WHAT IS MALWARE?
Malware is malicious software that is designed to affect computer operations or gaining access to the computer system without the user’s knowledge or permission. Computer viruses, worms, Trojan horses, ransomware, spyware, adware, scareware are some of the malware. Malware is simple to identify. Most cybercriminals target the user’s end devices through the installation of malware.
A malicious executable code attached to another executable file is known as a virus. Most of the viruses need the end user’s initiation and can activate at a specific time or date. Computer viruses are spread through removable media, downloads from the internet, and email attachments. The virus can be simple or destructive. They may delete or modify the user’s data. Opening a file may trigger a virus. The USB flash drives are infected by the virus and then spread to the system’s hard disk. A virus will also be activated by executing a specific program. Once the programs get infected by a virus, it will affect the other programs on the computer network. The Melissa virus was an example of a virus that has spread through email and affected thousands of end-users.
Worms are malicious code that exploiting vulnerabilities in networks. Unlike a virus, they replicate independently. Viruses require a host program to run whereas worms can run by themselves. Worms are used to slow down the networks. Other than the initial infection, worms no longer need the user’s participation. Worms share similar patterns and once they affect the host they can spread fast through the network. Worms propagate themselves by carrying a payload. The code red worm in 2001 has affected nearly 658 servers.
A Trojan horse is a malware that carries out malicious operations. It is disguised under the desired operation such as playing an online game. Once the user runs the files with Trojan horse, the malicious code exploits the privileges of the user. The Trojan horse binds to the non-executable files. Some of such files are image files, audio files, or games.
A logic bomb is a malicious program. It requires a trigger to work. It remains inactive until it is triggered by an external event. Once the bomb gets activated, it harms the user’s computer. A logic bomb can modify data records, or remove files or attack the operating system. The logic bomb overdrives the devices like cooling fans, CPU memory, hard drives until these devices get overheated or corrupts.
Ransomware holds the files and devices until the target makes the payment. It works by encrypting the data with a key unknown to the user. To remove the restriction, the user may pay a ransom to the criminals. Some other versions of ransomware can take advantage of specific vulnerabilities to lock down the system. It may enter through the downloaded files or sometimes it may propagate as Trojan horses. Once the victims pay the ransom, the criminals will issue the key to unlock the code or the programs that decrypt the files. They receive the payment through the untraceable payment system.
A backdoor refers to the criminal introduces the malicious program or code by compromising the system. Netbus and Back office are some of the backdoors that allow remote access to unauthorized access. Even though the organization fixes the original vulnerability, the backdoor grants the cybercriminals future access to the system. Usually, criminals run a Trojan horse program to install the backdoor to the user’s system.
To introduce a backdoor in the system, the rootkits help to modify the operating system. The attackers use the backdoor to access the system. Most rootkits take advantage of software vulnerabilities to modify or delete the system files. Rootkits modify the system forensics and monitoring tools.
DEFENDING AGAINST MALWARE
Some steps to follow that defends against all types of malware:
· ANTIVIRUS SOFTWARE: Most of the malware is caught by the antivirus suites. On the daily basis, cybercriminals develop and deploy new threats. Therefore the key to an effective antivirus solution is that keep the systems updated. A signature is like a fingerprint to identify malicious codes.
· UP-TO-DATE SOFTWARE: Through the software vulnerabilities in software both in the OS and applications, malware can achieve its objectives. The application-level vulnerabilities also cause severe risks to the system. So always use the up-to-date software.