Malware

Malware

Malware is the malicious code that is programmed in different types of presentations, to take control of assets in information systems of all kinds. This ranges from software-level tools that affect the operating systems and their services, to hardware tools that allow you to take control of the devices and much more than you can imagine. There are different types of malware, which can be classified in different ways, depending on how it is observed. Viruses are the first type of malware treated in this article, because it is the oldest category that represents malware in the history of computing, through the use of malicious programs that seek to reproduce and spread similarly as an epidemic works in a society. but at the level of information systems. These can generally affect the boot system in the load processes of the operating system, can also compromise operating system or user files, and have been disguised even using files built in office automation tools, with the aim of tricking the user and driving it to its execution.

Additionally, there are varieties of malware known as worms, which unlike viruses, they seek their spread through data networks, infecting the equipment within a local infrastructure, faster than its identification and control. Part of its action is aimed at the destruction of data files stored in a system, in addition to scanning at the network level, the possible neighbors on which it can be propagated.

There are also Trojans and rootkits. Trojans allow to open back doors in computer systems to have access to their remote administration, scaling administrative privileges in such systems. They are usually hidden under tools that are usually attractive to carry out cleaning operations of the system and can offer dazzling features, in order to persuade users to perform their installation. Rootkits, however, allow you to obtain system information and sometimes use the network to send this information to ghost servers that are difficult to track. Sometimes it is installed in the kernel of the operating system and can modify the code where it is stored, making it difficult to detect it.

At one time, keyloggers were very famous, used repeatedly in public Internet access sites, to capture the keys pressed by users on computers, allowing the capture of credentials of access to Internet platforms and financial systems. Other types of malware such as adware, responsible for constantly displaying annoying pop-ups in browsers or web and desktops, are unintentional, and are common in end users of business systems. You can also find spyware known as spyware which, as its name says, is used in search of industrial secrets and confidential information of a company or individual.

One of the last known is the ransomware, a malware highlighted by its mode of computer hijacking, where by means of a malicious code, which uses computationally hard-to-break encryption algorithms, it encodes user information, generally demanding financial compensation in cryptocurrencies, in exchange for applying the reverse encryption mechanism that allows retrieving the information.

As threats grow, the variety of detection tools for this type of code has been increasing, with the development of physical devices and embedded systems that facilitate the implementation of security controls in order to minimize computer risks, sending data in time real about unusual behavior in the system, to the operators in charge of its support.

Thus, malware also evolves rapidly, with mechanisms programmed under artificial intelligence techniques, which allow learning to skip information security controls, making the systems implemented to counteract them vulnerable. That is why the APT each time are more advanced and manage to penetrate systems more easily, generating greater negative impact on organizations that are victims, such as the case of ransomware.