Check other parts here:
- Know Your Enemy
- Types of Network Damage
- Why in the heck do I get attacked?
- Malware Part 2
- Malware Part 3
- Botnets Part 1
- Botnets Part 2
The point of today’s lesson is to help you teach your friends and family more about the different types of malware, and debunk a few of the common myths about viruses. Who knows, maybe you’ll learn a thing or two as well.
The meaning of those words have changed over time and people may use some meaning the other. In this academy, I will project my own perspective by dividing and separating this topic to [How you get infected] and [Type of actions] once infected. This will make it easy for you to digest.
Why should I care in the first place to know those stuff??
Why it is good practice to know these terms and distinguish between them, someone may ask? Well, if you know that you get infected by a worm, then you should panic more than if you get hit by a virus because of the speed of spread. It is also nice to read in the news about one of those terms and say “OH, I know what this means!”
Another important thing is that when you purchased an Antivirus software, that you check with the supplier what kind of malware it can detect. Sometimes, those Antivirus software will protect you against some but not all of those bad guys. So pay attention!!
You will hear a lot about vulnerability and Exploit
Funny thing about software: it’s written by humans. Humans are fallible and sometimes they do mistakes. Sometimes those mistakes create strange behavior in programs. And sometimes that strange behavior can be used to create a hole that malware or hackers could use to get into your machine more easily. That hole is otherwise known as a vulnerability.
The strange behavior that can be used to create a hole for hackers or malware to get through generally requires someone to use a particular sequence of actions or text to cause the right (or is that wrong?) conditions. To be usable by malware (or on a larger scale by hackers), it needs to be put into code form, which is also called exploit code.
It is all Malware
The word malware is a combination of two words “malicious” and “software”. Malware is the big umbrella term. It covers viruses, worms and Trojans, and even exploit code. But not vulnerabilities or buggy code, or products whose business practices you don’t necessarily agree with.
The difference between malware and vulnerabilities is like the difference between something and the absence of something. Yeah, okay, that’s a bit confusing. What I mean is malware is a something. You can see it, interact with it, and analyze it. A vulnerability is a weakness in innocent software that a something (like malware or a hacker) can go through.
If you recall from previous Security Academy courses, we talked about types of attack.Well, some kinds of malware can be considered Denial of Service DoS attacks, because usually they do nasty stuff to your files or consume your bandwidth, memory or disks pace, and preventing you from using corporate resources.
Sometimes you’ll hear the term “rootkit” or “bootkit” used to describe a certain type of malware. Generally, this refers to methods that the malware uses to hide itself deep inside the inner workings of Windows so as to avoid detection.