Taron Mattocks, a Technical Support Analyst for the Division of Student Affairs, recently wrote an article on malware for an Information Security class as part of the Masters of Network Technology distance program at ECU. A condensed version of his article appears below.
The UNC-Chapel Hill network faces tens of millions of connection requests per day from outside entities that are attempting to illegally gather sensitive information. A university such as Carolina is an appealing target for an attacker. Identity theft opportunities, credit cards and Social Security numbers are among common identity items that can be stolen.
No system is immune
UNC-Chapel Hill’s Security infrastructure stops more than 90 percent of these attacks by deploying a multitude of protection strategies that post a formidable barrier between the outside world and the sensitive information inside. But no system, however robust, is perfect, and attacks eventually seep through. We incorrectly assume that desktop anti-malware products will provide that last line of defense to protect our information.
Attackers bombard networks
Network attacks and phishing scams are a few examples of networks under siege in a growing threat to cybersecurity. Commonly used protocols such as web, naming services, and network management have been used in reflection and amplification attacks. Lesser-used protocols such as the clock synchronization (NTP) and network advertisement protocols (SSDP) have also been used. When an attacker discovers an exploit, the protocol used does not matter. It will be used to attempt to penetrate the target.
Symantec anti-virus software, long considered a leader of malware stoppage, had severe security holes that were quickly exploited on discovery. One of the weaknesses came from internal exploits, which left the main anti-virus executable program vulnerable to manipulation. Symantec compounded the problem by using the same technique for both their home and enterprise solutions.
Education is the best defense
The best tool for technologists remains education. We can recognize phishing scams, while sophisticated, by the grammatical errors and links that lead to strange websites. Also, requests from non-UNC-Chapel Hill authorities often point to scam attempts.
Users can help themselves by keeping machines patched, watching for computer-performance changes and staying current with the latest malware trends. As the world of malware continues to grow, users must educate themselves accordingly to reverse the trend of desktop compromises.