Trojan

Also known as a “Trojan horse”, malware is malicious software that enters computers or networks with the help of a camouflage. The name is derived from the Greek myth of the conquest of Troy by enemy soldiers who entered the city disguised by a giant wooden horse.

What does Trojan mean in detail?

The image of the wooden horse is very apt: Trojans are, so to speak, a means of transportation for malware. They can contain very different programs. Just a few examples:

• Ransomware that encrypts a computer or the data of an entire network. Cyber criminals then usually demand a ransom for decryption (which unfortunately is not reliable).
• Keyloggers, which cyber criminals use to spy on passwords, for example.
• Backdoor programs that give cybercriminals access to your computer or network.
• Programs that misuse the resources of your computer or network, e.g. for “denial of service” attacks or for “mining” digital currencies(cyptojacking).
• Spyware that spies on your documents and communications.
• Programs that connect your computer and the devices in your network to a botnet .

Trojans can appear as, among other things:

• Unrecognized component of software that also installs the Trojan.
• Program, e.g. screen saver or utility program, in which a Trojan is hidden.
• Attachment to an e-mail that appears as a Word document or PDF, for example.
• Drive-by download, which transmits malware without any further action on the part of the user when visiting a compromised website.

Where do I encounter the topic of “Trojans” in my day-to-day work?

You can potentially encounter it in many places. In every email that contains an attachment or a link. With every program and every app that you install on a device. On every website you visit that contains advertising. With every USB stick to which you transfer data.

¿Qué puedo hacer para mejorar mi seguridad?

Most measures to reduce your company’s cyber risk also reduce the risk of your system being infected with Trojans. These measures include, among others:

• Always keep all programs, especially Internet programs, up to date
• Use of a reliable, always up-to-date virus scanner and also a reliable, always up-to-date firewall
• Employee sensitization for the critical handling of e-mails, USB sticks, alleged updates, etc. Your employees are an important line of defense against cyber incidents.
• Many of these and other recommended measures are interlinked. You should therefore work with your IT department or an external IT security service provider such as Perseus to develop a holistic, comprehensive approach to increase your cyber security.