Ka Vang
Walden University
The Malware Life Cycle There are many risks involved in cyber security, some more serious than others. This can range from viruses erasing an entire system, attackers hacking into a system and modifying files or attacking others, compromising sensitive information such as credit card and personal information, and more. Although these types of issues exist, there is no guarantee that even taking the best precautions will ensure 100% protection. Instead, the best option is to take the necessary steps to minimize the chances.
Motivations and Evolutions A hacker’s motivation is varied and complex. Siciliano (2011) states that there are seven types of hacker motivations:
• White …show more content…
During this phase, the social networking and phishing emails are used to intrude into an organization’s network. Deerman (2012) shares that the phishing emails are:
• Highly focused with attacks embedded as part of the email
• Targets individuals with elevated access within the organization
• Malicious attachments are in the emails for users to click so the infectious code can install the malware
The third phase is the infiltration phase. Once the network has been infiltrated, a connection between the installed malware and the compromised system will be controlled by the attacker on a Command & Control (C2) server. Deerman (2012) explains that though the C2 connections may only last a short while and only connect to a single system, it can still achieve gaining privileged access to the system, updating and installing utilities to collect necessary information, spreading the infection in the network, and more. From the defensive perspective, there are also three phases to ensure security. Flynn (2013) states that the phases include:
• Blocking known threats – Real-time protection used to block malware through secure gateways
• Analyzing unknown threats – Using sandboxing technologies to examine unknown content to make sure it is not …show more content…
Without it, how else will an organization know what their weaknesses are and what they can do to improve their defenses? As mentioned previously, Deerman (2012) found that there are three main phases of the malware lifecycle. Through the good intentions of implementing white hat hacking, an organization will be able to clearly see the vulnerabilities in their system and where attackers will most likely hit first. Understanding the offensive and defensive perspectives of the malware lifecycle will equip the organization with the adequate skills and tools to disable the first phase from developing so the malware never reaches the second or third phases. The best method of security is to always take preventative