Skip to main content

The Moonbounce Virus and Evolving Computer Security Threats

Dan earned his CompTIA (CIOS) certification in 2010 and worked in the computer repair/networking industry for several years.

the-moonbounce-virus-and-evolving-computer-security-threats

In 2021, the computer security company Kaspersky announced its discovery of a new kind of malicious software. They named it Moonbounce. As opposed to infecting the primary storage or hard drive of a device, it infects the firmware chip — the location of the code responsible for starting up devices.

The startup itself is not affected. The malicious software merely uses the firmware chip as a hiding place. When the device is powered on, the virus hooks into the operating system, Microsoft Windows, using it as a platform for practically undetectable spying.

With the firmware chip being used for propagation, conventional software security tools are relatively ineffective. Reinstalling the operating system, replacing the hard drive, or running routine virus scans won’t get rid of it.

Getting off the Sidelines

Because of the ever-evolving schemes of tech-savvy cybercriminals, we must begin confiding in more than antivirus software. Moreover, it’s said and frequently proven that humans are the weakest link in computer security. We love our comfort zones and changing a routine can be uneasy.

the-moonbounce-virus-and-evolving-computer-security-threats

For example, a self-employed writer may be comfortable using a cafe Wi-fi connection. Convenience often carries risks, however. The computer security industry generally recognizes the tradeoff between convenience and security.

There are risks unique to all computing situations. The important thing to keep in mind, however, is that complacency usually takes hold of victims before they are dupped. Some of the extraordinary methods computer hackers use — discussed herein — should bring pause, and ideally, a change of attitude. This is especially true if using computers for mission-critical type work, e.g., banking, e-Mail, healthcare, and storing private data.

Attack Vectors

Those who seek to exploit unauthorized access of data are not only tech-savvy, they are skilled manipulators. This is why human error is, for all practical purposes, the biggest problem in security. Training computer users or employees to consistently follow minimum security measures is difficult.

Hiring a security firm to find vulnerabilities does no good if a single employee can undo all their effort — the computer user can be tricked into merely opening an e-Mail laden with malicious software. Attack vectors — and there are far more than those listed in this article — deal with the procedures and methods used to manipulate computer users, for gaining unauthorized access. Recognizing the concept of attack vectors will help protect against new types of security threats conventional antivirus can’t handle.

  • Social Engineering

This entails an array of techniques where computer hackers manipulate computer users into divulging what is generally private information. The obtained data is used to access private systems.

Phishing is perhaps the most popular form of social engineering. Using text messaging, social media messaging, telephone, and e-Mail, deceivers will contact victims while imitating an honest person or legitimate service. The purpose is for compelling recipients to divulge private data or credit card information — in general, any information used to gain an illegal advantage.

Baiting is a type of social engineering where enticing products or services are placed in front of users. When engaged, the products potentially lead to the disclosure of private information including but not limited to usernames, passwords, private user information, and even credit card information.

Scroll to Continue
  • Drive-by Downloads

These occur when merely surfing the internet. Honest websites can be compromised so that, by automation, computers download malicious software not initiated by the user.

The same can happen when navigating to websites set up by hackers themselves. The skilled computer criminals can make their websites look like legitimate businesses, displaying various kinds of alluring information. As users traverse the site, drive-by downloads can occur.

  • Third-Party Vendors

Whether consumers or businesses are in question, third-party vendors pose a risk to computer security. If computer hackers can infiltrate the website of a local computer repair shop, for example, then using the website’s service can put its users at risk. Ads can be compromised, credit card information stolen, and usernames or passwords can be hijacked, just to name a few.

Not only are third-party vendors a potential risk, but fourth-party vendors can be as well. Services used by third parties can be compromised, trickling down to the consumer. Consider the above example — if a repair shop uses a ticketing service to support their clients and the ticketing service is compromised, the repair shop and its client would be unaware of it.

  • Unpatched Vulnerabilities

This attack vector certainly deserves some attention. Computer operating system vendors such as Microsoft, Apple, and Google routinely release patches to fix security holes in their platforms. Hackers exploit known vulnerabilities.

The patches can be downloaded and installed manually or automatically — whatever way best suits the computer user. Failing to install them will facilitate a higher security risk. Third-party programs (or Apps) should also be kept up to date.

Aside from known vulnerabilities that software vendors often fix, Zero-day vulnerabilities are an even bigger threat. As the name implies, the security holes are unknown to both vendors and consumers, having “zero” days to patch the holes.

Since patches can’t be downloaded to resolve this type of problem, the only alternative is to become a wiser computer user. Switching to an operating system such as Linux — not targeted as much as Microsoft Windows — can certainly help.

Moving Forward

The given examples are only a few kinds of attack vectors. We’ve barely scratched the surface in discussing them in this article. Therefore, becoming active — not complacent — is important.

Not all computing situations necessitate the same degree of security, however. For average home-users, using a separate computer for surfing the internet can help. Accessing e-Mail and other sensitive material on a separate computer isolates potential internet security complications.

It’s helpful to consider the specific use of computers while becoming familiar with security basics. While some require relatively few security measures, other entities such as banks and health care providers are required by law to conform to certain security standards.

This content is accurate and true to the best of the author’s knowledge and is not meant to substitute for formal and individualized advice from a qualified professional.

© 2022 Dan Martino

Related Articles