Technology Assignment Paper on Malware

Malware

Computer security threats have become widespread in the contemporary organizations owing to the use of Internet technology. If the organization does not invest on effective tools to safeguard its computer system from malicious software (also referred to as malware), it may become vulnerable to cybercrime, which is a serious threat to the organizational data. Any organization can be susceptible to malware. When one discovers that malware has attacked the organizational computer system, the best thing to do is to carry out an effective response to handle the incident (Ahmad 752). The following steps should be taken after detecting malware attack:

  1. Back Up Personal Files: Although office administrators may have been backing up the files, copying personal files to another place can help in enhancing safety of the data. However, it is not advisable to back up all the files, as some of them may have been infected by malware. Appropriate back up is necessary for easier retrieval.
  2. Disconnect the Computer from the Internet: Before taking any other step, it is essential to disconnect the computer from the internet to prevent the malware from stretching to the private data. When the computer remains connected to the internet, attackers can find ways to connect to the computer through millions of other computers that use the same internet (Kent and Steiner 2). A virus may try to enter the computer through Internet connection, thus, unplugging the Ethernet cable on a desktop or disabling the WiFi on a laptop can help in preventing more attacks.
  3. Boot into Safe Mode or Use an Antivirus Rescue Disk: if an office administrator detects that his/her computer may have been attacked by malware, the best thing to do is to boot it into Microsoft’s Safe Mode. Booting into Safe Mode enables one to prevent non-core elements from running, thus, creating a chance to identify the problems faster. Safe Mode allows only a few basic programs to be loaded (Geier and Norem 1). Additionally, Safe Mode allows easy removal of files, as they are not running or active. If the computer tends to run faster in Safe Mode, it implies that the system has already been infected by malware, or has numerous programs that start together with Windows. If one is using Window 7, pressing F8 key when the computer is starting will lead to a boot options menu, where one can select “Safe Mode.”
  4. Delete Temporary Files and Download Malware Scanners: After opening the computer in Safe Mode, one can delete temporary file to speed up the process of scanning, to free up the disk space, as well as getting rid of some malware. Running a scanner is necessary to get rid of most standard infections. If the computer had been installed with an antivirus that was active, it should not be used. A different scanner is required to detect what the already installed antivirus program failed to detect. Downloading Malwarebytes requires reconnection to the internet, and then disconnect again when starting the actual scanning.  
  5. Scan the Computer using Multiple Programs to Remove All Infections: When it becomes impossible to recognize malware, one can try other tools, which include antivirus or general antimalware programs. Threat scan is the most appropriate in analyzing the most commonly infected files in a computer (Geier and Norem 3). After scanning all the files, Malwarebytes will illustrate the results. If Malwarebytes discover infections, it will portray what they are, and one can click the selected items to remove them from the system. Malwarebytes can instruct the user to restart the computer to complete the process of removing malware. Removing unnecessary software can help in preventing possible attacks by intruders (Kent and Steiner 3). One can remove any software that is not usable to keep the computer safe.
  6. Fix Post-Malware Removal Problems and Change Passwords: When removing malware from the computer, one may interfere with important programs that help in undertaking day-to-day tasks, such as clearing of the cache that assist in accessing the Internet, homepage, as well as missing desktop icons. In some cases, Windows may fail to work properly; hence, one may require reinstalling Windows (Geier and Norem 5). One should ensure that all passwords, which could have been used to access the computer, are changed in order to prevent information that was stolen from the computer to be utilized again and cause more damage to the computer. It is recommendable that one should develop a strong password that combines letters with numbers, as well as use of special characters. 

The organization should ensure that it has an effective antivirus to protect its computer system. Installing an antivirus software program can assist in detecting the presence of malware through the memory of the computer (Kent and Steiner 2). Although most organizations have invested on anti-malware, as well as other technology tools to secure their computer stems, users information security has became a new challenge to such organizations (Safa et al. 68).

In a situation where numerous computers are connected to a server to undertake diverse assignments, malware incidents need to be perceived as constituents of holistic security incident series.

Mitigating and preventing malware attacks should be carried out in several stages so that users can understand effectively how to protect personal information from hackers. The holistic security incident series incorporates for steps, namely, planning, resisting, detecting, and responding. Planning involves understanding the threat landscape (Zeltser n.p). The user should be familiar with his/her malware software, which helps in identifying unfamiliar activity in the computer. Most browsers are capable of resisting malware attacks; hence, they will offer a warning when one tries to open a site infested by malware. The user should focus on the budget that could be used to protect organizational information.

The second step involves resisting, where one implements policies to resist malicious software attacks. This incorporates protecting web browsing and keeping ip with security patches. The third stage incorporates detecting the presence of malware through antivirus software. This stage also involves educating other users on how to identify signs of malware attacks and report them.

The last step is responding to a confirmed malware incident through containment, eradication, and recovery. Containing malware assists in inhibiting the attempts by malware to compromise the organizational data while eradication involves the removal of malware artifacts (Zeltser n.p). Recovery is the return of normal operations, which is supported by a continual examination of IT infrastructure.

Works Cited

Ahmad, Ateeq. “Type of security threats and it’s prevention.” International Journal of Computer Technology & Applications, vol.3, no. 2, 2012, pp. 750-752.

Geier, Eric, and Josh Norem. “How to remove malware from your Windows PC,” PC World, June 20, 2017, http://www.pcworld.com/article/243818/security/how-to-remove-malware-from-your-windows-pc.html. Accessed 28 July 2017.

Kent, Jennifer, and Katie Steiner. “Ten ways to improve the security of a new computer.” United States Computer Emergency Readiness Team, 2012, http://corpsecgroup.com/pdf/computer_security.pdf. Accessed 28 July 2017.

Safa, Nader Sohrabi, Mehdi Sookhak, Rossouw Von Solms, Steven Furnell, Norjihan Abdul Ghani, and Tutut Herawan. “Information security conscious care behaviour formation in organizations.” Computers & Security, vol.53, 2015, pp. 65-78.

Zeltser, Lenny. “4 steps to combat malware enterprise-wide,” Zeltser Security Corp, 2015, https://zeltser.com/malware-in-the-enterprise/ Accessed 4 August 2017.