Malware is the collective name given to software that has been developed to disrupt or damage data, software or hardware, as well as gain unauthorised access to computer systems.
Malware is often disguised as, or embedded in, non-malicious files and can be spread via e-mail attachments or other methods of file sharing. Where e-mails are used they can often appear as though they are from a trustworthy individual or organisation, but instead come from a hacker and include infected attachments or links to infected web pages. This is known as e-mail spoofing. Where links to infected web pages are included, a drive-by download could be initiated upon visited the page, where the malware is downloaded to a user’s computer without their knowledge or consent.
Malware comes in a number of different forms, which are described below.
Viruses are the most well-known type of malware. A virus is a piece of software that can be designed to insert copies of itself into legitimate software, files or critical areas of a computer’s hard disk and can be subsequently spread to other computers. This can all be done without the knowledge of the user. The infection process can start simply by opening a previously infected file or piece of software. Once active, a virus is said to be self-replicating, attaching itself to other files and programmes. As well as causing damage to files and computer systems in general, they can consume a significant amount of memory, disk space and processing power, which will slow a computer down, or even render it unusable. Viruses can also be used to provide a hacker unauthorised access to a computer system.
Worms are similar to viruses in that they are self-replicating, however, they don’t require any user interaction to start the infection process. Worms spread through a computer network to infect other computers and use their resources to continue replicating themselves. They can go unnoticed for some time in comparison to viruses, as they don’t damage files, however, as more and more resources are used up by a worm it will have an impact on a systems performance, therefore signifying a problem.
Unlike viruses and worms, a trojan, or trojan horse as it is sometimes known, is not self-replicating. They appear as though they are legitimate pieces of software, such as, a screen saver, a game, or even antivirus software, however, when they are used, they covertly either do damage to a computer system or provide unauthorised access to it. They can also be used to monitor keystrokes from a keyboard of an infected computer and even utilise e-mail software to distribute itself to others.
Spyware is, as the name suggests, software that is used to obtain information about a person or organisation and without their knowledge or consent, transmit the information back to the individual or organisation who initiated the attack.
Ransomware is software that is covertly installed on a computer without the prior knowledge or consent of the user, which encrypts data on the target computer, or even disables the computer itself and demands a sum of money for the data to be unencrypted or computer to be unlocked.
Rootkits are a form of malware, which are specifically designed to modify the operation of the operating system in some fashion to facilitate non-standard functionality. A rootkit can do almost anything that the operating system can do, including modifying the operating system kernel and its supporting functions, as well as changing the nature of the system's operation.