What is Malware?
Malware is a generic term that covers any type of unwanted malicious software designed to destroy, copy or intercept data that is installed on the computer without your consent. There are various forms of malware 'in the wild' and we have covered four of the main threats below:
Viruses
A program or piece of code which normally attaches itself to an executable file. The virus will remain dormant on the computer until the program or file is interacted with, for example someone runs the program or opens the file. Once this interaction takes place the virus then infects the computer potentially damaging your hardware, software and files. Like their biological equivalent computer viruses can self-replicate to consume all of the computer's resources and bring the system to a halt. More dangerous viruses can spread across networks and bypass security systems.
Worms
Similar to viruses, worms are programs that propagate over a network and can travel without human interaction. Worms are self-replicating, so rather than a single worm infecting the network, a compromised computer can send hundred or even thousands of copies of the worm. This can not only use up all of a single computer's resources, possibly to the extent that the system shuts down, but can also affect the bandwidth of the whole network. Worms can also create a backdoor into your system to allow unauthorized access. Unlike viruses, worms do not attach themselves to other files or programs.
Trojans (Trojan Horse)
Named after the wooden horse of Troy from Homer's Iliad, a Trojan is a non-replicating destructive program masquerading either as a legitimate application or as a file from a legitimate source. Trojans can damage and delete data as well as compromise security by retrieving and intercepting personal or confidential data and can also create a backdoor for unauthorized users to gain access to your system.
Spyware
Designed to covertly gather information through the internet connection and installed without the user's knowledge, spyware applications are typically bundled as a hidden component with freeware of shareware programs. Once installed the user's internet activity is monitored and this information diverted to someone else. Some spyware can record all of the user's keystrokes, scan files and other applications and even install other spyware programs. The data intercepted by spyware can range from basic details that the recipient may use or sell on for advertising purposes through to the retrieval of email addresses, passwords, credit card and banking data. Spyware can be thought of a similar to Trojans, as both are unknowingly installed by the user when installing legitimate software. Spyware not only comprises the security, but through its use of the computer's resources can also lead to system instability in addition to consuming high levels of network bandwidth.
What do you want to do?
- Review the Managed Antivirus Quick Start Guide
- Enable Managed Antivirus on individual servers and workstations or on all servers and workstations at a client or site
- Configure Managed Antivirus Policies. Includes scan schedules, remediation action (default threat action), end-user interaction