What is a Trojan Horse, and how can we protect ourselves from it
One of the biggest fears of an IT department within a company is obviously the possibility that it will be ‘hacked’. This can be done in a wide variety of ways, and each day mischievous programmers design new methods. One of the most common forms of computer malware is called a Trojan Horse1, named after the Greek story of the wooden horse which was used to sneak into Troy. In this blog I would like to explain what a Trojan is, what it can do, and how we can try and prevent them.
A Trojan is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage2. Trojans are usually spread through some form of social engineering. People get tricked into executing unsuspicious software, e.g. they receive an e-mail from someone they do not know containing a hyperlink to some funny video or picture.
Once someone is tricked into opening the infected software the Trojan will spread throughout the infected computer, leaving the ‘owner’ of the malware with a lot of different options. The following are capabilities of a Trojan malware3:
- It can be destructive (e.g. crashing the computer, modifying or deleting files, corrupt data, etc.)
- It can use the resources or identity of the host (e.g. use the machine as part of a botnet, infecting other connected devices on the network etc.)
- Money theft and ransom
- Data theft
- Spying, surveillance or stalking
So now that we know what a Trojan is and what it can do, how can we protect ourselves from them? The first and foremost prevention is to never open an e-mail attachment or run a program if you are not 100% certain of the source. However due to the interconnectedness of today’s world this is hard to accomplish. Therefore the following tips should help you even more4:
- Always keep your software up to date. By keeping your software up to date you prevent hackers from exploiting known security issues in older software.
- Always keep a firewall up. Both software and hardware firewalls are excellent at controlling malicious internet traffic.
- Install a brand-name anti-virus program. When kept up to date these kinds of software will scan your computer to make sure you have not downloaded a Trojan. Watch out with downloading free anti-virus scanners from the internet, as these are often viruses themselves.