Remarkable Security Vulnerabilities and Malware Attacks


Computer and Internet technologies have gone through amazing trends and developments that have always made headlines in the news since they’ve been around over the past several decades. With the way that these technologies have made everyday tasks like household budgeting and scientific research significantly easier and faster than ever before, they are certainly newsworthy. What have also made their mark in the news and in history just as much as these technological developments have been the malware and security vulnerabilities that have plagued computers, online networks, and the individuals and organizations that use these technologies. Unfortunately, although countermeasures like anti-virus programs and security patches have been implemented to mitigate these threats and weaknesses, the long-term and especially costly effects of these dangers have been indelibly etched into the memories of people all over the world. That’s because they have destroyed vital electronic data, shut down business operations and services, and facilitated malicious infiltration and theft of money and proprietary information.

Security Flaws

HeartBleed

The now deprecated Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), are cryptographic protocols that secure computer network communications. These protocols provide security for things such as email, websites, and instant messaging. In 2014, a security bug in the Open SSL cryptography library, which is a collection of software used to implement the TLS protocol, was publicly disclosed in 2014. This bug even had its own dedicated website at heartbleed.com. What made this bug dangerous was that it allowed information that would normally be protected by SSL/TLS encryption, which also secures the Internet, to be stolen. With this vulnerability, the memory of systems using this vulnerable OpenSSL library can be read, hackers can eavesdrop on communication, and the hackers can also directly steal information including names, passwords, decryption keys, and more from services and users. To address this bug, a fixed version of the OpenSSL library was released for users and organizations to deploy in their systems.

Shellshock

Another security weakness that was announced to the public in 2014 was Shellshock, also known as Bashdoor or Bash Bug. Impacting a majority of the versions of Linux and Unix operating systems as well as the Mac OS X system, this bug was discovered in Bash, a command language interpreter. This bug allowed attackers to use Bash to execute random commands that can let them seize control of a computer, especially putting web servers at risk. If exploiting this vulnerability on a web server, for instance, attackers can drop password files or download malware onto computers, spreading the infection to other devices on the same network as the targeted computers. Patches were released to help counter this bug, but major organizations including Yahoo!, Akamai Technologies, and the U.S. Department of Defense ended up being affected by Shellshock.

Ghost

Named after the class of functions that trigger it, GetHOST, the Ghost security bug was first discovered by the security firm Qualys in 2015. It was specifically found in the Linux GNU C Library (glibc), which furnishes the key libraries for Linux systems and those using Linux as the kernel, and it could allow cyber attackers to execute random code on Linux systems. Interestingly, a patch for this vulnerability had been available since 2013, but the failure of organizations to implement this patch because they chose to keep running old Linux versions that they felt were more stable, led to the GHOST bug continuing to be a weakness that could be exploited.

Stagefright

Stagefright affected devices running Android operating systems, and it was publicly disclosed in 2015. The name of this vulnerability actually collectively refers to a group of seven software flaws in an Android part called Stagefright that is responsible for media playback. The bugs, if exploited, allowed hackers to use the Android media library to execute malicious code to send a targeted device a multimedia message (MMS) that gives the hacker control over an Android device, which includes access to a victim’s files. Mitigation efforts in the form of patch releases had been made by Google to address Stagefright, but it had been reported that the patches are not supported by all MMS applications, so millions of devices were still at risk for cyberattacks.

Malware

Morris Worm

The Morris Worm was the first type of malware to reach mainstream news status in 1988. It was created by Robert Morris, a computer science graduate student at Cornell University. Morris created a self-reproducing and self-propagating program and released it into the Internet not to cause any destruction, but to run an experiment that would quantify the size of the Internet. However, an error in his code caused the program to replicate and spread to computers faster than he expected. It soon led to computers all over the United States, including those of universities, medical research institutions, and military locations, either becoming severely slow or crashing. As a result of his actions, Morris became the first felon convicted under the 1986 Computer Fraud and Abuse Act.

Melissa Virus

The Melissa virus was unleashed in 1999 by David L. Smith. It was a macro virus, which is a computer virus that is written in a macro language, a programming language that is also used for software applications like word processor programs. Melissa was spread through Microsoft Word email attachments. The email would have the subject “Important Message From [sender’s name],” the body message said “Here is that document you asked for…don’t show anyone else ;-),” and a Word document labeled “list.doc” was enclosed as an attachment. If a victim’s computer had the Microsoft Outlook application installed, then the virus would send the email to the first 50 contacts in the Outlook program’s address book. Though the virus did not have malicious capabilities that could destroy files, for instance, it had the ability to disable mail servers because it overloaded servers each time it was sent to a new victim. It actually forced Microsoft to shut down its inbound email system.

ILoveYou Worm

As a worm that reared its head on the Internet in 2000, ILoveYou was a standalone program that originated from the Philippines. Also known as Love Bug or Love Letter, this worm was initially transmitted through an email message that included the subject  line “I LOVE YOU” and an attachment named “LOVE-LETTER-FOR-YOU.TXT.vbs.” The .vbs extension indicated the presence of a Visual Basic script program that, once the attachment was opened, would send the email message to all the contacts in the victim’s Outlook address book and would also overwrite and consequently destroy various types of files on the victim’s device including MP3 files, JPEG files, and more. The worm spread rapidly from the Philippines to the west, impacting many corporate organizations. It was reported that the worm reached approximately 45 million users in one day.

WannaCry Ransomware

WannaCry was a worldwide cyberattack that took place in 2017. It was a ransomware cryptoworm attack that targeted computers using Windows operating systems, encrypting all the files on hard drives on these machines. It rendered the files inaccessible until the owners paid a ransom in the cryptocurrency Bitcoin. It was exploitation of a vulnerability named EternalBlue in older Windows systems believed to be first discovered by the U.S. National Security Agency that made this attack possible. Aware of the vulnerability before the ransomware attacks began, Microsoft did release patches to fix the vulnerability, but some organizations did not implement the patches or were using systems that were too old and just needed to be replaced. Believed to be caused by a cybercrime organization associated with North Korea, the WannaCry attack impacted major entities all over the world, such as the National Health Service in Britain and Scotland, the University of Montreal in Canada, state governments in India, and Russian Railways.

No comments

Note: Only a member of this blog may post a comment.

Powered by Blogger.