rat behind bars
Published 23 Apr 2019

Do you smell a RAT? 

A Remote Access Trojan (RAT) is a type of malware that allows the cybercriminals to monitor and control your computer or network.

To support our customers Pro-Networks have a variety of techniques to remotely access and monitor or administer their servers, or to support users on their computers. It means we can provide an efficient and immediate means of assistance, which leads to the fastest resolution for their issues. It is like we're sitting in front of their machines. We can adjust settings, install or uninstall software, open documents, transfer files and everything else that is required to be done to find a fix for the reported fault.

That's Great. But What's a RAT?

A RAT is a type of malware that provides the same sort of capabilities to the cybercriminals. They are installed without the business owner's knowledge and used for a variety of illegal activities that benefit the cybercriminals. 

Like most malware, RATs piggyback on legitimate-looking files. For businesses, these are usually delivered via email. Home users who download pirated software put themselves at risk because hackers insert malicious payloads into pirated software. The infected software is uploaded to 'torrent' pirate sites such as PirateBay. When the users download the pirated software they unwittingly install the RAT. Why are we talking about home users? Because they sometimes decide to download this sort of stuff at their place of work. That might be to take advantage of a faster internet connection, or becuase they want to avoid detection by their ISP. 

It can be difficult to tell when you’ve been infected by a RAT. Typically, they don't slow down your computer. There have been cases where sites have been infected by RATs for months or even years without knowing. 

RATs - Their Modus Operandi

Most computer viruses are made for a specific purpose. Keyloggers, for example, capture keystrokes so the cybercriminals can learn what your passwords are. Ransomware does a single thing too. It encrypts your data and charges you a ransom in cryptocurrency to regain access to it. But RATs are different. They give the cybercriminals total, covert control over infected computers. The cybercriminal can do just about anything.

That makes them perfect for snooping. They can log keystrokes and obtain files. The keystrokes will contain passwords and other sensitive key sequences. The files can contain bank details, corporate plans, intellectual property or industrial secrets. The cybercriminals can also turn on a webcam or microphone and observe and listen in secret. They can take screenshots of what you're doing. That's bad enough, but it doesn't stop there.

Because RATs give hackers administrative access on the compromised computers, they’re totally free to edit or retrieve any files whenever they want. If the fancy takes them they can wipe your hard drive. Or they can your machine to download illegal content from the internet, or install more malicious software onto your computer. They can incorporate all of their compromised computers - yours included - into a collaborative network, and use their combined might to perform Distributed Denial of Service attacks, or for cryptomining, or other illegal activity.

How To Protect Yourself

If you want to avoid RATs, there are several things you can do. 

  1. Make sure you have a market-leading, anti-virus and anti-malware package that is centrally managed and constantly updated.
  2. Needless to say, don't let your download dubious files from even more dubious websites.
  3. Beware suspicious attachments in emails.
  4. Strict Access Policies.

The first point is easy, that's a technology based measure and we can take care of for you.

The other three points absolutely depend on policies and procedures, and your staff's knowledge and behaviour. They need to know what is appropriate and permissible behaviour on your network, broadband, Wi-Fi and IT infrastructure. That means a Fair Usage Policy, sometimes called an Acceptable Use Policy. And they have to understand that policy, and understand their responsibilities towards the cybersecurity of the business. You need to put controls in to govern and protection legitamate remote access connections.

Your staff need to be able to recognise suspicious emails, and to question unexpected attachments. They need to know how to deal with them in a safe and security-minded fashion. Over 90% of security incidents arise because of staff misbehaviour, misinformation, or misunderstanding.

Stultifying paranoia isn't the answer. Neither is ignoring cyber threats and hoping they will all go away.

Knowledge, training and a healthy caution is the answer.

We'd be delighted to work with you and help protect your business.Use the details from our Contact Us page and start the process of securing your network.

 

Please share this post using any of the following share buttons.

Read similar posts to this article

Hacker Explores Dangerous Territory...

Enhancing Remote Work Security: The...

Cyber Security Services