Threats are continuously evolving but your firewall protection may not. Now is the time to look beyond traditional network security and incorporate protection against malware and exploits that pass-through PCs and mobile devices when users browse the Internet, send or receive an email, and download applications.
The software which enables these crimes is categorized as malware. As worrisome as malware is—and it continues to get worse—there are straightforward and extremely effective ways to address it. But first, know your enemy. Typical malware consists of six main types—viruses, worms, Trojans, spyware, adware, and rootkits.
Probably the best-known type of malware is the virus. Typically designed to inflict damage against the end user, computer viruses can purge an entire hard disk, rendering data useless in a matter of moments. In order to infect a system, the virus must be executed on the target system; dormant computer viruses which have not been executed do not pose an immediate threat.
Unlike computer viruses, worms have the capability of spreading themselves through networks without any human interaction.
Once infected by a worm, the compromised system will begin scanning the local network in an attempt locates additional victims. After locating a target, the worm will exploit software vulnerabilities in a remote system, injecting it with malicious code in order to complete the compromise.
Like viruses, Trojans typically require some type of user interaction in order to infect a system. However, unlike most worms and viruses, Trojans often try to remain undetected on the compromised host. Trojans are small pieces of executable code embedded into another application. Typically the infected file is an application the victim would use regularly (such as Microsoft Word or Calculator). The goal is for the victim to unknowingly execute the malicious code when launching an otherwise innocent program. This often results in Trojans infecting a system without triggering any type of notification.
Like some types of Trojans, spyware is used to collect and relay sensitive information back to its distributor.
Spyware typically is not malicious in nature. However, it is a major nuisance, typically infecting web browsers, and making them nearly inoperable. Spyware is often used for deceitful marketing purposes, such as monitoring user activity without their knowledge. At times, spyware may be disguised as a legitimate application, providing the user with some benefit while secretly recording behavior and usage patterns.
Adware, as the name implies, is typically used to spread advertisements providing some type of financial benefit to the attacker. After becoming infected by adware, the victim becomes bombarded by pop-ups, toolbars, and other types of advertisements when attempting to access the Internet.
Arguably the most dangerous type of malware is the rootkit. Like remote access Trojans, rootkits provide the attacker with control over an infected system. However, unlike Trojans, rootkits are exceptionally difficult to detect or remove. Rootkits are typically installed into low-level system resources (below the operating system). Because of this, rootkits often go undetected by conventional anti-virus software. Once infected with a rootkit, the target system may be accessible by an attacker providing unrestricted access to the rest of the network.