THE DAYS WHEN VIRUSES were the greatest threat to computers
are long gone. Today, a virus is just one of many categories of malicious
software, or malware, that can wreak havoc on computer systems and networks.
Deluged with such a huge assortment of threats to their systems and
often unable to distinguish one type of threat from another, individual computer
users and businesses have had to defend themselves by purchasing
all kinds of security software. Section E explains how you can use security
software to combat malicious software that threatens your computer.
Security software basics
What is security software? Security software is designed to protect
computers from various forms of destructive software and unauthorized
intrusions. One of the first security software offerings was created by Dr.
Peter Tippett, an emergency room physician who took a page from conventional
medicine and applied it to computer viruses. The security software
developed by Dr. Tippett was sold to Symantec Corporation in 1992 and
incorporated into the popular Norton AntiVirus software.
Security software can be classified into various types: antivirus, anti-spyware,
anti-spam, and firewalls. Each type focuses on a specific security
threat.
What are malware threats? The terms malicious software and
malware refer to any computer program designed to surreptitiously enter a
computer, gain unauthorized access to data, or disrupt normal processing
operations. Malware includes viruses, worms, Trojans, bots, and spyware.
Malware is created and unleashed by individuals referred to as hackers,
crackers, black hats, or cybercriminals. The motivation behind malware
is varied. Some malware is intended to be a relatively harmless prank or
mildly annoying vandalism. Other malware is created to distribute political
messages or to disrupt operations at specific companies. In an increasing
number of cases, the motivation is monetary gain. Malware designed
for identity theft or extortion has become a very real threat to individuals
and corporations. Organized crime bosses, drug traffickers, and terrorists
are joining forces with cybercriminals to increase the sophistication of their
activities (Figure 3-44).
Emerging security threats often combine and refine old exploits,
blurring the lines between viruses, worms, and other kinds of malware.
For example, a Trojan horse might carry a bot that turns
a victim’s computer into a distribution point for a mass-mailing
worm. Security experts use the term blended threat to describe
malware that combines more than one type of malicious program.
Although the nuances of blended threats are beyond the scope
of this chapter, it is important to understand the threats posed by
malware if you hope to avoid identity theft and other inconvenient
computing incidents.
Figure 3-44
Security breaches were once little
more than pranks, but today’s
threats from organized crime and
terrorists are serious concerns for
Individuals as well as for corporations
and governments
What is a virus? A computer virus is a set of program instructions that
attaches itself to a file, reproduces itself, and spreads to other files. A common
misconception is that viruses spread themselves from one computer
to another. They don’t. Viruses can replicate themselves only on the host
computer. A key characteristic of viruses is their ability to lurk in a computer
for days or months, quietly replicating themselves. While this replication
takes place, you might not even know that your computer has contracted
a virus; therefore, it is easy to in advertently spread infected files to other
people’s computers.