Friday, September 13, 2019

Cyber Security Malware With Case Study Explained

Malware With Case Study Explained

Before going to the examples, in corporate environments firewall is used to block the Malware to stop spreading to other segment.


Infections At Home:

In home shared system has been attacked by any unwanted applications downloaded. For Example downloading a game.

Case Study In Corporate Environments:


Before we going to see company. Some of the Malware created a big impact in corporate and government agency.

  • Creeper and Reaper- circa 1991-first virus created by Bob Thomas 
  • Elk cloner - circa 1981- created by Rich Skrenta. 
  • Stuxnet - which was attacked Saudi Aramco in 2010.
  • Zeus or Zbot-which is a Malware comprised online banking accounts in 2010,implementation on zero day. 
In Corporate Environments they have segmented organisations email based on internal and outside organisations.
  • When a  employee opens a Phishing email which is well crafted to impress the user as relevant to them. 
  • When a employee opens the document and runs the macro attached in the email. 
  • Malware starts to infect the documents and finds the flaws in the network. 
  • Malware scans and finds SAN (Storage Area Network) and NAS(Network Attached Storage). 
  • For example if Ransomeware link is clicked ransome ware encrypts files and asks £14000
  • Spy agencies tapping the fiber optic cable and looking for all traffic. 
  • NAS that is national security agency has done above 61000 hacking operations World wide. 
  • By installing backdoor surveillance software in basis of flaws in network. 

Protection from these type of attack:
  • By email filtering and antivirus controls 
  • By making user awareness in organisation culture employees are first line of defense.
  • Finding critical assets and limited access to that asset. And checking access are properly used by employee if he is not using revoking access from them. 
  • Most common Malware will be antivirus, classic antivirus will have more defects. I oder to protect that we need to follow. Proper patch management, IDS & IPS, WAF&HIPS.

Note: IPS- intrusion prevention system, IDS-intrusion  detection system, WAF-Web application firewall, Hips-host intrusion prevention firewall. 

Defining Critical Assets:
  • Segmentation 
  • Use golden codes to images
  • Auto updating
  • Secure SDLC
  • Policy creation and limiting access /privilege. 


Hill Station view :

1 comment:


  1. If you ever want to change or up your university grades contact cybergolden hacker he'll get it done and show a proof of work done before payment. He's efficient, reliable and affordable. He can also perform all sorts of hacks including text, whatsapp, password decrypt,hack any mobile phone, Escape Bancruptcy, Delete Criminal Records and the rest

    Email: cybergoldenhacker at gmail dot com

    ReplyDelete