Close Menu
TechCentralTechCentral

    Subscribe to the newsletter

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    Facebook X (Twitter) YouTube LinkedIn
    WhatsApp Facebook X (Twitter) LinkedIn YouTube
    TechCentralTechCentral
    • News

      World Bank set to back South Africa’s big energy grid roll-out

      20 June 2025

      The algorithm will sing now: why musicians should be worried about AI

      20 June 2025

      Sita hits back at critics, promises faster, automated procurement

      20 June 2025

      The transatlantic race to create the first television

      20 June 2025

      Listed: All the MVNOs in South Africa – 2025 edition

      19 June 2025
    • World

      Watch | Starship rocket explodes in setback to Musk’s Mars mission

      19 June 2025

      Trump Mobile dials into politics, profit and patriarchy

      17 June 2025

      Samsung plots health data hub to link users and doctors in real time

      17 June 2025

      Beijing’s chip champions blacklisted by Taiwan

      16 June 2025

      China is behind in AI chips – but for how much longer?

      13 June 2025
    • In-depth

      Meta bets $72-billion on AI – and investors love it

      17 June 2025

      MultiChoice may unbundle SuperSport from DStv

      12 June 2025

      Grok promised bias-free chat. Then came the edits

      2 June 2025

      Digital fortress: We go inside JB5, Teraco’s giant new AI-ready data centre

      30 May 2025

      Sam Altman and Jony Ive’s big bet to out-Apple Apple

      22 May 2025
    • TCS

      TCS+ | AfriGIS’s Helen Hulett on how tech can help resolve South Africa’s water crisis

      18 June 2025

      TechCentral Nexus S0E2: South Africa’s digital battlefield

      16 June 2025

      TechCentral Nexus S0E1: Starlink, BEE and a new leader at Vodacom

      8 June 2025

      TCS+ | The future of mobile money, with MTN’s Kagiso Mothibi

      6 June 2025

      TCS+ | AI is more than hype: Workday execs unpack real human impact

      4 June 2025
    • Opinion

      South Africa pioneered drone laws a decade ago – now it must catch up

      17 June 2025

      AI and the future of ICT distribution

      16 June 2025

      Singapore soared – why can’t we? Lessons South Africa refuses to learn

      13 June 2025

      Beyond the box: why IT distribution depends on real partnerships

      2 June 2025

      South Africa’s next crisis? Being offline in an AI-driven world

      2 June 2025
    • Company Hubs
      • Africa Data Centres
      • AfriGIS
      • Altron Digital Business
      • Altron Document Solutions
      • Altron Group
      • Arctic Wolf
      • AvertITD
      • Braintree
      • CallMiner
      • CYBER1 Solutions
      • Digicloud Africa
      • Digimune
      • Domains.co.za
      • ESET
      • Euphoria Telecom
      • Incredible Business
      • iONLINE
      • Iris Network Systems
      • LSD Open
      • NEC XON
      • Network Platforms
      • Next DLP
      • Ovations
      • Paracon
      • Paratus
      • Q-KON
      • SevenC
      • SkyWire
      • Solid8 Technologies
      • Telit Cinterion
      • Tenable
      • Vertiv
      • Videri Digital
      • Wipro
      • Workday
    • Sections
      • AI and machine learning
      • Banking
      • Broadcasting and Media
      • Cloud services
      • Contact centres and CX
      • Cryptocurrencies
      • Education and skills
      • Electronics and hardware
      • Energy and sustainability
      • Enterprise software
      • Fintech
      • Information security
      • Internet and connectivity
      • Internet of Things
      • Investment
      • IT services
      • Lifestyle
      • Motoring
      • Public sector
      • Retail and e-commerce
      • Science
      • SMEs and start-ups
      • Social media
      • Talent and leadership
      • Telecoms
    • Events
    • Advertise
    TechCentralTechCentral
    Home » Alistair Fairweather » Viruses go from nuisance to plague

    Viruses go from nuisance to plague

    By Alistair Fairweather20 January 2014
    Twitter LinkedIn Facebook WhatsApp Email Telegram Copy Link
    News Alerts
    WhatsApp

    Alistair-Fairweather-180-profileBiological viruses are among the most rapidly evolving organisms on our planet. The same is true of computer viruses, except that malevolent human organisations are driving this evolution, not natural selection. The most recent strains of these digital pathogens are evidence that virus makers have reached a new level of sophistication.

    Take CryptoLocker, a nasty piece of “ransomware” that swept through the world in October 2013. After tricking you into installing it — usually by masquerading as an attachment to a legitimate business-related e-mail — CryptoLocker sets about stealthily encrypting every file on your computer.

    This encryption essentially scrambles all your files, making them unusable by man or machine until they are decrypted. Since CryptoLocker uses 2 048-bit encryption — what used to be considered “military grade” — it is impossible to decrypt any of your data without having the appropriate decryption key.

    That’s where the “ransom” part comes in: when CryptoLocker has succeeded in encrypting all your files it pops up a window demanding US$300 (or more) for the key that will decrypt them. It gives its hapless victim 72 hours to comply, after which the key is deleted forever. Payment is only accepted via (effectively) untraceable mechanisms like BitCoin and digital money orders that can only be purchased with cash.

    The fact that criminals are using our own security tools to attack us is not particularly new. The computer security arms race has always been complicated by the fact that our enemies have access to the same (and sometimes better) technologies as those who defend us.

    What is new is how organised and sophisticated these criminal gangs have become. Two decades ago, viruses were almost exclusively the province of spotty misanthropes residing in their mothers’ basements. These were people with an axe to grind or a point to prove (usually about their prowess at programming), not profit-maximising criminal enterprises.

    What makes this new breed of virus maker particularly dangerous is that they have the resources to buy their way into digital ecosystems once effectively protected by their pay-to-play nature.

    The global digital advertising supply chain is a perfect example of such an ecosystem. In the past 18 months, criminals have begun using a technique known as “malvertising” to attack the readers of large online publishers.

    These criminals pose as legitimate buyers of advertising space, often purporting to be placing advertisements on behalf of trusted online brands. They approach online publishers or advertising networks (who buy and sell advertising space in bulk) and offer to buy large chunks of inventory, often over holiday periods. They are willing to pay up-front for this advertising space, although they will try to negotiate 30- or 60-day payment terms if they can.

    For the first few days of the agreement, the criminals deliver innocuous but fake adverts to the unwitting publishers — just enough time to lull them into a false sense of security. As soon as the proverbial coast is clear, the criminals switch the fake adverts with malicious code that can infect readers’ computers with viruses or fool them with scams.

    Then, before either the readers or the publishers realise what is happening, the criminals switch back to the fake advert again, rendering the attack undetectable. They then repeat this cycle until they get caught.

    This kind of bait-and-switch technique is possible because of the highly distributed and syndicated nature of online advertising. Adverts are often delivered to publishers via third-party services; systems that act like giant clearinghouses for advertising space, matching buyers and sellers.

    These services themselves routinely accept syndicated adverts, meaning that by the time an advert reaches a reader it might have passed through half a dozen different service providers. If only one of these service providers has lax security measures, the whole supply chain can be corrupted.

    The Mail & Guardian was the target of a malvertising attack late last year. In our case, the criminals were using another kind of ransomware — one that impersonates antivirus software and requires you to pay to “upgrade” it and remove the viruses it has so helpfully detected.

    The nature of the attack was so stealthy and sophisticated that it took the publication weeks to track down the source. Thankfully, we have friends in the information security industry who helped us to do so. A smaller publisher might never have found and plugged this hole.

    Another example of criminals’ increasing willingness to invest money upfront in their attacks emerged last week. Malware distributors have begun buying popular Google Chrome extensions and then using them to launch attacks on unsuspecting users.

    Extensions are small pieces of software that add custom functionality to a browser. They typically do things like save a link to your favourite bookmark tool or share the article you are reading to Facebook. What makes them dangerous is that they can be remotely updated by their author without you giving them explicit permission.

    This kind of unguarded back door is like mother’s milk to criminals. Once they have control over the extension, they use it to silently inject all manner of horrific attacks into the users’ computers. And because browser extensions are the last place most people would think to look, these attacks can continue for some time.

    hacker-640

    It’s tempting to blame the original authors of the extensions, but if someone approached you and offered to pay you several thousand dollars for a piece of software that took you a couple of hours to write, chances are you would also sell.

    And the fact that criminals are willing to spend tens of thousands of rands up front shows you both how lucrative their activities are and how skilled they are at balancing costs with benefits. Researchers at Symantec, a security firm, infiltrated the servers of a ransomware operation and found data that suggested these gangs can make millions of dollars per year from their schemes.

    When Fred Cohen coined the term “computer virus” in his 1986 PhD thesis, he probably had no idea how apt it would prove. Nearly 30 years later, they have mutated well beyond disruptive nuisances into relentless plagues that can kill or cripple entire computer networks and the businesses that rely on them.

    And yet these criminals remain the minority. Computers have created trillions of dollars of value and unleashed the talents of billions of people. I would not exchange these enormous benefits for a world without viruses. But governments and ordinary citizens need to educate themselves about these threats, and soon. They are only going to get worse.  — (c) 2014 Mail & Guardian

    • Alistair Fairweather is chief technology officer at the Mail & Guardian
    • Visit the Mail & Guardian Online, the smart news source


    Alistair Fairweather CryptoLocker Fred Cohen Symantec
    Subscribe to TechCentral Subscribe to TechCentral
    Share. Facebook Twitter LinkedIn WhatsApp Telegram Email Copy Link
    Previous ArticleQuestions over SA’s mystery satellite
    Next Article ANC looks to mobile app for votes

    Related Posts

    Managed IT services best for SME cybersecurity

    27 July 2023

    The 10 most dangerous computer viruses ever created

    9 May 2023

    Microsoft takes control of ransomware botnet amid US election threat

    12 October 2020
    Company News

    Making IT happen: how Trade Link gears up to enable SA retail strategies

    20 June 2025

    Why parents choose CambriLearn for online education

    19 June 2025

    Disrupt first, ask questions later – the uncomfortable truth about incident response

    18 June 2025
    Opinion

    South Africa pioneered drone laws a decade ago – now it must catch up

    17 June 2025

    AI and the future of ICT distribution

    16 June 2025

    Singapore soared – why can’t we? Lessons South Africa refuses to learn

    13 June 2025

    Subscribe to Updates

    Get the best South African technology news and analysis delivered to your e-mail inbox every morning.

    © 2009 - 2025 NewsCentral Media

    Type above and press Enter to search. Press Esc to cancel.