Effects Of Trojan Horses On The Society

Published Date: 02 Nov 2017

Trojan Horses are defined as detrimental programs that are disguised as useful applications (Webopedia 2013). Further, they entice the user to execute its executable files after which its starts spreading annoying, malicious, damaging and destructive code (Kiai 2012).

Due to its sinister and deceptive motives Trojan horses may be classified as one of the most lethal if not the lethal, programs that exist today. Trojan Horses are programmed by human beings just like you and me, but the programmers and employers of this program have evil, treacherous and sinister intentions. For example, a Trojan Horse known as the "Destructive Trojan Horse," destroys, deletes and damages files and data on a computer but does not in itself inherently intend to do so, as such a program does not have the thinking capacity or reasoning skills to know that it infringes on social, ethical, legal and professional frameworks.

Instead, it performs according to the ill intention of the person who deploys its wicked use and the malicious and criminal elements of the programmer who programmed and published, and hence, created it in the first instance. Therefore, in hindsight of the malevolent and spiteful functions and capabilities of the Trojan Horse is the purposes, aims, objectives and intentions of the programmer in its inherent initial creation and that of the attacker who deploys it.

There are seven kinds of Trojan Horses.

1) The Remote Access Trojan Horses:- allow the attacker to remotely access, govern and spy on a victim’s’ system and are usually concealed in computer gaming software and other diminutive programs that users are unaware of, after which are executed on their machines (Webopedia 2013).

2) The Data Sending Trojan Horses:- are modelled, when deployed, to direct to the attacker delicate data from the victim’s’ machine such as passwords, credit card information, log files, email addresses and contact lists (Webopedia 2013). They traverse the victims’ machine for certain characterized data just like credit card information and passwords (Webopedia 2013). Alternatively, they may install a keylogger, whose prime function is to send all logged keystrokes back to the attacker, which may also yield sensitive data like the ones mentioned above (Webopedia 2013).

3) The Destructive Trojan Horses:- are modelled to erase and eradicate files and data and my at times go unnoticed by the installed anti-virus software (Webopedia 2013).

4) The Proxy Trojan Horses:- are modelled to employ the victim’s’ computer as a proxy server which then presents the attacker with the prospect to carry out anything from that computer, inclusive of performing credit card fraud and other illegal activities, or even employing that system to initiate malicious cyber-attacks against other networks for which the victim of such a computer may be held responsible for (Webopedia 2013).

5) The FTP (File Transfer Protocol) Trojan Horses:- are a kind of Trojan Horse that are modelled to open port 21 which is the port of the FTP transfer. This permits the attacker to connect to the victim’s’ computer using FTP, the File Transfer Protocol. After this connection is established numerous malicious activities can then be carried out as mentioned above (Webopedia 2013).

6) The DOS (Denial-of-Service-Attack) Trojan Horses:- are the kind of Trojan Horses that perpetrate the denial of service attack which is modelled to make a network inoperative by flooding it with meaningless traffic (Webopedia 2013). Such examples are the "Ping of Death" and "Teardrop attacks" which take advantage of the limitations of the TCP/IP protocols (Webopedia 2013). There does exist somewhat curative software that confines its effects, but new types of DoS attacks are persistently being invented by hackers (Webopedia 2013).

7) Security Software Disabler Trojan Horses:- are the kind of Trojan Horses modelled to stop or halt the operation of security oriented programs such as antivirus programs and firewalls devoid of the user’s’ knowledge (Webopedia 2013). It is usually united with another form of a Trojan Horse as a payload (Webopedia 2013).

Social issues with Trojan Horses

1) Trojan Horses employ a form of "social engineering" (Wikipedia 2013) and they present themselves as harmless, useful gifts in order to persuade victims to install them on their computers after which they can cause severe damage like deleting and destroying files via the destructive Trojan, stealing user names, passwords and credit card information via the data sending Trojan, spying on other activities using the remote access Trojan or using another’s’ computer to perpetrate crime like credit card fraud using the Proxy Trojan (Webopedia 2013).

2) Trojan Horses are social problems as they are distributed through a social network and spam email via one’s’ contact or mailing list (Shepherd 2013). If it is sent by a friend via an email attachment intentionally or unintentionally, then it is social issue as it is sent by a known contact who one would never think he/she would send them such an email with a malicious attachment like a Trojan Horse (Shepherd 2013). The attacker uses a victims’ contact in his/her contact list and from there it spreads from contact list to contact list, hence, it is a social issue, as it spread via social contact points and avenues (Shepherd 2013).

3) The data sending Trojan Horse steals user names and password and credit card information, hence, infringe on the privacy of its victims, exposing details from subsequent bank accounts, ID numbers, driver’s licence numbers and email addresses, hence, it becomes a social issue (Webopedia 2013). It infringes on one’s’ confidentiality (Dictionary 2013). It exposes information that is not meant to be publicly expressed (Dictionary 2013). It is a privacy and confidentiality issue, hence a social issue. For example, a remote access Trojan allows an attacker to spy on another users’ activities (Webopedia 2013). Spying in its inherent framework is considered inappropriate and improper and when it consists of a social element or motive, as with the remote access Trojan Horse, it becomes a social issue.

4) Financially motivated hackers are found chatting on social forums such as carderplanet.com, shadowcrew.com and darkprofits.com so as to get a better idea from other hackers on how to hack, using Trojan Horses (Hilbert II 2013). So for one of them to even come up with a website that allows hackers to share and spread information on how to hack and hence, increase their education and enlightenment on hacking, it is definitely a social issue (Hilbert II 2013). This is because it is a group of people coming together socially via a social medium (a social forum or website) to share information of ways and means of committing crimes online, which may most definitely be carried out by malicious software like the Trojan horse.

Ethical Issues with Trojan Horses

1) Is it at any instance ethical for one to construct a Trojan horse for non-malicious reasons, realizing very well that there is permanent risk that it may spread to other users due to no liability of the author (Gehringer 2013) ? Is it also ethical that one may utilize this particular Trojan Horse to make a more hazardous one (Gehringer 2013)?

2) Is it at any instance ethical that in 1988, Mr. Richard Brando and his colleague were valid in forming the Trojan "MacMag" which was solely meant to be a protest of the spreading of illegally copied software through the Mac user community (Gehringer 2013)? If not, would it have been valid or ethical if no harm or destruction ensued from the installation of the said Trojan horse (Gehringer 2013)?

3) There are CD-ROM circulations of Trojan horses, both source code and executables, which are unreservedly, readily and widely available to the public (Gehringer 2013). It is claimed that the suppliers of these CDs supply them in order to offer programmers the materials (source code and executables of Trojan Horses) they need in combatting Trojan Horses. Is it ethical to dispense these CD-ROMs in the first instance (Gehringer 2013)?

4) Technologies such as Active X and Java provide users with the capability to download and run code on their browser, hence, improve the user’s’ capacities in using them while presenting the viewpoint of the creation of novel and improved forms of Trojan horses (Gehringer 2013). Who should be held responsible? Should the inventors of these recent technologies be held accountable or liable in guaranteeing the safety of this malicious code though the limitation of the browser capabilities or the language in its inherent form (Gehringer 2013)? Or should the liability or sole responsibility fall on the user to safeguard such security by, for instance, only associating with sites that one has confidence or faith in (Gehringer 2013)?

Legal Issues with Trojan Horses

1) The creation of Trojan Horses becomes a legal issue as programmers who create them are in they contravene the law on the invasion of other people’s private life under the United Kingdom Computer Misuse Act enacted in the year 1990 (123Helpme 2013). Hence, the attacker who employs the Trojan Horse are in effect breaking the law as for instance, if they employ the remote access Trojan Horse that is used to access, govern and spy a victim’s’ system, the victim’s’ personal and private ‘property,’ in terms of data, is exposed and is not meant to be publicized (123Helpme 2013).

2) The effects of Trojan Horses may constitute breaking of the law and thus becomes a legal issue. For instance, in the United Kingdom, three separate court cases were concluded on the foundation that an unidentified and unknown person inserted code on the defendant’s machine via the Trojan Horse constituting their computers to breach and infringe on the law devoid of their realization (Kessler 2013). Two of the said cases concerned the incidence of child pornography on the machines of the defendant’s (Kessler 2013). Possession of child pornography is a serious offence in the United Kingdom and any other country for that matter and constitutes the breaking of the law for which one may be prosecuted in a court of law. Therefore, it becomes a legal issue. In both instances, the defendants were found not guilty as further investigations found evidence of the existence of Trojan Horses on their machines which would navigate the user to child pornography websites (Kessler 2013). It may be perpetrated by the FTP (File Transfer Protocol) Trojan Horse which allows the attacker to access the victim’s machine via port 21 (The File Transfer Protocol Port) who may then transfer files, programs or apps that lead to child pornography websites.

3) Trojan Horses in its inherent form are software programs. Software programs are intangible and hence, not governed by well-known physical laws. Therefore, it is only its illegal effects and outcomes that constitute breakage of the law. There is also no regulatory body or organisation that govern the creation and use of softwares. Hence, in itself it becomes a legal issue that there is no law governing the creation and coding of Trojan Horses and no-one stops to look at who actually created and invented it in the first place but instead the blame is laid on the attacker who employs its use.

4) Hacking, the legal term being computer fraud may be perpetrated by the employment of the data sending and remote access Trojan to steal credit card numbers and for the unlawful to illegally enter a computer system for which one may be arrested and hence, it becomes a legal issue (NC State University 2013). For instance Kevin Mitnick was arrested at 1:30 am on February 15, 1995 in Raleigh, N.C. after running from the FBI for upto three years (NC State University 2013). He was charged with the theft via hacking of more than 20,000 credit card numbers and the illegal access into a multitude of computer networks (NC State University 2013). Therefore, hacking via the Trojan Horse becomes a legal issue as it constitutes breaking the law for which one may arrested and charged.

Professional Issues with Trojan Horses

1) Financially motivated hackers hacking via remote access, data-sending or proxy Trojans, consider the employment of these practices as their career and extremely profitable in their home countries (Hilbert II 2013). Some earn $200 a month and are willing to spend $40 a month on an internet connection which will yield a $1000 profit and is more money then most Eastern European hackers have ever see at one time (Hilbert II 2013). Hence, they are willing to spend a fifth of their monthly salary to be online (Hilbert II 2013). Hence, it becomes a professional issue as it is their occupation to earn money and hence make a living or livelihood via the employment of Trojan Horses.

2) Trojan horses cannot be created or programmed by ordinary computer users (Kariuki 2013). They are created by computer professionals who are experts in the IT field and who are also gifted and talented (Kariuki 2013) Hence, it becomes a professional issue when these highly trained and sophisticated professionals utilize their expertise to create malicious software like Trojan horses. The question is, are they not getting paid enough in their jobs that they have to create Trojan horses to steal credit card information and bank account information as with the data sending Trojan, so as to then use it to steal money from unsuspecting users? Or is it that they like to challenge to prove their own expertise and come up with Trojans that can cause the most damage and can bypass even the most hardened and secure of networks? In both cases it is a professional issue as it is fraud carried out by the employment and use of a learned profession, the IT profession.

3) Illegally acquired goods and services from money used with illegally acquired credit card information as a result of hacking using the Trojan Horse, specifically the remote access, data sending and proxy Trojan leads to loss of income and livelihood for businesses who have to deal with illegal credit card and banking transactions which leads to losses amounting to millions of dollars. The individual victims of credit card fraud also suffer huge monetary loss and in both instances it becomes a professional issue. This is because the livelihood earned fair and square are instead turned into humongous losses, in monetary terms of course.