Cookie use on MRCVSonline
We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive all cookies.
If you would like to forward this story on to a friend, simply fill in the form below and click send.

Your friend's email:
Your email:
Your name:
 
 
Send Cancel
Beware of Trojan Horses

Rob Tilyard explains how best to protect the practice against the threat from Trojan horses and their lesser known counterpart, the road apple.

Trojan Horses

‘Trojan horse’ programs are also known simply as ‘Trojans’ or ‘backdoor Trojans’. The term refers to the famous episode mentioned in Homer’s Odyssey in which the Greeks concealed themselves in a hollow wooden statue of a horse in order to enter and plunder the gated city of Troy. Electronic Trojan horses are malicious programs, which masquerade as genuine files, such as a picture or interesting document, with the purpose of infiltrating the system and causing malicious damage.

Road Apples

A ‘road apple’ (also a euphemism for horse manure) is essentially a physical Trojan horse. A CD-ROM, floppy disc or perhaps a USB data storage device with an intriguing label is left somewhere that it is certain to be chanced upon. The culprit relies upon the victim’s curiosity to take the media and run it on their computer – road apples often bear such luring titles as ‘Executive Salary Summaries 2007-08’, ‘Investigation Findings’ or simply ‘Strictly Confidential’. With recent reports of government data loss by means of missing CD-ROMs fresh in people’s minds, some inquisitive sorts simply cannot resist taking a look. Unfortunately, the result can be ruinous.

Viruses and Worms

In addition to its own malicious payload, a Trojan’s contents may also include viruses or worms.

A virus is a piece of code that is capable of copying itself and, with metamorphic viruses, can then modify itself and its copies to avoid the pattern recognition of anti-virus software. Viruses attach themselves to programs or files (such as Trojan horses or a document on your computer) and are spread when the program or file is shared (e.g. when someone else opens a Trojan horse or your document).

A worm is also a self-replicating program but it does not need to hitch a ride on a program or file to spread from one computer to another. Worms can use networks to send copies of itself to other computers on the network without any user intervention.   When Trojan horses contain viruses or worms or both this is called a ‘blended threat’. The combination of methods of spreading and causing damage means that blended threats can cause damage that is manifold and extremely quick to spread.

File Encryption and Data Corruption

Trojan horses may be programmed to erase or overwrite data as well as encrypt or corrupt files (often in subtle difficult-to-detect ways), which could cause havoc at the practice. It is not until the user tries to open files that they find that documents are now unopenable, unrecognisable or password-locked.

Inappropriate Material

Trojan horses frequently upload and download files onto computers as well as show fake dialogue boxes that say material is being uploaded or downloaded. These may include adware and spyware programs (see below) as well as risque material and other unsolicited material. This can make working impossible, as the user is frequently interrupted by messages that files are being uploaded or downloaded, and the activity also uses up bandwith and hard disk space.

Adware and Spyware

Adware is software from advertising companies that enables pertinent pop-up ads to appear at opportune moments. Spyware is truly unwelcome as it tracks users in the same way as adware but it is downloaded without the user really knowing that it is being installed. The main problem is that the software lurks on a PC and secretly communicates with its originator. This hidden software is often difficult to remove and affects the way the computer operates and, in some instances, causes it to crash or freeze. Details of your computer, keystrokes used, certain passwords, and websites that are visited can easily be transmitted back to the originators or even third parties.

Denial of Service Attacks

This occurs when an arrangement of data is sent to a system and prevents it from working as it should. A Denial of Service (DOS) has as its sole function to interrupt the recipient’s Internet connection and/or network. It works by bombarding a targeted server with requests or messages and completely overloading it, therefore precluding genuine users making legitimate requests.

Unwanted Users

An extremely worrying notion for the practice is the possibility that anyone from anywhere in the world could log on to the practice’s system. In this scenario there is untold potential for damage and costs to the practice through altering, deleting and copying information on the management system, as well as data theft. Trojan horses that allow criminals to log on to victims’ computers are called RAT horses – Remote Access Trojan horses.

Spamming

Trojan Horses can take over e-mail accounts to send thousands of spam e-mails to everyone in a person’s address book. Studies have shown that over half of all spam is sent from ‘zombie computers’ – computers which have been compromised by a hacker, virus or Trojan horse.

Anti Virus Software

It should be noted that while antivirus software (like Norton) is appropriate (and essential) for the home PC, it’s not enough to protect the entire practice network. It’s therefore important to either connect only one stand-alone computer (not on the practice network) to the Internet – not ideal if more than one member of the team wants to go online at once – or to make use of a managed and professional service to connect to the World Wide Web.

Also, it is crucial that staff are aware that they should never open unsolicited e-mail, visit dubious websites or run files from unknown external media. As always, prevention is definitely better than cure!

Become a member or log in to add this story to your CPD history

Rare chimp birth announced at Edinburgh Zoo

News Story 1
 The Royal Zoological Society of Scotland (RZSS) welcomed the birth of a critically endangered western chimpanzee on Monday 3 February at Edinburgh Zoo's Budongo Trail.

The baby girl will be named in the coming days through a public vote, and staff will carry out a paternity test during its first health check to determine the father.

Mother Heleen's first infant, Velu, was born in 2014, making this new baby only the second chimpanzee born in Scotland for more than 20 years.

Budongo Trail team leader Donald Gow said: "While we celebrate every birth, this one is particularly special because our new arrival is a critically endangered Western chimpanzee, a rare subspecies of chimpanzee."

Image (c) RZSS/Donald Gow. 

Click here for more...
News Shorts
BEVA offering free membership to vet students

The British Equine Veterinary Association (BEVA) is offering free membership to veterinary students. As part of a new initiative with the aim of encouraging more veterinary professionals into equine practice.

According to BEVA, less than one in ten veterinary students choose to work in equine practice. The association hopes that this initiative will provide insight into the field and the benefits of a career in equine medicine.

Benefits of membership include:
▪ access to a network of nearly 3,000 members
▪ special student rates to attend BEVA Congress
▪ online access to BEVA's Equine Veterinary Education (EVE) journal
▪ free access to the association's online learning platform
▪ free access to BEVA's practical veterinary apps
▪ exclusive discounts on a range of things from cinema tickets to grocery shopping.

BEVA will be releasing a series of short videos over the next few months from BEVA Council members, explaining what inspired them to work in equine practice.

Image (c) BEVA.