Now Trojan Horse Delivered in Automatic Update Services
Trojan Horse - One Mans “Worse Case Scenario” Prediction
----------------------------
This is a fictional article about a Trojan Horse Virus, or you could say it is one mans prediction of a “worse case scenario”. Because of the field I’m in, I maintain a personal list of my top 10 “worse case scenarios”. Every time I perform a security assessment I run into something new or identify a situation that is ripe for a potential vulnerability. I think we could all agree that no respectable or ethical company would intentionally deliver a malicious piece of code as part of a helpful update solution. However, the reality is that human beings are behind technology and human beings are unpredictable and fallible.
Many major operating system vendors have automatic update services. Many hardware vendors and other software packages have followed this trend, incorporating automated update services into their products. In some cases, the services for automatic updates run as the local “system” account. This account has the ability to access and modify most of the operating system and application environment. When automatic updates were relative new, many people would perform the updates manually, however, as time has progressed, many now trust these services and allow the updates to proceed in a truly automated fashion.
The Final Step before the Hammer Falls
--------------------------
So let’s expand upon our “worse case scenario”. A new service pack is just about ready for release. The last step prior to public release is quality control / validation. The team of people performing this task includes a significantly disgruntled employee (Or may he/she is going through a horrible life crisis and has not much to lose). When people are in pain or distress it is not uncommon for them to project this same feeling onto others in any way they can. So, instead of performing their job in the normal fashion, they decide to incorporate a malicious payload into the forthcoming update.
The First Step For The Trojan Horse: Evasion
--------------------------------------------------
This payload has some unique characteristic, three to be precise. First, it is constructed in such as way to not appear as something malicious. The anti-virus and anti-spyware programs currently on the market won’t be able to detect it through anomalous detection techniques.
The Second Step For The Trojan Horse: Information Collection
----------------------------
Secondly, it has been instructed to wait 12 hours to activate to start searching your computer an network for important files that may contain financial, healthcare, and other confidential information such as user accounts and passwords. It then sends this information to anonymous systems on the Internet. Because this “Trojan horse” has been incorporated into an automated update by someone with reasonable skills, it is instructed to only perform the collection of data for 12 hours. Given the number of global systems that allow automated updates, 12 hours should be more than enough. The person behind this realizes that someone will quickly identify that something malicious is going on and start to rollout a defense solution to halt the process.
The Final Step: Incapacitate
-------------------------------
Finally, the Trojan Horse will cease it’s data collection and deliver it’s final blow. Because of the level of system privilege it is running at, it modifies the communication protocols and services on the system to prevent any type of external communication to its local peers and external (Internet) hosts. It does this in such as way that the only immediate method to recover from this is a system roll-back, system repair, or restore from near-line media, such as tape or disk. And as far as system recovery is concerned, I can tell you that many people even in corporate entities do not perform the most basic steps to be prepared for a quick system disaster recovery. In some cases, some of the most important recovery services have been disabled because of lack of system resources or disk space (which is amazing given how inexpensive this is anymore).
What Could Be the Impact of This “Trusted” Trojan Horse
----------------------------------------
Just about every time you install a new application or piece of software you increase the time it takes to boot your PC and in some cases decrease its performance. On thing that drives me crazy is printing software. For the life of me I cannot understand how or why printer support software could total 400MB in size, but they sometimes do. Not only that, they tend to load all kinds of unnecessary real-time running applets. HP printers are notorious for this. Be very aware of what it is you are loading and only load those components that you need. Even some off-the-shelf software packages load adware and other not so helpful applets. Also, when you uninstall software, not all the software gets uninstalled in many cases. One thing I suggest is to purchase a registry cleaner. This can dramatically decrease boot times and in many cases increase the overall performance of your PC.
People are already concerned about identity theft, or at least they should be. I recently spoke with a business associate that told me that even with everything he does to keep his identity secure he has been the victim of identity theft not once, but twice. If your user id’s, online accounts, passwords, financials, or other confidential information winds up on the Internet for any anonymous person to see, you can bet it will be used in a way to cause you problems. Even if only 10% of the global systems fell victim to this Trojan Horse, the cut off of communications could cost businesses billions of dollars and potentially impact their reputation as “secure” institutions.
Conclusion
----------
If we don’t think that this “worse case scenario” can happen, then we’re kidding ourselves. Recently, one of the market leaders in the perimeter defense business had to recall a service pack because it contained a significant “bug” that could result in a security breach; a service pack that can be delivered through and intelligent update service. Obviously there has to be a certain level of trust between us, the consumer, and the vendors of hardware / software we rely on. I’m not entirely sure what “fail-proof” solution can be put in place to prevent something like this from happening. Although I’m sure there are quite a few checks and balances in place already. The bottom line is, if you or I can image a scenario like this, there is always a chance of it happening. In my case, I usually wait for several days to apply new service packs and hot-fixes. Hopefully someone else will find the problem, correct it, and then I’ll apply it.
You may reprint or publish this article free of charge as long as the bylines are included.
Questions and Answers
Here is the tips and guide on how to connect computer to internet with cell phone, modem and Wi-Fi. Read the article here with easy understanding.
Laptops are very popular among business people as well as others who just enjoy having a laptop. They come in handy, as you don’t have to be sitting at a desk in order to use a computer or the internet. You can be anywhere, even on the beach. Whether you are using your laptop to do your work, to play games, surf the net or to write a book, it is up to you.
These days we simply can't live without our computers. I don't care what your occupation may be, you probably have a computer of some sort sitting in your home or office, or both. The more modern technology now being, the laptop notebook computer.
Computers laptops on finance is a kind of loan program introduced in the financial market to benefit the people for whom to own a laptop have become a must for life. Computers laptops on finance is available in secured and unsecured variant.
Computers and Laptops are costly devices and that required repairing and attention every day. Computer and Laptop Repairing is a skill and everybody doesn't have these kinds of skill that's why today everyone needs help for their Computers and Laptops because Technology is improving Day by Day.
Computer laptops bad credit finance is of great benefit for the people who want to purchase a laptop. This kind of finance is offered in secured and unsecured form.
An in depth look at the new MMORPG from Blizzard Entertainment known as Diablo III, a long awaited release for Diablo fans.
Most small businesses take advantage of computer technology, and it certainly can make things a lot easier for everyone within the business when you do so properly. Unfortunately, there are also a number of different problems that can occur as a result of the technology that you are using.
For any restaurants, it is very important to have vigilant end to end point of sale and service. If someone is new to the business of making and serving meals, it's very important to have a clear cut observation on point to point service to sale.
Small business financial software plays a vital role in the operations of an organization especially the small enterprises. This is where you get the opportunity to keep the record of all the financial activities that are occurring in your organization.
Wireless is one of the best ways in order to get internet to a laptop or a computer, but if you want to sell wireless items in the US or Canada, you need to be sure you pass the wireless testing and you get the FCC certification to prove it.
Having them on the free content sites also makes them available to other webmasters who may wish to publish your articles on their sites. If they do, your article will include a link back to your site. And anyone who reads the article on that site can still click on the link to visit your site.
Hello friends, Be sure that you read to the end of this article because there is news about the next big ReFire, Don’t Retire™ Event. It’s going to be hugely fun, and I hope you will be a part of it. I occasionally have people ask me why I chose “ReFire, Don’t Retire” and why I talk so much about a refired life in the second stage. The answer is really simple:
In a conventional lottery game a player is usually required to pick a batch of numbers from a specific number range as well as an additional bonus number. For example, in the UK National lotto a player has to choose 6 main numbers from 1-49 inclusive and then a further bonus number from the same range. To collect the top prize, a player needs to match all of their six main selected numbers with those numbers drawn. If there is no single ticket matching all the drawn numbers in a given week, the
The Information Technology (IT) industry is well known for experiencing growing pains related to the technological advancements that are the foundation of the field itself. Advancements in technology, while necessary, often force IT professionals to focus on a particular area of expertise in order to meet the specialized needs of different industries.
The Quick, Inexpensive Way of Becoming Certified Emergency Medical Technician (EMT) certification is highly desired at present time. Well aware of the benefits of being a certified EMT, those aspiring to become a part of the Emergency Medical Services channel all their efforts towards obtaining their certifications and investing a lot of time, money, and effort in the process. However, many fail to achieve their goals due to inappropriate training which leaves individuals un-prepared for the ch
Discuss this Article
