|
Viruses, Worms and Trojans
Viruses, worms, trojans and other forms of malicious code or
"
malware"
are among the most high profile of IT security threats. The
same infrastructure that enables businesses to operate and communicate
electronically using their personal computers - networks, email, internet
access, etc. - can allow malicious code to rapidly spread to large numbers of
systems if appropriate defensive measures are not in place. The key types of
malware are:
Trojan: Named after the wooden horse of
Troy, the term "
trojan"
describes a program with a hidden yet
deliberate and undesired action. It may purport to be a game, or a useful
utility, or some other software application. And to disguise its hidden,
malicious intent a trojan may indeed include some or all of the functions of the
software it purports to be. But the trojan also has a hidden "
payload"
which can be almost anything - such as deleting data, interfering with normal
system operation, or capturing keystrokes and relaying them to a remote machine.
Virus: The simple definition is that
"
a virus is a replicating trojan"
. To be more precise, a computer
virus is executable code that, when run by someone, infects or attaches itself
to other executable code in a computer in an effort to reproduce itself. There
may be no other payload (in other words, the virus may simply spread from disk
to disk, program to program, computer to computer, etc - but not do anything
undesired or destructive other than that).
Worm: A worm is "
self-propagating
malicious code"
. It may be a virus that is able to propagate itself to
other computers by transferring itself from an infected system to other target
systems by email or through network shares, or it may be code that is memory
resident and which does not alter executable code stored on the hard disks of
infected systems but rather spreads by other means such as exploiting buffer
overflows. Apart from the ability to propagate, worms may of course include
additional "
payloads".
|
|
|
