Protect Against Malware

Malware

            Malware is a malicious software running rampant across the internet. The dangerous software was referred to as a virus or worm. The super-sneaky malware is a hacking group has infected computers at companies, universities, and governments worldwide using spyware live on the hardware. “Security and Society / Society and Tech” by Dr. Norris, “Kaspersky says that the Equation group appears to have ties to Stuxnet, computer worm that sabotaged Iran’s nuclear enrichment program in 2010.” The strange thing about Equation group, they are not interested in destroying computer or wiping them clean, their primary interest is long-term intelligence gathering. (Norris par. 1). On February 16, 2015, by Great did a blog “Equation: The Death Star of Malware Galaxy”. This blog had various of the short article. The very first one was “Huston, we have a problem,” this article Gregor Bryskiewicz took a flight to Huston for an international scientific conference. After having a great time at the conference later that night Bryskiewicz and others were sent a CDROM from the conference. I believe Gregor thought it was more information about the conference. But it was not, he had become a victim of an omnipotent cyberespionage organization that had infected his computer. There was another article that gave me more information on malware and how it affects different organization groups. “A rendezvous with the “God” of cyberespionage” This article spoke about different groups being infected such as Government and diplomatic institutions, Telecoms, Nuclear research, Military, Mass Media or even transportation. Equation groups target these organizations to get to their clients and send Tongans. This group sends out code names for their tools and implants such as SKYHOOKCHOW, UK, KS, ST, and GROK. Sometimes developers leave their account open, this gives the hacker’s access to implant various of malicious attacks. The most powerful tool in the Equation group’s arsenal is known only by a cryptic name “nls_933w.dll”. This reprograms the hard drive firmware of dozens of different drive bands.  Throughout the years the Equation group has performed many different attacks. However, only one stands out and it’s the “Fanny worm” it used two zero-day exploits. The Fanny worm used a vulnerability patched by the Microsoft bulletin “M S09-025”. As an Information Security Profession, the best advice to give to protect your company from such Malware. I recommend that you equip every computer in your organization with a comprehensive antivirus program and a separate anti-spyware program. If you have a very small organization, I recommend you install individual antivirus and antivirus-spyware software on every computer. However, if you have an organization with more than twenty computers. I would consider enterprise-level tools; the enterprise-level tools allow centralized administration. From here, make sure you make updates. The antivirus and antivirus I recommend is Norton Security, and Kaspersky.

 

1.      https://securelist.com/blog/research/68750/equation-the-death-star-of-malware-galaxy/

2.      http://knowyourtec.com/?p=10094