ngCERT Malware Security Tip On Malicious Code

The incessant increase in malware infections of computer systems, networks and smart devices globally should be a course of concern to every organisation. To this effect, it is imperative on everyone, every organisation either public or private to secure its ICT assets against malwares. This malware security tips is disseminated to further consolidate government campaign against malicious code. What is malicious code? Malicious code is unwanted files or programs that can cause harm to a computer or compromise data stored on a computer. Various classifications of malicious code include viruses, worms, and Trojan horses. Viruses have the ability to damage or destroy files on a computer system and are spread by sharing an already infected removable media, opening malicious email attachments, and visiting malicious web pages. Worms are a type of virus that self-propagates from computer to computer. Its functionality is to use all of your computer’s resources, which can cause your computer to stop responding. Trojan Horses are computer programs that are hiding a virus or a potentially damaging program. It is not uncommon that free software contains a Trojan horse making a user think they are using legitimate software, instead the program is performing malicious actions underground on your computer. Malicious data files are non-executable files—such as a Microsoft Word document, an Adobe PDF, a ZIP file, or an image file that exploits weaknesses in the software program used to open it. Attackers frequently use malicious data files to install malware on a victim’s system, commonly distributing the files via email, social media, and websites. How can you protect yourself against malicious code? Following these security tips can help you reduce the risks associated with malicious code: Install and maintain antivirus software. Use caution with links and attachments. Block pop-up advertisements. Use account with limited permissions. Disable external media Auto Run and AutoPlay features. Change your passwords periodically. Keep software updated. Back up data. Install or enable a firewall. Use anti-spyware tools. Monitor accounts. Avoid using public Wi-Fi. How to recover if you become a victim of malicious code? Using antivirus software is the best way to defend your computer against malicious code. If you think your computer is infected, run your antivirus software program. Ideally, your antivirus program will identify any malicious code on your computer and quarantine them so they no longer affect your system. You should also consider these additional steps: Minimize the damage. If you are at work and have access to an information technology (IT) department, contact them immediately. The sooner they can investigate and “clean” your computer, the less likely it is to cause additional damage to your computer and other computers on the network. If you are on a home computer or laptop, disconnect your computer from the internet, this will prevent the attacker from accessing your system. Remove the malicious code. If you have antivirus software installed on your computer, update the software and perform a manual scan of your entire system. If you do not have antivirus software, you can purchase it online or in a computer store. If the software cannot locate and remove the infection, you may need to reinstall your operating system, usually with a system restore disk. Note that reinstalling or restoring the operating system typically erases all of your files and any additional software that you have installed on your computer. After reinstalling the operating system and any other software, install all of the appropriate patches to fix known vulnerabilities. Threats to your computer will continue to evolve. Although you may not be able to eliminate every hazard, but applying necessary caution, installing and using antivirus software, and following other simple security practices, you can significantly reduce your risk and strengthen your protection against malicious code.