve had to try and decipher āthe computer is not doing the thingy so I can open my internetā]. Understanding the Words matter too, kinda like listening to your kids and their new generational slang, sometimes we hear things and might not know what really is being talked about. So, for a quick refresher, below are some current cyber terms and definitions that all get filed under the āMalwareā category. This will help to make sure that a) when reporting incidents to us we understand more quickly the incident; and b) to help make sense of news reports, articles, or conversations, when the terms come up in your daily life:
Malware: Is a type of software that is designed to cause damage to a computer [unlike a ābugā which can cause many problems, but it wasnāt designed to do that, just like the massive CrowdStrike issue last week!]. It can be destructive, or it can be used simply for information gathering, but it is always considered a security risk. Some types of malware include:
- Spyware: This is software that tracks your activity and sends the information to another computer without your knowledge. A lot of times, spyware developers will also add viruses or other malware to the computers they are tracking.
- Ransomware: Ransomware is software that will encrypt your data and then those that deployed it, will demand payment for restoring access to the data (FYI, the common ploy is to get your money, then either not fully give your data back, or destroy it anyway).
- Cryptocurrency mining malware: This type of software infects devices and then uses their processing power to mine cryptocurrencies, such as Bitcoin, without the owner’s knowledge or permission (While they will sometimes code it to not run until the device has been inactive for a period of time, sometimes it is just running, and you will see a unexplained slowdown on your device).
- Trojan horses: Trojan horses are programs that appear harmless and may provide functional software that you can use, but also actually contain malware. If a user installs the program, then the malware is installed without their knowledge and reports back to the command and control servers, ready to do their bidding of any of the above. This is normally something that increases in probability of installing when you find a program off the internet that looks like something you would want to use and download it from some less hat known site.
It is important that we each have an idea of how malware works so when we see something on our machines, we can more accurately report it and the response team can attack the issue with a laser focus. Also, please be aware of what kind of files you are downloading on your computers, be leery of any files you receive and werenāt expecting, and make sure your anti-virus and software patches are applied on your computers!
Newsletter by Rob Collings, ISHPI’s VP of Cybersecurity | CISO
August 1, 2024