13. Identify types of malicious software (AC 3.1)

Malicious software or malware is type of software specifically created to harm, disable or secretly access computers and networks. Virus A computer virus is very similar to a biological virus. It attaches itself to a legitimate program or a file and waits to be executed. Once triggered, it spreads by embedding itself into other programs or files on your computer of network. For example, you might download a seemingly harmless spreadsheet, and when you open it , it activates the virus which spreads through your system. Virus's purpose is to wreak havoc, if a business is infected, it can wipe their data or cause downtime. Worm Unlike viruses, worms don't need a host file to spread. They move through networks and systems by exploiting vulnerabilities. Hopping from one device to another. For example, a worm can enter your organisation through a single weak point, like and old, outdated computer. It can spread through the entire network in minutes. The infamous WannaCry spread via a worm in 2017. It spread globally in a matter of hours, causing damages ranging from hundreds of millions to billions of dollars. The whole thing lasted a little over 7 hours, and it infected machines in 150 countries. Trojan Named after the Greek mythology story about a war. To win the war, one side decided to build a massive horse and present it a gift to the opposing side. They accepted it and brought it into their city. Little did they know that the horse was full of warriors. This simplification of the old story is very much like the malware trojan horse. It's pretending to be something useful, legitimate and harmless. It can masquerade as anything - security tool, an app, cracked game, but once installed, it revels its harmful intentions. Some Trojans enable attackers to steal sensitive information or allowing attackers to control your system. Hybrid Most of modern malware usually doesn't fit into one category. It's a combination of different types, designed for maximum efficiency. A good example is a bot, which starts as Trojan to infiltrate your system, then it does a function of a worm, which is to spread into more systems and connect infected devices into a botnet. Botnet is a group of internet connected devices, each of which runs one or more bots. The botnets can be enormous, controlling hundreds of thousands of machines worldwide. They are often used for DDoS. Botnets can be rented out on the dark web. Ransomware Unlike other malware that is trying to be subtle and invisible to the user, Ransomware is the opposite, it will let you know that it's there, and unless you're willing to pay, it's there to stay. Ransomware works by encrypting your files, and not allowing you access to them. Ransomware will demand a payment, usually in cryptocurrency, in exchange for a decryption key, so you can access you files again. Anyone can fall victim to ransomware, from individuals to small businesses, to large organisations. The worst thing about ransomware is the unpredictability, there's no guarantee that if you pay the ransom, you'll get the data back. According to the National Cyber Security Centre: "Law enforcement does not encourage, endorse nor condone the payment of ransom demands." Spyware Spyware is like a surveillance camera pointed at you. It will track your activity, logging passwords, capturing screenshots and all other sensitive data you input into your system. One of the ways your system might get infected by a spyware is from a fake email attachment. It will quietly install on your system and gathering useful information and sending it to the attacker. This can often the first step of a much bigger planned attack. Adware Seemingly the least harmful out of all the ones listed above. It will bombard you with unwanted ads, redirecting your web searches to shady websites and slowing down your computer with pop ups. While none of this sounds too sinister, adware often opens door for more dangerous malware to enter your system.