In Greek legend, the Trojan Horse was a means of subterfuge by which the Greek army was able to take over the city of Troy. After a decade-long siege that went nowhere, the Greeks built an enormous wooden horse and hid a group of highly trained troops inside. They then presented the horse as an apparent gift to their enemies. Once it was inside the city walls, the troops hiding inside the horse waited until night fell, then exited and opened the gates of the city so that the Greek army could enter and take Troy.
Since then, the term “Trojan horse” has been used as shorthand to refer to tricks that lead to a target unwittingly inviting an enemy into a securely protected location. This is the case with trojans, malicious computer programs that are designed to fool users into running a program that causes damage to their system.
In order for the trick to work, trojans must be disguised as something the user wants: downloaded software, a codec for playing music or videos, a link to a website of interest, or any number of other tantalizing file types. In some cases trojans might be opened accidentally, but more often they are files that the user willingly opens.
While the term “trojan virus” is often used, trojans do not have to be computer viruses in order to qualify — although the results are almost always negative. Just how negative this is depends on the trojan. Some might cause only mild annoyance: for instance, displaying pop-up ads every hour. Others can be extremely damaging by stealing sensitive information or making your computer files inaccessible.
Backdoors, spyware, and ransom demands
One frequent type of trojan works by creating backdoors to a computer system. These allow hackers to remote control the infected computer. This means that the attacker can essentially carry out anything the legitimate user can, whether that’s launching, downloading, sending or deleting files, reading data, or any other number of activities. Backdoor trojans can be used to create the “zombie computers” that make up enormous botnets for use in DDoS (Distributed Denial of Service) attacks. In such attacks, massive numbers of zombie machines are used to bombard targets with fake traffic, designed to bring down websites or online services. The owner of the infected computer may not even realize that their machine has been infected.
In other instances, trojan backdoors can act as spyware tools to steal login credentials, harvest email contacts, pilfer account information from online gamers, and more. A particularly malevolent Windows trojan called Stuxnet was allegedly used in an assault on Iran’s nuclear facilities, physically destroying equipment by changing how it functioned, while appearing to show that everything was working normally. Some trojans, known as rootkit trojans, gain what is called “root-level” administrative access to a computer. When the computer loads its operating system, or sometimes even before, these rootkit trojans are booted up, making them incredibly tough to both find and remove.
Trojans can additionally be used in ransomware attacks. Such trojans function by modifying computer files or data so that the user is no longer able to gain access to particular documents or information. From 2013 to 2014, the CryptoLocker ransomware attack spread widely online. When the CryptoLocker code was executed, it encrypted files on local drives or network drives and charged users if they wanted to decrypt them again. While CryptoLocker is no longer in wide circulation, other ransomware trojans have arisen to take its place. Certain ransomware trojans are slightly more subtle in their operation. They might, for example, pose as antivirus software, extorting users by alerting them to non-existent threats and charging them money to remove them.
Safeguarding against the trojans
Some protective measures against trojans are ones that users can easily take on their own. For example, never run a program or open an email where you are not confident about the source. Also, make sure to keep operating systems and web browsers updated. Updates frequently contain fixes that vulnerabilities that could be exploited by certain trojans.
But you may want to be more proactive as well. While it’s a good idea not to click links or download programs we don’t know the origin of, this is not always feasible. It’s important to also have additional defenses at your disposal.
Based on how problematic trojans can be, it is essential that any modern cyber security system takes steps to protect against them. Two methods of doing this involve Web Application Firewalls (WAF) and antivirus software. WAFs should help to identify and block trojans whenever they try and contact their Command & Control center. Expert cyber security systems should also be able to tell you how access is being accessed and used on your computer systems. Antivirus software works by scanning your computer system to ensure that you haven’t downloaded any trojans. If you have, it will be able to isolate and help remove them.
By employing smart defenses, it’s possible to stay trojan free as you carry out business online. It doesn’t have to be an arduous task on the part of the user, nor one that is budget-breaking in terms of deploying a comprehensive solution. However, it’s one of the best decisions you can make because, as the Trojans learned in the Greek legend, once you let the enemy inside your gates the results can be nothing short of disastrous.