EFFECTS OF COMPUTER MALWARES IN INCOME GENERATION OF

MINESKI INFINITY

CHAPTER 2

This chapter includes the ideas, finished thesis, generalization or conclusions,

methodologies and others. Those were included in this chapter helps familiarizing

information about the certain topics that are relevant and similar to the present studies

Related Literature

Malware

Malware, short for malicious software, is any software used to disrupt computer

operations, gather sensitive information, gain access to private computer systems, or

display unwanted advertising. Malicious software was called computer virus before the

term malware was coined in 1990 by Yisrael Radai. The first category of malware

propagation concerns parasitic software fragments that attach themselves to some existing

executable content. The fragment may be machine code that infects some existing

application, utility, or system program, or even the code used to boot a computer system.

Malware is defined by its malicious intent, acting against the requirements of the computer

user, and does not include software that causes unintentional harm due to some deficiency.

Malware may be stealthy, intended to steal information or spy on computer users for an

extended period without their knowledge, as for example Regin, or it may be designed to

cause harm, often as sabotage (e.g., Stuxnet), or to extort payment (CryptoLocker).

'Malware' is an umbrella term used to refer to a variety of forms of hostile or intrusive

software, including computer viruses, worms, trojan horses, ransomware, spyware, adware,

scareware, and other malicious programs. It can take the form of executable code, scripts,

active content, and other software. Malware is often disguised as, or embedded in, non-

malicious files. As of 2011 the majority of active malware threats were worms or trojans

rather than viruses. (Creutzburg, Reiner 2016, Handbook of Malware 2016)

Virus creation laboratory was first UI tool for creating viruses. User could select

features of virus and create it. This made virus creation easy. It has some disadvantages,

but almost anyone using this GUI tool could create virus. (Milošević, Nikola 2015, History

of malware)

The best-known types of malware, viruses and worms, are known for the manner

in which they spread, rather than any specific types of behavior. The term computer virus

is used for a program that embeds itself in some other executable software (including the

operating system itself) on the target system without the user’s consent and when that is

run causes the virus to spread to other executables. On the other hand, a worm is a stand-

alone malware program that actively transmits itself over a network to infect other

computers. These definitions lead to the observation that a virus requires the user to run an

infected program or operating system for the virus to spread, whereas a worm spreads itself.

(Creutzburg, Reiner 2016, Handbook of Malware 2016)

 Many early infectious programs, including the first Internet Worm, were written as

experiments or pranks. Today, malware is used by both black hat hackers and governments,

to steal personal, financial, or business information. Malware is sometimes used broadly

against government or corporate websites to gather guarded information, or to disrupt their

operation in general. However, malware is often used against individuals to gain

information such as personal identification numbers or details, bank or credit card numbers,

and passwords. Left unguarded, personal and networked computers can be at considerable

risk against these threats. (These are most frequently defended 1 2 CHAPTER 1.

MALWARE - INTRODUCTION Trojan horses 69.99% Viruses 16.82% Backdoor 1.89%

Spyware 0.08% Adware 2.27% Worms 7.77% Others 1.18% Malware by categories March

16, 2011 Malware by categories on 16 March 2011. against by various types of firewall,

anti-virus software, and network hardware). Since the rise of widespread broadband

Internet access, malicious software has more frequently been designed for profit. Since

2003, the majority of widespread viruses and worms have been designed to take control of

users’ computers for illicit purposes. Infected "zombie computers" are used to send email

spam, to host contraband data such as child pornography, or to engage in distributed

denialof-service attacks as a form of extortion. Programs designed to monitor users’ web

browsing, display unsolicited advertisements, or redirect affiliate marketing revenues are

called spyware. Spyware programs do not spread like viruses; instead they are generally

installed by exploiting security holes. They can also be hidden and packaged together with

unrelated user-installed software. Ransomware affects an infected computer in some way,

and demands payment to reverse the damage. For example, programs such as

CryptoLocker encrypt files securely, and only decrypt them on payment of a substantial
sum of money. Some malware is used to generate money by click fraud, making it appear

that the computer user has clicked an advertising link on a site, generating a payment from

the advertiser. It was estimated in 2012 that about 60 to 70% of all active malware used

some kind of click fraud, and 22% of all ad-clicks were fraudulent. Malware is usually

used for criminal purposes, but can be used for sabotage, often without direct benefit to the

perpetrators. One example of sabotage was Stuxnet, used to destroy very specific industrial

equipment. There have been politically motivated attacks that have spread over and shut

down large computer networks, including massive deletion of files and corruption of

master boot records, described as “computer killing”. Such attacks were made on Sony

Pictures Entertainment (25 November 2014, using malware known as Shamoon or

W32.Disttrack) and Saudi Aramco (August 2012). (Creutzburg, Reiner 2016, Handbook

of Malware 2016)

These categories are not mutually exclusive, so malware may use multiple

techniques. This section only applies to malware designed to operate undetected, not

sabotage and ransomware. Viruses are computer program usually hidden within another

seemingly innocuous program that produces copies of itself and inserts them into other

programs or files, and that usually performs a malicious action (such as destroying data).

Trojan Horses In computing, Trojan horse, or Trojan, is any malicious computer program

which misrepresents itself to appear useful, routine, or interesting in order to persuade a

victim to install it. The term is derived from the Ancient Greek story of the wooden horse

that was used to help Greek troops invade the city of Troy by stealth. Trojans are generally

spread by some form of social engineering, for example where a user is duped into
executing an e-mail attachment disguised to be unsuspicious, (e.g., a routine form to be

filled in), or by drive-by download. Although their payload can be anything, many modern

forms act as a backdoor, contacting a controller which can then have unauthorized access

to the affected computer, While Trojans and backdoors are not easily detectable by

themselves, computers may appear to run slower due to heavy processor or network usage.

Unlike computer viruses and worms, Trojans generally do not attempt to inject themselves

into other files or otherwise propagate themselves. Rootkits Once a malicious program is

installed on a system, it is essential that it stays concealed, to avoid detection. Software

packages known as rootkits allow this concealment, by modifying the host’s operating

system so that the malware is hidden from the user. Rootkits can prevent a malicious

process from being visible in the system’s list of processes, or keep its files from being

read. Backdoors, a backdoor is a method of bypassing normal authentication procedures,

usually over a connection to a network such as the Internet. Once a system has been

compromised, one or more backdoors may be installed in order to allow access in the

future, invisibly to the user. (Creutzburg, Reiner 2016, Handbook of Malware 2016)

As malware attacks become more frequent, attention has begun to shift from viruses

and spyware protection, to malware protection, and programs that have been specifically

developed to combat malware. (Other preventive and recovery measures, such as backup

and recovery methods, are mentioned in the computer virus article). A specific component

of anti-virus and anti-malware software, commonly referred to as an on-access or real-time

scanner, hooks deep into the operating system’s core or kernel and functions in a manner

similar to how certain malware itself would attempt to operate, though with the user’s

informed permission for protecting the system. Any time the operating system accesses a
file, the on-access scanner checks if the file is a 'legitimate' file or not. If the file is identified

as malware by the scanner, the access operation will be stopped, the file will be dealt with

by the scanner in a pre-defined way (how the anti-virus program was configured

during/post installation), and the user will be notified. This may have a considerable

performance impact on the operating system, though the degree of impact is dependent on

how well the scanner was programmed. The goal is to stop any operations the malware

may attempt on the system before they occur, including activities which might exploit bugs

or trigger unexpected operating system behavior. (Creutzburg, Reiner 2016, Handbook of

Malware 2016)
 References

[1] “Malware definition”. techterms.com. Retrieved 27 September 2015.

[2] Christopher Elisan (5 September 2012). Malware, Rootkits & Botnets A Beginner’s

Guide. McGraw Hill Professional. pp. 10–. ISBN 978-0-07-179205-9.

[3] Stallings, William (2012). Computer security : principles and practice. Boston:

Pearson. p. 182. ISBN 978-0-13-277506- 9

[4] “Defining Malware: FAQ”. technet.microsoft.com. Retrieved 10 September 2009.

[5] “An Undirected Attack Against Critical Infrastructure” (PDF). United States

Computer Emergency Readiness Team(Us-cert.gov). Retrieved 28 September 2014.

[6] “Evolution of Malware-Malware Trends”. Microsoft Security Intelligence Report-

Featured Articles. Microsoft.com. Retrieved 28 April 2013.

[7] “Virus/Contaminant/Destructive Transmission Statutes by State”. National

Conference of State Legislatures. 2012- 02-14. Retrieved 26 August 2013.

[8] "§ 18.2-152.4:1 Penalty for Computer Contamination” (PDF). Joint Commission on

Technology and Science. Retrieved 17 September 2010.

[9] Russinovich, Mark (2005-10-31). “Sony, Rootkits and Digital Rights Management

Gone Too Far”. Mark’s Blog. Microsoft MSDN. Retrieved 2009-07-29.

[10] “Protect Your Computer from Malware”. OnGuardOnline.gov. Retrieved 26 August

2013. [11] “Malware”. FEDERAL TRADE COMMISSION- CONSUMER

INFORMATION. Retrieved 27 March 2014.

[12] Hernandez, Pedro. “Microsoft Vows to Combat Government Cyber-Spying”.

eWeek. Retrieved 15 December 2013.

[13] Kovacs, Eduard. “MiniDuke Malware Used Against European Government

Organizations”. Softpedia. Retrieved 27 February 2013.

[14] “South Korea network attack 'a computer virus’". BBC. Retrieved 20 March 2013.

[15] “Malware Revolution: A Change in Target”. March 2007.

[16] “Child Porn: Malware’s Ultimate Evil”. November 2009. [17] PC World – Zombie

PCs: Silent, Growing Threat.

[18] “Peer To Peer Information”. NORTH CAROLINA STATE UNIVERSITY.

Retrieved 25 March 2011.

[19] “Another way Microsoft is disrupting the malware ecosystem”. Retrieved 18

February 2015.

[20] “Shamoon is latest malware to target energy sector”. Retrieved 18 February 2015.

[21] “Computer-killing malware used in Sony attack a wake-up call”. Retrieved 18

February 2015.
 Income Generation

'Income generation' is often talked about in quite generic, broad-brush, terms. This

guidance focuses on generating income through commercial trading of goods and services

and licensing content to third parties. As such it is different from other sources of income

which are likely to be part of an archive's overall funding model, depending on the type of

organisation they are, including:

 Income from voluntary fundraising, including grants from trusts and foundations

including the Lottery and Arts Council, individual giving and sponsorship

.  Income from Statutory Funders - For those archives in receipt of core funding for the

provision of archive services, and as places of deposit for public records.

If you're talking to your colleagues about 'income generation', or a senior manager

or trustee has asked what you're doing to generate more income, be sure you're clear you

have the same understanding of what sources of income are in scope. This guidance focuses

on the most commons activities through which archives are generating commercial income,

though the list is not exhaustive.

 In-house digitisation/conservation

 Licensing and publishing

 Events

 Online/onsite retail

 Catering
 Filming in the search room

 Storage rental

 Premium research services

 Records management (including public records)

 Public sector ‘commissioning’

You may be conscious that particular solutions to generating more income are

being cited as 'silver bullets' or ‘quick wins’. This guidance also aims to help you deter a

rush to solutions by providing a logical process for assessing the right options for you - and

a way to articulate the likely return on investment, and manage expectations. It 5 is unlikely

that many archive services will be able to generate more than 20% of revenue income from

commercially generated sources. (Holen, Andrew, Bohl, Eric, Wynn, Mike, 2016, Income

Generation Guide)

Most of the sources of income generation we discuss in this guidance are not new.

Many archives have been doing them with more or less success, and rigour, for years if not

decades. What is new is the wider funding environment for archives. Whether your archive

is a local authority record office, in a university or a charity, you're probably feeling the

squeeze of austerity in public funding or greater competition for grants and donations, or

both. And the options open to potential users, particularly online, mean competition to

attract visitors keeps getting tougher. So, whether you're seeking to take control of your

own destiny, or needing to respond to threats to your current funding, increasing or

broadening your income from commercial sources may make sense. If the money you
generate stays within your service it will give you more flexibility – what is known in

charities as ‘unrestricted income’ - and this will be a big advantage. Identifying the right

mix between different types of income requires an understanding and analysis of the costs

involved in generating income; the market potential; and likely profit margin to be made.

Equally, you need to consider any risks involved in the different income-generating

activities. It's also worth remembering that although you may be trying to become more

entrepreneurial and commercially-minded, you need to keep your overall mission and

values in mind. This could mean that, although a commercial activity doesn't make a

significant difference to your bottom line, for example some limited merchandising or

catering, or discounting space hire for priority groups, there are non-commercial benefits

from the activity. Conversely, some activities may not be consistent with your mission, or

be inappropriate for your existing users and customers. It may be that for some archives,

investing in further fundraising capacity will still represent a better option, given the

balance of costs involved, risks and likely return. But only you will be able to decide that,

having assessed your options with your colleagues and partners. (Holen, Andrew, Bohl, Eric,

Wynn, Mike, 2016, Income Generation Guide)

A generic planning cycle which you might be familiar with uses a four stage

cyclical process:

 Analyse

 Plan

 Do

 Review
 This can be the basis for planning all your income-generating activities and we

have included one version of this at Section 5. It’s also helpful to begin to think of the

process as one of continuous business development in your service, which analyses future

prospects for growth and helps you decide where to focus your efforts. (Holen, Andrew,

Bohl, Eric, Wynn, Mike, 2016, Income Generation Guide)

How Is the Effectiveness of an Income Generation Intervention Determined?

The findings presented in this fact sheet come from a recent systematic review of twelve

studies.5 Although income generation is a broad topic, for the purposes of the analysis, the

researchers defined income generation interventions as “interventions which impart

vocational skills or provide capital or commodities that enhance the capacity of individuals

or groups to generate income.” The study looked at a range of behavioral, psychological,

social, and biological outcomes. Of the twelve studies, six were conducted in sub-Saharan

Africa, three in East and Southeast Asia, and three in Latin America and the Caribbean.

(https://www.jhsph.edu/research/centers-and-institutes/research-to-

prevention/publications/income-generation-final.pdf)

Restricted and unrestricted funds

Funds received from funders for a specific purpose are known as restricted funds: you are
legally obliged to use them only for the purpose for which the funder gave them to you.
In contrast, unrestricted funds can be used for any purpose that helps you to achieve your
charitable objects. The more unrestricted funds you have, the more freedom of action you
have. You can, for example, choose to cover costs that funders are reluctant to fund, like
core costs.
The discipline is the same whether generating restricted or unrestricted income and funders
will require the same financial information of you.
What funders are looking for
These are some of the basics funders look for when assessing applications for funding:
clarity that the organisation is seeking funding to meet a specific beneficiary need
financial details of your organisation
how the funds will be used, for example what percentage will go towards core costs and
salaries
your organisation's ability to manage finance
a clear and realistic reserves policy.
Sustainability and diversification
A good plan for generating income will aim to achieve sustainability by stabilising your
funding base, in some cases increasing your funding and diversifying your funding sources.
Sustainability ideally means managing your income streams in such a way that if or when
one stream comes to an end, the work can be repositioned, making it suitable for funding
by another stream. Opportunities available to diversify income streams range from
donations and grants to service level agreements or contracts to deliver services, to trading
in goods and services.
Remember fundraising activity has costs associated with it, for example fundraiser's time.
It is important therefore that these are reflected in funding applications.
Diversification also has costs associated with it, such as increased management effort. You
must therefore recognise at what point the benefits of diversification are outweighed by
costs.
(https://knowhownonprofit.org/organisation/operations/financial-
management/generatingincome)