Cookie use on MRCVSonline
We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive all cookies.
If you would like to forward this story on to a friend, simply fill in the form below and click send.

Your friend's email:
Your email:
Your name:
 
 
Send Cancel
Beware of Trojan Horses

Rob Tilyard explains how best to protect the practice against the threat from Trojan horses and their lesser known counterpart, the road apple.

Trojan Horses

‘Trojan horse’ programs are also known simply as ‘Trojans’ or ‘backdoor Trojans’. The term refers to the famous episode mentioned in Homer’s Odyssey in which the Greeks concealed themselves in a hollow wooden statue of a horse in order to enter and plunder the gated city of Troy. Electronic Trojan horses are malicious programs, which masquerade as genuine files, such as a picture or interesting document, with the purpose of infiltrating the system and causing malicious damage.

Road Apples

A ‘road apple’ (also a euphemism for horse manure) is essentially a physical Trojan horse. A CD-ROM, floppy disc or perhaps a USB data storage device with an intriguing label is left somewhere that it is certain to be chanced upon. The culprit relies upon the victim’s curiosity to take the media and run it on their computer – road apples often bear such luring titles as ‘Executive Salary Summaries 2007-08’, ‘Investigation Findings’ or simply ‘Strictly Confidential’. With recent reports of government data loss by means of missing CD-ROMs fresh in people’s minds, some inquisitive sorts simply cannot resist taking a look. Unfortunately, the result can be ruinous.

Viruses and Worms

In addition to its own malicious payload, a Trojan’s contents may also include viruses or worms.

A virus is a piece of code that is capable of copying itself and, with metamorphic viruses, can then modify itself and its copies to avoid the pattern recognition of anti-virus software. Viruses attach themselves to programs or files (such as Trojan horses or a document on your computer) and are spread when the program or file is shared (e.g. when someone else opens a Trojan horse or your document).

A worm is also a self-replicating program but it does not need to hitch a ride on a program or file to spread from one computer to another. Worms can use networks to send copies of itself to other computers on the network without any user intervention.   When Trojan horses contain viruses or worms or both this is called a ‘blended threat’. The combination of methods of spreading and causing damage means that blended threats can cause damage that is manifold and extremely quick to spread.

File Encryption and Data Corruption

Trojan horses may be programmed to erase or overwrite data as well as encrypt or corrupt files (often in subtle difficult-to-detect ways), which could cause havoc at the practice. It is not until the user tries to open files that they find that documents are now unopenable, unrecognisable or password-locked.

Inappropriate Material

Trojan horses frequently upload and download files onto computers as well as show fake dialogue boxes that say material is being uploaded or downloaded. These may include adware and spyware programs (see below) as well as risque material and other unsolicited material. This can make working impossible, as the user is frequently interrupted by messages that files are being uploaded or downloaded, and the activity also uses up bandwith and hard disk space.

Adware and Spyware

Adware is software from advertising companies that enables pertinent pop-up ads to appear at opportune moments. Spyware is truly unwelcome as it tracks users in the same way as adware but it is downloaded without the user really knowing that it is being installed. The main problem is that the software lurks on a PC and secretly communicates with its originator. This hidden software is often difficult to remove and affects the way the computer operates and, in some instances, causes it to crash or freeze. Details of your computer, keystrokes used, certain passwords, and websites that are visited can easily be transmitted back to the originators or even third parties.

Denial of Service Attacks

This occurs when an arrangement of data is sent to a system and prevents it from working as it should. A Denial of Service (DOS) has as its sole function to interrupt the recipient’s Internet connection and/or network. It works by bombarding a targeted server with requests or messages and completely overloading it, therefore precluding genuine users making legitimate requests.

Unwanted Users

An extremely worrying notion for the practice is the possibility that anyone from anywhere in the world could log on to the practice’s system. In this scenario there is untold potential for damage and costs to the practice through altering, deleting and copying information on the management system, as well as data theft. Trojan horses that allow criminals to log on to victims’ computers are called RAT horses – Remote Access Trojan horses.

Spamming

Trojan Horses can take over e-mail accounts to send thousands of spam e-mails to everyone in a person’s address book. Studies have shown that over half of all spam is sent from ‘zombie computers’ – computers which have been compromised by a hacker, virus or Trojan horse.

Anti Virus Software

It should be noted that while antivirus software (like Norton) is appropriate (and essential) for the home PC, it’s not enough to protect the entire practice network. It’s therefore important to either connect only one stand-alone computer (not on the practice network) to the Internet – not ideal if more than one member of the team wants to go online at once – or to make use of a managed and professional service to connect to the World Wide Web.

Also, it is crucial that staff are aware that they should never open unsolicited e-mail, visit dubious websites or run files from unknown external media. As always, prevention is definitely better than cure!

Become a member or log in to add this story to your CPD history

Kennel Club appoints new chief executive

News Story 1
 The Kennel Club has announced the appointment of Mark Beazley, who was previously Cats Protection's director of operations, as chief executive. Mark replaces Rosemary Smart, who stepped down from the role in April after 18 years.

Mark has held several senior strategic and executive roles, including executive director at Dogs Trust Ireland and chair of the Companion Animal Working Group at Eurogroup for Animals. He was also heavily involved in the establishment of the Eu Cat and Dog Alliance.

Mark will take up his new role in October. 

Click here for more...
News Shorts
International Cat Care appoints new head of veterinary division

International Cat Care (ICC) has announced the appointment of Nathalie Dowgray as head of the charity's veterinary division.

Nathalie, who is an RCVS advanced practitioner in feline medicine, will lead the International Society of Feline Medicine (ISFM) and a play key role in advancing knowledge and research in feline medicine.

Claire Bessant, iCatCare's chief executive said: "We're absolutely delighted to be welcoming Nathalie to the charity. She brings a depth and breadth of feline expertise and understanding which fits perfectly with the charity's work and development, and her enthusiasm for cats is infectious."