Electronically Transmitted Disease (ETD) – Know Your Status
Recently on LinkedIn there was an article from the bbc.com website where it was discovered government employee had been visiting pornographic websites on their government issues computers. As a result, their computers were infected with malware.
This is not a new concept. People have been misusing their work computers for years. The internet is filled with horror stories describing how people ruined their careers because of what they viewed, searched, or posted on the internet using their work computers.
As I continued to read the article, there were some obvious parallels that could be drawn between getting infected with malware and contracting sexually transmitted diseases. I know, this sounds weird, but think about it; Johnny goes to a bar, meets someone for the first time, has unprotected sex, and ends up with a sexually transmitted disease (STD). In the case of a computer, the employee went to an unknown or unclean website, clicked on some pictures, and became infected with malware or what I will now call an electronically transmitted disease (ETD).
I did a quick google search for term “electronically transmitted disease” and the only thing that came up on first page of results was a definition on Urban Dictionary.
Urban Dictionary defined electronically transmitted disease as, “The contraction of any form of malware on a computer, as a result of searching for or accessing pornography from your computer or mobile device.”
To be honest, this is a solid definition. However, I want to expand the definition beyond pornographic websites. After all, regardless of whether you visit a pornographic site or espn.com, you are still susceptible to contracting an ETD. It is definitely less likely to happen while visiting espn.com, but it is possible.
So, with this definition of ETDs in mind, let’s examine some of the different types of malware that can fall under the label of an ETD. This list is not exhaustive, but it is a good start. I found this list in an article on csoonline.com
- Viruses – Most people refer to all malware using the generic term “virus.” In actuality, viruses are very specific in how they function. The goal of a computer virus is to modify legitimate programs or files in a way that when executed by the end user, it will also activate the virus. Today, viruses only account for about 10% of the malware we see.
- Worms – Worms have been around longer than viruses. Some of the first cases of worms were discovered because a programmer botched something and it spawned a worm. The most important distinction between worms and viruses is that the worm has the ability to self-replicate. In fact, one of the primary reason’s worms were so prevalent in the 90’s was because they did not require any user interaction for them to spread. Anyone remember the “I Love You” worm?
- Trojans– Computer worms were replaced by Trojan horse malware programs as the weapon of choice for hackers. Trojans masquerade as legitimate programs, but they contain malicious instructions. Trojans in some form are used in just about every malware attack. Remember, the goal of an attacker is to get you to execute the malware without realizing. To do that, the malware must be disguised.
- The trojan can be disguised as a popup, or it can come in the form of an email. Whatever method is used, the goal is the same, which is to infect your computer or mobile device with something bad.
- Hybrids and exotic forms – Today, most malware is a combination of traditional malicious programs, often including parts of Trojans and worms and occasionally a virus. Usually the malware program appears to the end-user as a Trojan, but once executed, it attacks other victims over the network like a worm.
- Many of today’s malware programs are considered rootkits or stealth programs. Essentially, malware programs attempt to modify the underlying operating system to take ultimate control and hide from antimalware programs. To get rid of these types of programs, you must remove the controlling component from memory, beginning with the antimalware scan.
- Bots are essentially Trojan/worm combinations that attempt to make individual exploited clients a part of a larger malicious network. Botmasters have one or more “command and control” servers that bot clients check into to receive their updated instructions. Botnets range in size from a few thousand compromised computers to huge networks with hundreds of thousands of systems under the control of a single botnet master. These botnets are often rented out to other criminals who then use them for their own nefarious purposes.
- Ransomware – Malware programs that encrypt your data and hold it as hostage waiting for a cryptocurrency pay off has been a huge percentage of the malware for the last few years, and the percentage is still growing. Ransomware has often crippled companies, hospitals, police departments, and even entire cities.
- Fileless malware – Fileless malware isn’t really a different category of malware, but more of a description of how they exploit and persevere. Traditional malware travels and infects new systems using the file system. Fileless malware, which today comprises over 50 percent of all malware and growing, is malware that doesn’t directly use files or the file system. Instead they exploit and spread in memory only or using other “non-file” OS objects such as registry keys, APIs or scheduled tasks.
- Adware – At some point, you have had a popup ad that would not go away or you have dealt with your homepage redirecting you to some website you have never heard of. This is called adware. The goal is to force you to buy something.
- Spyware – This is the stalker tool of choice. Spyware is most often used by people who want to check on the computer activities of loved ones. From an attacker, spyware is used to log your keystrokes in an attempt to steal your passwords.
As you can see, there are a number of different types of malware that can be classified as an ETD. Even still, we need to take it a bit further and focus on one very important delivery method for these ETDs. Ponder this; you attempt to go to your favorite website, but you transpose one of the letters in the URL. As a result, you are sent to the wrong website. Just because you visited that website, you were infected with an ETD. You didn’t click, download, or even read anything, but you still got infected. Think of it as the equivalent of an airborne disease. Just by simply being in the room, you are now infected.
This delivery method is called a drive-by-download. This delivery method, as you can imagine, is extremely effective. Here’s how it works:
- Attackers look for websites that are vulnerable. Typically, the vulnerabilities exist because the servers hosting the website were not patched or updated.
- The attacker will then embed something called an exploit kit on that web server.
- When someone visits the website that is hosted on that web server, the exploit is programmed to search for specific vulnerabilities on your web browser or computer and when that vulnerability is present, it can infect you with an ETD.
At this point, you may be asking yourself, what are the best ways to protect against contracting an ETD. Unfortunately, there are no full proof ways to ensure you will not get infected, but there are some things you can do to lower your risk.
The following are some tips you can use to help you:
- Limit the websites that you visit to “mainstream” sites or sites that are well known and have good reputations. Typically, well-known sites have a lower degree of risk because the owners of the sites understand being a source of ETDs could be disastrous for their business.
- Keep your web browser and your operating system updated. This will limit the number of vulnerabilities that can be exploited on your computer or mobile device.
- Use anti-virus and ad-blockers to help detect malware or prevent malware from infecting you.
- Limit the number of programs you have running on your computer or mobile device. The more programs you have the more vulnerabilities you will have. The more vulnerabilities you have the more susceptible you are to ETDs.
Remember, know your ETD Status, it can save your credit, reputation, and your business.