A dangerous online world

Artur Khanov, a tutor from the Department of Secure Information Technologies at ITMO University, boldly claims that viruses in their purest sense do not occur in the wild. Cohen first defined a computer virus as "a program that can infect other programs by modifying them to include a possibly evolved copy of itself." They were considered as an example of artificial life within a computer. In those days (late 80s, early 90s) there other issues emerged such as "worms" (which infected other computers on the network), "rabbits" and "logic bombs". But now malware has gotten a lot trickier.

There are different types of malware. For example Trojans are a type of malware that acts as though it is legitimate but once activated in a computer can make a number of attacks from the inside, but Trojans don’t have the ability to self-replicate like worms or viruses, they are mostly spread via email attachments or downloading something from the internet.

Gregory Sablin who is a student at the Department of Secure Information Technologies at ITMO University says that originally malware was something that was created by one or two programmers just to test or demonstrate what an attack on a computer looks like. In those days, virus protection was unnecessary. There was no concept of information security before. Internet wasn’t connected all the time, and your bank card wasn’t used online. Now that lots of people use computers, and so do large corporations and governments now one can conduct fraud using computers. Before attackers wanted to just hurt the user, but now these tools are being used to secretly get private information such as passwords and credit card data. Now malware is being developed on an industrial scale with many functions and which can be used as a cyber weapon or a tool to steal money and valuable information. It’s all becoming extremely large-scale and it’s all happening behind the scenes.

"There are a lot of people involved in an attack. It includes the creators of the viruses, the people who are looking for vulnerabilities in software and exploiting them. It also includes a lot of other people, for example who host malicious websites, or sell stolen information, or even people who hide malicious files in anti-virus software. People are making money out of all these opportunities." explains Gregory Sablin.

These kinds of criminals aren’t just sitting back, they’re actively waiting for ways to infect and destroy. Even the popular messenger Telegram is being used to transfer malicious data. Attackers are now finding ways to get into iOS too without "jailbreaking".

These days malware can be described like a "dragon" from which continuously emerges a new head. One head of the dragon is responsible for the infection of routers, onboard computers in cars and web-cameras. Another is responsible for attacking critical infrastructure like hospitals and nuclear power plants, a third performs cyber attacks on governments, and a fourth steals personal data. The list goes on.

Filtering the Myths

The Master-USB. Movie buffs reading this probably have watched at least one spy movie which featured a USB drive that had a program on it that could hack any system. Experts at all levels have acknowledged that a program that can find all previously unknown vulnerabilities in the system is as unlikely as perpetual motion.

"I’m not afraid of viruses; I have nothing anyone would want to steal". Such an attitude to security and cleaning our electronic devices is much like HIV dissidence. A user who doesn’t feel the need to protect his data, sooner or later will infect others with malware who certainly did not want it.

Antivirus is a panacea. Antivirus software is definitely needed. But, unfortunately technology designed to destroy is currently ahead of technology designed to protect. Artur Khanov explains that "when an attacker creates something, he makes sure that it won’t be detected by any antivirus. There are even paid services on the black market that can check such things."

Antivirus companies create the viruses. This is nonsense, and exactly the same as the assertion that journalists and firefighters set fire to houses themselves in order to keep their jobs.

And now — bad advice you definitely should not listen to

Always trust security certificates! Certification authorities are just trying to make money, and a strange warning in the browser is probably just a mistake.

If you pick up a USB stick on the street, then immediately put it in your computer and launch everything that is in it.

If a js file doesn’t open on your computer, try to open it on the computers of all your friends. Find the hero, which opens it.

If the license of your antivirus runs out, don’t renew it. The very existence of this program on the computer already scares off all the horrible viruses.

So that you don’t forget all your different passwords, use only one. Even better, make a tattoo on your left wrist so you definitely don’t lose it.

By some miracle, you found Moscow’s metro Wi-Fi in St. Petersburg. The great internet has heard your prayers and given you this gift, connect and use it straight away.

Online-lottery? You have won a million rubles? You were informed about this via a pop-up window full of animations and bright pictures? You should definitely believe it.

Back to top