Information Security: Malware

What is Malware?

Malware (malicious software) is a general term used to describe hostile, intrusive or annoying software or program code. Malware includes viruses, tracking software, "bots", trojans, etc.

Doesn't anti-virus software detect and eliminate malware?
No. No software is completely effective against malware, and anti-virus software tends to concentrate on viruses but not other forms of malware. The least harmful malware packages may only track the web pages a user contacts; the more serious may steal personal information or log-in information as it is typed. Malware infections are often picked up by accessing infected websites. In the past, avoiding unknown web sites was a reasonably effective practice for avoiding infections.

Am I safe if I avoid unknown web sites?
No. Recently, malware's ability to infect machines has significantly increased through a process called "malvertizing". An innocent user may access a legitimate website. If that website flashes ads, which many do, an infected ad that appears while the primary website is being viewed can infect the machine as if the user had clicked directly on the ad itself. Since many sites flash rotating ads from third parties, one person might be infected because a particular ad flashed when s/he was accessing the site, while a few seconds later another person might not see the ad and not be infected. This new approach to infection is a powerful tool for malware dispersal and is resulting in many more malware infections.

How great is the risk?
Recent warnings have been issued by agencies tracking malicious software that malware designed to steal credit card numbers and passwords is being distributed in this way. We have found some infections like this on campus, but have no way to systematically scan for and detect this software, as it changes constantly. Some institutions, including school districts, have lost hundreds of thousands of dollars overnight when such malware-infected machines are used for online banking. Protection is no longer found in simply avoiding unknown websites.