PTTP Systems

Vampires have gained a wide popularity in the last few decades and especially in the past few years. Books, movies, and TV series are filled with them. Vampires have captured our imagination and we spend loads of money to be entertained by stories about them. Here are a just few examples.

• Buffy the Vampire Slayer books, movies, and TV series created by Joss Whedon
• The Vampire Chronicles books and movies created by Anne Rice
• The Vampire Diaries books and TV series created by L. J. Smith
• The Twilight books and movies created by Stephanie Meyer

And these are just the most recent and most popular ones. Everyone and their siblings are writing books and movie scripts about vampires. They even appear in science fiction stories, like The Madness Season by C. S. Friedman.

Yes, I’ve left out the classics, like Dracula of Bram Stoker fame and Barnabas Collins from the Dark Shadows TV series.  Sadly,  I don’t have the time or space to mention all of them or even just all the well known favorites.

Back to the Point

What do vampires have to do with risk, compliance, or computer security? Well, during that same few decades,  malware – viruses, worms, Trojan horses and all sorts of “I-don’t-want-that-on-my-computer” ware – have exploded in number and effectiveness.

Give me a few minutes of your attention and I’ll tell you how these very real “electronic vampires”, while not very entertaining, are remarkably similar to fictional vampires. I think you’ll find vampires and malware behave very much alike and that the rules for dealing with vampires are a good guide for dealing with malware.

They Feed On You

• Vampires survive by drinking blood (or life essence, or fear, and sometimes crops, but let’s go with blood for this analogy).
• Malware lives off of the life-blood of your computers, sucking up CPU cycles, memory and disk space.

Vampirism is Contagious

• Vampires can convert normal people into vampires.
• Malware can infect other computers.

They Will Trick You

• Some species of vampire cannot enter your house unless you invite them.
• Some species of malware can’t infect your computer without your help, like downloading “free” software.

• Some species of vampire will try to trick you into inviting them into your house, for example, by masquerading as a delivery person.
• Some species of malware will try to trick you into executing their code, for example, by pretending to be useful software like an antivirus package.

Defend Your Computer

• Some species of vampire don’t need an invitation into your house – they can walk in at will.
• The same is true for malware that exploits software design errors or misconfigurations to gain entry to your computer.

• Once a vampire has access to your home they can come and go as they please.
• I’ve never heard of malware that deletes itself when asked nicely.

Note: you might be able to use a ritual procedure to drive vampires or malware out but sometimes your only choice is to change your residence (rebuild your hard drive).

Search Carefully

• Some species of vampire can become invisible.
• Some species of malware, root kits, hide inside your computer without external signs.

• Some species of vampire only become active during certain parts of the day (well, the night).
• Some species of malware also plays a hide and seek game.

The Master

• Some species of vampire are part of a group, or coven, of vampires led by a “master vampire”. These “minion” vampires must seek permission from the master vampire before making new fledglings or taking major action.
• The botnet species of malware behaves this way – the clients invisibly infecting your computer take orders from their masters located far away.

Warring Factions

• Vampire covens sometimes fight one another over territory or dominance.
• Recently different botnets have started fighting one another over control of your computer.

The Best Defense

• Most species of vampire can be killed. You just have to drive a wooden stake through the heart, remove the head, expose it to sunlight, or maybe set it on fire.  And you may have to cut off the head and stuff its mouth with garlic to keep it from resurrecting.
• Most species of malware can be killed – you just need the right programmatic tools but if you aren’t thorough they can come right back through reinfection or because they live in multiple places on your system.

Supernatural Powers

• Some species of vampire can control you against your will and without your knowledge.
• Some species of malware, botnet clients, can control your computer without noticeable symptoms and make it do the bidding of others.

Wards Help

• Some species of vampire can be warded off with apotropaics, or wards. Bible. Crucifix. Garlic. Holy water.
• The malware equivalents are firewalls, host intrusion protection, change control, antispyware, antimalware, and antivirus programs.

Unfortunately wards are not magic. Vampires from modern “universes” may just laugh at these old fashioned ideas (“Ha! I just *love* garlic!”). Likewise, some sophisticated malware can bypass all your defenses.

The Moral of the Story

There are vampires … I mean malware threats …  everywhere. The good news is that there are actions you can take to defend yourself, like obtaining a security suite and keeping the signatures up to date. There are also actions you can avoid that will help keep you safe, like browsing dangerous or questionable sites, or downloading and running untrustworthy software.

You should also observe the behavior of your computer. If it starts acting strangely, like slowing down or generating unusual network traffic, then scan your computer with your security suite, update your signatures, and seek professional advice if necessary.

Now, for good measure, go get yourself some wooden stakes.

And schedule Forever Knight on your DVR because the series finale rocks!

-Eric