Software Engineering; Security
Malware, or malicious software, is a form of software designed to disrupt a computer or to take advantage of computer users. Creating and distributing malware is a form of cybercrime. Criminals have frequently used malware to conduct digital extortion.
Malware, or malicious software, is a name given to any software program or computer code that is used for malicious, criminal, or unauthorized purposes. While there are many different types of malware, all malware acts against the interests of the computer user, either by damaging the user's computer or extorting payment from the user. Most malware is made and spread for the purposes of extortion. Other malware programs destroy or compromise a user's data. In some cases, government defense agencies have developed and used malware. One example is the 2010 STUXNET virus, which attacked digital systems and damaged physical equipment operated by enemy states or organizations.
The earliest forms of malware were viruses and worms. A virus is a self-replicating computer program that attaches itself to another program or file. It is transferred between computers when the infected file is sent to another computer. A worm is similar to a virus, but it can replicate itself and send itself to another networked computer without being attached to another file. The first viruses and worms were experimental programs created by computer hobbyists in the 1980s. As soon as they were created, computer engineers began working on the first antivirus programs to remove viruses and worms from infected computers.
One of the most familiar types of malware is adware. This refers to programs that create and display unwanted advertisements to users, often in pop-ups or unclosable windows. Adware may be legal or illegal, depending on how the programs are used. Some Internet browsers use adware programs that analyze a user's shopping or web browsing history in order to present targeted advertisements. A 2014 survey by Google and the University of California, Berkeley, showed that more than five million computers in the United States were infected by adware.
Another type of malware is known as spyware. This is a program that is installed on a user's computer to track the user's activity or provide a third party with access to the computer system. Spyware programs can also be legal. Many can be unwittingly downloaded by users who visit certain sites or attempt to download other files.
One of the more common types of malware is scareware. Scareware tries to convince users that their computer has been infected by a virus or has experienced another technical issue. Users are then prompted to purchase “antivirus” or “computer cleaning” software to fix the problem.
Although ransomware dates back as far as 1989, it gained new popularity in the 2010s. Ransomware is a type of malware that encrypts or blocks access to certain features of a computer or programs. Users with infected computers are then asked to pay a ransom to have the encryption removed.
Combating malware is difficult for various reasons. Launching malware attacks internationally makes it difficult for police or national security agencies to target those responsible. Cybercriminals may also use zombie computers to distribute malware. Zombie computers are computers that have been infected with a virus without the owner's knowledge. Cybercriminals may use hundreds of zombie computers simultaneously. Investigators may therefore trace malware to a computer only to find that it is a zombie distributor and that there are no links to the program's originator. While malware is most common on personal computers, there are a number of malware programs that can be distributed through tablets and smartphones.
Often creators of malware try to trick users into downloading their programs. Adware may appear in the form of a message from a user's computer saying that a “driver” or other downloadable “update” is needed. In other cases, malware can be hidden in social media functions, such as the Facebook “like” buttons found on many websites. The ransomware program Locky, which appeared in February 2016, used Microsoft Word to attack users’ computers. Users would receive an e-mail containing a document that prompted them to enable “macros” to read the document. If the user followed the instructions, the Locky program would be installed on their computer. Essentially, users infected by Locky made two mistakes. First, they downloaded a Word document attachment from an unknown user. Then they followed a prompt to enable macros within the document—a feature that is automatically turned off in all versions of Microsoft Word. Many malware programs depend on users downloading or installing programs. Therefore, computer security experts warn that the best way to avoid contamination is to avoid opening e-mails, messages, and attachments from unknown or untrusted sources.
—Micah L. Issitt
Bradley, Tony. “Experts Pick the Top 5 Security Threats for 2015.” PCWorld. IDG Consumer & SMB, 14 Jan. 2015. Web. 12 Mar. 2016.
Brandom, Russell. “Google Survey Finds More than Five Million Users Infected with Adware.” The Verge. Vox Media, 6 May 2015. Web. 12 Mar. 2016.
Franceschi-Bicchierai, Lorenzo. “Love Bug: The Virus That Hit 50 Million People Turns 15.” Motherboard. Vice Media, 4 May 2015. Web. 16 Mar. 2016.
Gallagher, Sean. “‘Locky’ Crypto-Ransomware Rides In on Malicious Word Document Macro.” Ars Technica. Condé Nast, 17 Feb. 2016. Web. 16 Mar. 2016.
Harrison, Virginia, and Jose Pagliery. “Nearly 1 Million New Malware Threats Released Every Day.” CNNMoney. Cable News Network, 14 Apr. 2015. Web. 16 Mar. 2016.
Spence, Ewan. “New Android Malware Strikes at Millions of Smartphones.” Forbes. Forbes.com , 4 Feb. 2015. Web. 11 Mar. 2016.
“Spyware.” Secure Purdue. Purdue U, 2010. Web. 11 Mar 2016.