Cyber Security: Software Threats

Software threats are malicious pieces of computer code and applications that can damage your computer, as well as steal your personal or financial information. For this reason, these dangerous programs are often called malware (short for “malicious software”). 

Fortunately, many anti-virus programs, as well as comprehensive security software, exist to prevent the effects of software threats. A comprehensive security suite will have specific anti-spyware and dedicated adware removal software and provides general protection from viruses. Most vendors also issue patches that close down vulnerabilities exploited by email viruses. If you use and update good security software, stick to reputable websites and only open files sent to you by senders you know and marked as “safe” by your email provider, you should be able to avoid most threats. Keep in mind, though, that email accounts are sometimes hacked and used to send spam, so treat even email from people you know with caution.

Software Threats

Many software threats now target smartphones specifically, so approaches to cybersecurity that are based on desktop computers are not always effective. While viruses that target smartphones are simply the mobile versions of ones that target your desktop or laptop computer, man-in-the-middle attacks take advantage of free Wi-Fi in order to place hackers between your device and a Wi-Fi hotspot and steal your information and details from your apps. Bluejacking is the sending of unwanted or unsolicited messages to strangers via Bluetooth technology. It can be a serious problem if obscene or threatening messages and images are sent. Bluesnarfing is the actual theft of data from Bluetooth enabled devices (including both mobile phones and laptops): contact lists, phonebooks, images and other data may be stolen in this way.[1]Mobile Ransomware is malware that locks up your device.[2] If your device has been infected with the malware, you lose all access to every part of your phone until you pay a ransom to the hacker/criminal who has taken control over your device.[3]Phishing or Smishing usually starts as an email or text claiming to be from a person or business that you know. This email usually contains a link that asks you to verify information. This information in turn goes straight to the scammer to steal and use your details.[4]

Free Wi-Fi

Since we are constantly trying to connect to public Wi-Fi networks, there is a constant threat of these networks stealing your personal information. Kevin Du, a computer science professor at Syracuse University, claims that “if you don’t have a VPN, you’re leaving a lot of doors on your perimeter open.”[5]A VPN or a Virtual Private Network “creates a secure connection between you and the internet,”[6] which means your IP address (all your internet activity)[7] and your location are encrypted, keeping hackers and cybercriminals away. For smartphones, it’s best to turn VPN on only when on an insecure connection or app in order to preserve battery life.[8]

Ransomware

Ransomware is a type of cyber extortion. Criminals “threaten to seize, damage, or release electronic data owned by the victim,” with the main goal being to obtain money rather than data. [9] Scareware is similar to ransomware, except it only tries to make you think your device has been compromised or infected by a virus.[10]

Bluejacking

Bluejacking uses a feature originally intended to exchange contact information to send anonymous, unwanted messages to other users with Bluetooth-enabled mobile phones or laptops. In some cases, this is used to send obscene or threatening messages or images. It could be used to spread malware, as well.[11]

Bluesnarfing

Bluesnarfing is the actual theft of data from Bluetooth enabled devices (especially phones). Like bluejacking, it depends on a connection to a Bluetooth phone being available. A Bluetooth user running the right software from a laptop can discover a nearby phone and steal the contact list, phonebook and images etc. Furthermore, your phone’s serial number can be downloaded and used to turn off the phone. Again, the only current defense is to turn your Bluetooth off by setting it to “undiscoverable.”

Phishing and Smishing Scams

This scam starts, usually, as an email from a friend or business asking you to verify your information. This can also come in the form of a text message (Smishing) or phone calls from a company you could have recently contacted asking for payment confirmation. If given this information, the cybercriminals can obtain access to your details in order to take your money or steal your information.[12]

Security Tips

  • In order to protect yourself from mobile viruses it is important to regularly update your operating system, as these updates can contain fixes to security vulnerabilities. The security software for your smartphone may even come with password managers to keep your login information safe.[13]
  • To make sure you don’t fall victim to phishing scams, do not click on emails you do not recognize and be certain the email is from the person you think it is by checking the sender’s whole email address before you click on a link.
  • If you are no longer able to access your smartphone due to Ransomware, make sure you have backed up your data either onto the cloud, your laptop or a remote device.[14]
  • Don’t download unnecessary or unfamiliar apps, as some of these can come with spyware, ransomware and data leakages. Do a bit of research on the app and its developer before you add it to your device.[15]
  • Turn off your features if you are not using them, such as Bluetooth and Wi-Fi. This is especially important when you are in a public place with free Wi-Fi, as your phone might automatically connect, making your data more vulnerable to hacking.[16]
  • Don’t access public Wi-Fi unless you are sure the network is safe and reliable. If possible, check with the provider (library, coffee shop, etc.) to find out which network is the real one. Never use public Wi-Fi to send any important data like your bank account login or credit card information.
  • Install the HTTPS Everywhere extension to your browser to prevent man-in-the-middle attacks.

Understanding Malware

Email viruses (phishing) and SMS viruses (smishing)

Most email viruses (phishing scams) rely on the user double clicking on an attachment that most often comes from a person you recognize on your emailing system. That person’s email could have been hacked as well, or it could be an email that looks the same, but when expanded is from a different source altogether. The attachment, when clicked, runs a malicious code that mails itself to other users from that computer. Any attachment that you open on your computer could contain a virus and infect your computer even if the extension appears to be safe (such as .txt, .doc or .jpg). Some viruses can infect users as soon as they open the email. These viruses may compromise your computer’s security or steal data, but more often they create excessive email traffic and crash servers.[17] Viruses can also be spread by clicking on links in emails that lead to malware sites.

SMS viruses (smishing) depend on the user getting a text message or a phone call from an unknown number. The hackers use social leveraging to obtain anything from an online password to your social security number. The text messages can also appear be from companies you have used recently, like Canada Post telling you that you have a customs fee to pay to receive your package. Once you click on the link and enter your credit card information, the hacker has all they need to steal your money and personal details.[18]

Macro viruses

This type of virus, also known as a document virus, takes advantage of macros (commands embedded in word processing and spreadsheet software that run automatically) to infect your computer. A macro virus can copy itself and spread from one file to another. If you open a file that contains a macro virus, it copies itself into the application’s start up files and infects the computer. The next file you open using the same program, and every file thereafter, will become infected; the infection can therefore spread rapidly across a network.[19] When Microsoft first introduced macros, the company was not aware of the many security risks that would be imposed on them. With their latest updates, when you open a word document, the macros will not run unless you approve it (know it is from a reputable source) stop a macro virus erupting in your computer (PC or Mac).[20]

Boot sector viruses

Boot-sector viruses (the oldest type of viruses) are mostly spread through infected storage devices such as USB drives. When your computer is turned on, the hardware seeks out the boot-sector program, the program the computer runs when it starts up. This is generally located on the hard drive but can also be on a storage device such as a USB drive. A boot-sector virus replaces the original boot-sector with its own, modified version. Upon your next start up, the infected boot sector is used and the virus becomes active. It can then read or modify any files or programs on your computer.[21]

Adware

This type of intrusive software displays advertisements on your computer and has become increasingly more aggressive since 2019 on Windows, Mac and Android devices. These usually come in the form of banners and pop-ups when an application is in use and try to “sell something to users, inflate views of ads, or scam people out of their money.” Adware can become a serious problem if it installs itself onto your machine: it can hijack your browser (Internet Explorer, Firefox, Chrome or Safari, for example) to display more ads even on your social media accounts (such as Instagram and Facebook), as well as gather data from your Web browsing without your consent and prevent you from uninstalling it. The most common issues with adware is that it can slow down your internet connection or render your computer unstable, as well as distract you and waste your time and money.[22]

Spyware

While technically a form of adware, spyware has as its primary function the collection of small pieces of information without users’ knowledge. One form of spyware, called a keylogger, actually monitors everything you input into your computer. In addition to monitoring your input and internet surfing habits, spyware can interfere with your control over your computer by installing additional software, redirecting your browser, changing computer settings and slowing or cutting off your internet connection.[23] Other types of spyware include: tracking cookies, trojans and system monitors.[24]

Security tips

  • To avoid viruses you should run anti-virus software (NortonMacAfee and Avira are examples of reputable programs) and avoid clicking on unexpected attachments. Installing patches (a software “fix” designed to address holes and vulnerabilities in software) issued by software vendors can also protect you as they can close down vulnerabilities exploited by viruses. In particular, it is important to keep your browser (the program you use for accessing the Web, such as Internet Explorer, Firefox, Chrome or Safari) up-to-date, as browsers are one of the main targets of viruses.
  • To avoid email viruses, be careful about downloading attachments. You should only download an attachment from an email if you know the sender and are certain that their account has not been compromised. Signs that an e-mail account has been compromised include a subject line that makes no sense and mass-mailings to all of the account’s contacts.
  • To avoid SMS viruses on your smart phone, do not open a link from any number you do not know. If a company has sent you a text message asking for information either in the form of your credit card or personal details, contact that company separately first and do not click on any links.
  • Avoid opening any documents that are not from a sender you know and trust. If any of your programs begin behaving oddly, run a scan using your anti-virus software immediately.
  • To avoid viruses and other malware carried on storage devices, use only storage devices that you have bought new. Before using any storage device, run anti-virus software on it and do so again every time you plug a storage device into a different computer.
  • If you do not want ads popping up on your social media timelines from items you have previously searched online, try installing a browser plugin such as Privacy Badger or Disconnect
  • Most privacy software detects adware and labels it as “potentially unwanted applications.” You can then authorize the adware or choose to remove it.
  • Similarly, most anti-spyware software will be included with a comprehensive anti-virus program or you can opt for dedicated software.

General tips - Most computers come with embedded security features including a firewall. This prevents unknown programs and processes from accessing the system, but is not a replacement for anti-virus software. Your firewall can be located and activated from your computer’s control panel. Some websites maintained by anti-virus vendors offer free online scanning of your entire computer system, but verify the source to be sure. Some sites which claim to scan for viruses actually plant malware on your computer.

Cookies

A cookie is a small text file saved on your computer by a website, mainly used as a means for session management, personalization and tracking while surfing the Web. Some cookies can be useful, making for a smoother browsing experience. For instance, they can save small pieces of information into memory, such as your name, so that you don’t constantly have to re-enter it on your most frequently visited websites. Cookies are essential to common features of websites such as “shopping carts” (which store your purchasing decisions while you browse an online commerce site such as Amazon). These cookies are usually deleted after you leave the website or within a few days of not visiting it.

Other cookies, however, can be far more of a nuisance. These cookies will recreate themselves after the user has deleted them. A script will then keep this information in some other location on the computer, unbeknownst to the user. Other kinds are able to closely track your online habits and can last up to a year on a given server.[25]

Understanding cookies

There are several different types of cookies. Each has different properties:

Session cookies

This type of cookie only lasts for the duration of your stay on a particular website and is deleted when you close your browser. These cookies pose less of a security risk.[26]

Persistent cookies

This type of cookie is also known as a “tracking” or “in memory” cookie. These cookies can last up to a year from each time a user revisits the server. They are stored by the browser even after it is closed; when you click ‘remember me’ on a webpage where you hold an account, a persistent cookie is used to store your information.[27]

Secure cookies

These cookies are used when you are visiting a secure site (one where the Web address begins with “https” rather than “http”). Secure cookies are encrypted when being sent to and from your computer and the server, which means that they are more secure if someone intercepts or copies them. Use the HTTPS Everywhere plugin to make sure you only connect to the secure version of the site.

Unauthorized installation and replication cookies

This type of cookie, sometimes referred to as a “zombie” or “super” cookie, automatically recreates itself in some other location on the computer after a user has deleted it.

Security tips

  • Most browsers (Internet Explorer, Firefox, Chrome or Safari) are set to accept cookies by default. If you do not wish to use cookies, all browsers allow you to disable them. Some browsers also allow you to see which cookies you currently have on your computer and to delete those you no longer want. There are also software tools, such as CCleaner  and QuickWiper, that get rid of standard cookies and files as well as unwanted persistent and self-replicating cookies that refuse to go away.
  • Most browsers also have an option to browse without storing cookies (called inPrivate Browsing in Internet ExplorerIncognito Mode in Chrome and Private Browsing in Firefox and Safari). However, while this does prevent cookies from being saved to your computer, it does not mean that there will be no records of your browsing saved on your computer or on the servers of the websites you visit.
  • Browser plugins like Privacy Badger and Disconnect block third-party cookies and supercookies.
  • Secure sites (where the Web address begins with “https” rather than “http”) encrypt any cookies you send to them. This makes it more difficult for the information in the cookies to be intercepted and misused. You should always use secure sites for anything that involves financial information (bank or credit card data, etc.).
  • Because logins and passwords are often saved using cookies, you should periodically change your passwords on any sites you visit. If you do not wish to use a persistent cookie to store your password, do not click ‘remember me’ on any account pages.

Browser hijacking

Browser hijacking is a malicious online activity where hijackers change the default settings in your internet browser. Links may appear that point to websites you would usually avoid, new toolbars and favorites that you do not want may be added and your computer may slow down overall. Users will also often find themselves unable to return to their original settings once this is done. The purpose of this threat is to force you to visit a website. This increases the traffic and number of “hits” a website receives, allowing it to boost its advertising revenue. These websites may also contain malicious scripts or viruses. Browser hijackers can be extremely persistent. If they can’t be removed, you may find yourself having to reinstall your browser or restore your entire system to its original settings.[28]

Security tips

  • As is the case with most other software threats, keeping your browser updated and using reliable, updated security software is your first defense. If you do become a victim of hijacking, you can reset your browser settings. How this is done depends on your browser:
  • In Chrome, click the Customize and control Google Chrome menu (three dots) in the upper-right corner of the browser. Click Settings, scroll down to click Advanced, then scroll down and click Restore settings to their original defaults. Click Reset settings in the pop-up window.
  • In Internet Explorer, close your browser and then go to Control Panel. Select Network and internet and then Internet Options. Click on the Advanced tab and then click on the Reset button under Reset Internet Explorer Settings.
  • In Edge, right-click on Start and select Apps and Features. Scroll down and select Microsoft Edge. Click Advanced Options, scroll down and click the Reset button.
  • In Firefox, open the Start menu and select Run. Enter “firefox-safe-mode” (without quotation marks) then select “Reset all user preferences to Firefox defaults.” 
  • In Safari, begin by opening your browser and clicking on “Safari” in your Safari menu. Select Reset Safari and click the Reset dialogue button that appears.
  • In Firefox, click the Open menu (three horizontal lines). Click Help, then Troubleshooting Information. Find Give Firefox a Tune-Up and then Refresh Firefox.
  • You can also disable your add-ons (a piece of software that enhances another software program, such as plug-ins for Internet Explorer) as a secondary line of defense. If all else fails, you may have to restore your computer’s state to an earlier point in time using a backup hard drive or the recovery discs that came with it.

Scripts

script is a piece of code that is loaded and run by your browser. The most common type is JavaScript, but HTML, Java or Flash based plug-ins have similar effects. While scripts may enhance and enrich online experiences (and are often necessary to use the full functionality of a website) they can also be malicious. A malicious script can compromise your computer’s performance and overall functionality by redirecting you to another site or loading malware onto your computer.

Security tips

While you are generally safe from malicious scripts if you stick to trusted sites, there have been cases in which hackers installed malicious scripts onto legitimate sites. The only sure way of preventing script attacks is to control which scripts run when you visit a site.

  • In Firefox, you may use a free add-on called NoScript (https://addons.mozilla.org/en-CA/firefox/addon/noscript/) which lets you select which scripts to run when you visit a site. You can select the minimum necessary to get the functionality you need.
  • There are similar add-ons available for Chrome and Edge, which also allow you to block scripts by default by selecting Options, then Under the Hood, then Content settings and click Manage JavaScript blocking.

Internet-connected devices

An increasing number of electronic devices, from fitness trackers to cars to children’s toys, are now connected via Wi-Fi in what’s often called the “Internet of Things.” A report by Fortune Business Insights indicates that “the global Internet of Things market size stood at USD 250.72 billion in 2019 and is projected to reach USD 1,463.19 billion by 2027.”[29] Unfortunately, many of these devices are vulnerable in several ways:

  • Many of them have poor security, which can allow hackers to infect them with malware, spy on them or take control of them entirely.
  • They typically connect through your internet router, which makes it easy for malware from an infected device to easily spread to other devices that use the same network.
  • They are often designed to work with your online accounts, so an infected device may also give hackers access to those (such as your email or social network accounts).
  • Even if the devices aren’t compromised, many collect kinds of data that you may not be comfortable with – fitness trackers, for example, collect health information.

Security tips

  • Be cautious before buying an internet-connected device: Security experts say that a majority of “smart” devices on the market today are not highly resilient to cyberattacks.[30] Be particularly wary of “cloud-based” tools that can only work when connected to the internet. Do some research on the product you’re considering buying to see if there have been any reports of security problems.
  • Check the privacy policy: Make sure you have a clear idea of what happens to the data that the device collects and what other data it can access by connecting to your online accounts or to other devices.
  • Set a password: Make sure that every connected device in your home is protected by a unique password. Most connected devices allow you to set a PIN or password, but many don’t prompt you to change it from the factory default.
  • Use a guest network: Create a “guest” network on your Wi-Fi router and connect the devices to that one, rather than your regular network. That way, if your connected devices get compromised, the cyber threat won’t be able to access the devices on your main network, like your computer. 
  • Check for firmware updates: Like browsers and computer operating systems, makers of connected devices frequently release “patches” and updates to address new security issues they’ve discovered. Security experts suggest treating connected devices like smoke alarms, setting a date twice a year to make sure that everything is up-to-date.[31]

 


[1] (n.d.) TechSlang. Retrieved from https://www.techslang.com/definition/what-is-bluesnarfing/

[2] Ibid. 

[3] Ibid. 

[4] Ibid. 

[5] Raphael, J (2020) 8 mobile security threats you should take seriously in 2020. CSO United States. Retrieved from https://www.csoonline.com/article/3241727/8-mobile-security-threats-you-should-take-seriously-in-2020.html?page=2

[6] Marks, T (2020). VPN explained: How does it work? Why should you use it?. VPNOverview. Retrieved from https://vpnoverview.com/vpn-information/what-is-a-vpn

[7] WhatismyIPaddress.com (n.d.) IP 101: The basics of IP addresses. Retrieved from https://whatismyipaddress.com/ip-basics 

[8] Raphael, J (2020) 8 mobile security threats you should take seriously in 2020. CSO United States. Retrieved from https://www.csoonline.com/article/3241727/8-mobile-security-threats-you-should-take-seriously-in-2020.html?page=2

[9] Bonner, M. (2019) Insuring against Ransomware and other Cyber Extortion. The Balance small business. Retrieved from https://www.thebalancesmb.com/insuring-against-ransomware-and-other-cyber-extortion-4060470 

[10] Ibid. 

[11] (2013). What Does BlueJacking Mean? Techopedia. Retrieved from https://www.techopedia.com/definition/5045/bluejacking

[12] Bonner, M. (2019) Insuring against Ransomware and other Cyber Extortion. The Balance small business. Retrieved from https://www.thebalancesmb.com/insuring-against-ransomware-and-other-cyber-extortion-4060470

[13] Ibid 

[14] Ibid 

[15] Ibid 

[16] Ibid 

[17] Day, B (2021). Complete Guide to Email Viruses & Best practices to Avoid Infections. Retrieved from https://guardiandigital.com/resources/blog/email-virus

[18] Norton Lifelock (2020). What is smishing? Norton. Retrieved from https://us.norton.com/internetsecurity-emerging-threats-what-is-smishing.html 

[19] Ibid 

[20] (2019) Macro Viruses: What they are and how to avoid them. Sophos Home. Retrieved from https://home.sophos.com/en-us/security-news/2019/macro-viruses.aspx 

[21] Mustafa, D (2022). What is a Boot Sector Virus? Securiwiser. Retrieved from https://www.securiwiser.com/blog/what-is-a-boot-sector-virus/  

[22] Malware Bytes Lab (2020) 2020 State of Malware Report. Retrieved from https://resources.malwarebytes.com/files/2020/02/2020_State-of-Malware-Report.pdf 

[23] Ibid 

[24] vpnMentor (2020). What is spyware? And how to remove it in minutes. Retrieved from https://www.vpnmentor.com/blog/what-is-spyware-and-how-to-remove-it-in-minutes/ 

[25] Beal, V. (2010). What are Cookies and What do Cookies Do?. Retrieved from http://www.webopedia.com/DidYouKnow/Internet/2007/all_about_cookies.asp

[26] Ibid  

[27] (2021). What is a Persistent Cookie? CookiePro. Retrieved from https://www.cookiepro.com/knowledge/what-is-a-persistent-cookie/

[28] (n.d.) What are browser hijackers? Norton. Retrieved from https://us.norton.com/internetsecurity-malware-what-are-browser-hijackers.html

[29] Fortune Business Insights (2020). Market Research Report. Retrieved from https://www.fortunebusinessinsights.com/industry-reports/internet-of-things-iot-market-100307 

[30] Broom, D (2021). 5 Surprisingly hackable items in your home – and what you can do to make them safer. World Economic Forum. Retrieved from https://www.weforum.org/agenda/2021/11/how-to-secure-smart-home-devices/ 

[31] Chester Wisniewski, “7 Tips for Securing the internet of Things.” Naked Security, March 7 2016. https://nakedsecurity.sophos.com/2016/03/07/7-tips-for-securing-the-internet-of-things/