Malicious Software: Worms, Trojans and Bots, Oh My!
Learn about the differences between various types of malware.
Dealing with malicious software, better known as malware, is a reality that we all face any time we connect to the internet. Nobody wants to open up their email to discover that they’ve just sent an infected file to all their friends, or that their data has been wiped by a virus. But although most people fear viruses, they are also surprisingly unaware of just what is out there in terms of malware and how it does its devious work. Here we’ll look at some basic classes of malware and how they work to make your life miserable.
Before we dig too deep into classes and types, we need to have a clear understanding of malware. Malware actually goes by another name, malicious code (or malcode). The "malicious" or "mal" (from the Latin "mallus," meaning "bad") means to attack, destroy, alter or otherwise damage the host machine on which it runs or the network to which that machine is attached. So, in short, malcode is dangerous code, and malware is dangerous software.
Although some malware can get into a machine through weaknesses in an operating system or a browser, most require a user to download it or somehow activate it by clicking a link or opening a file. Once the malware is active within a system, it will execute the instructions contained in its code.
There is no doubt that malware can do a lot of damage, such as changing how other applications work and locking or destroying data, but it does have limitations. Like legitimate software, malware cannot make any changes to a device's hardware. This means that even in the very worst-case scenario, a user can lose all of his or her data, but still recover the device by clearing it and reinstalling the operating system and other applications.
However, it is still best to avoid malware altogether. Becoming aware of the types of threats out there is one way that computer users can protect themselves.
Computer Viruses: Catching a Flu from Files
Viruses are probably the best-known type of malware. Like viruses in the natural world, computer viruses have two main purposes: to copy themselves and to spread. The actual damage a virus does depends on its designer. It is possible to have a benign virus that spreads without doing anything of note to the machines it infects.
Unfortunately, most viruses get into other programs, scripts and other sets of instructions that are running on a device, and make changes in these areas. It is in this way that viruses destroy data, shut down programs and even prevent a computer from booting up. (To learn more about viruses, see The Most Devastating Computer Viruses.)
Worms: Burrowing Their Way Through Your Network
Worms are very similar to viruses in that they are mostly concerned with copying themselves and spreading, but they use a different delivery system. Instead of spreading via infected files, worms use network vulnerabilities to travel from one host to another. This means that worms don’t require a user to open anything or activate them in anyway – they crawl in through a gap in a user's network security.
Once it gains access to a network, a worm looks for the next place to spread. While moving through the hosts in a network, the worm can do the same types of damage as a virus. Most worms also carry a payload, which is essentially a computer virus that the worm delivers once it reaches a new host. For example, the Blaster Worm, which appeared in 2003, carried a virus that caused computers running Windows to reboot multiple times. However, even seemingly harmless payload-free worms can overload a network and create a denial-of-service attack.
Trojans: More Interested In Controlling Your Computer Than Kidnapping Helen of Troy
Like the fabled wooden horse that was used to fool the people of Troy into letting the Greeks in, malware Trojans allow other people to gain access to your devices. Like a virus or a worm, a Trojan can run code that will damage or otherwise alter a device and its data. However, most Trojans are designed to open a back door into a system that a hacker can use to control and manipulate the device.
Unlike viruses and worms, Trojans don’t copy themselves or attempt to spread to multiple computers. They are generally contained in a disguised file that depends on the user to activate it.
Bots: When Robots Rule the World
Bots are automated programs that carry out a specific process. There are many legitimate bots that help the Internet run smoothly, such as the Googlebot. However, bots can also be used to carry out more dubious processes, such as infecting unprotected computers and adding them to a malicious bot network (botnet).
By remotely controlling a number of computers, the individual running the botnet can carry out many different types of attacks. For example, bots can steal data from the infected computer, including the user's contacts, passwords and other private information. Computers infected by bots may also become nodes for spreading spam, malware and other nasty surprises to other users. And finally, bots can use the infected network to launch denial-of-service attacks and other large-scale attacks. Bots are perhaps the most powerful type of malware in that they can be spread in many different ways and can attack using multiple methods.
Spyware: I Am Looking At You Right Now
Spyware doesn’t attack your computer, but it still fits the definition of malware. Spyware collects information from your computer and sends it back to the program's creator, presumably so he or she can log in to your bank account or sell your personal information. Spyware is most often disguised as a free program to carry out another function, or it may be packaged with a legitimate piece of software. (For more on technology-based spying, see Beware! Your Devices Are Spying On You.)
How to Deal With it All: Common Sense Goes a Long Way
So now that you know about all these threats, how do you protect yourself?
The simple answer is that a bit of education and common sense is the most important aspect. It's pretty simple: don't open email attachments from people you don't know, and don't click on links from strangers. The limitation on viruses is that they have to be spread through infected files. In the vast majority of cases, a user must open the file to activate the virus.
The second thing you can do is always have up-to-date anti-virus software on your computer. The term "anti-virus" is getting somewhat dated. Most packages will protect you not just against viruses, but also other threats like worms and Trojans, but also spyware. There are many options out there both free and paid, that will give you solid protection from the vast majority of threats.
Finally, keeping your OS and your anti-virus system up to date is often enough to keep the malware out. Companies like Microsoft that make operating systems work very hard to keep on top of any new threats. You might not notice anything different while using a PC after a Windows update, but know that underneath the hood, there are significant updates that serve to plug any newly discovered security holes.
Malware isn’t going away. In fact, as the number of people using internet-enabled devices increases, the number and varieties of malware will likely increase as well. Being aware of the malware that is out there is the first step toward defending yourself from attacks. Most malware can be avoided by applying some commonsense when you are downloading and opening files from various sources. However, for a more complete sense of security, a trusted anti-virus program and a proper firewall can’t be beat.