We hear a lot about adware, spyware, malware, etc. all the time. We used to hear more about viruses and worms ... have the latter been eradicated or are they still out there in the wild? In the next few weeks I'l be discussing mobile phone security (a topic many of our insurance agency partners have expressed interest in) so I'll start out with some definitions:
Adware is software that automatically downloads or displays unsolicited third party advertising material to a computer.
Malware is short for 'Malicious Software' and is the overarching term for any computer program that is written with the intent of performing unwanted acts on a computing device (including mobile phones) without the knowledge or permission of the owner or user of that device. Common types of Malware include Adware, Spyware, Trojan Horse programs,Viruses and Worms.
Phishing - The Anti-Phishing Working Group defines Phishing as "Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials. Social-engineering schemes use 'spoofed' e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers, account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware." (source: APWG, www.apwg.org).
Spam is the term used to describe unsolicited electronic messages. Spam is generally associated with e-mail, however spam can be sent using other mechanisms too. In addition to e-mail, SMS, MMS (multi-media messaging service), IM, Tweets, FB Messages spam are all possible.
Spyware is a form of malware that is designed to steal confidential data from the computer or mobile phone it is running on. Usernames, passwords and PIN numbers are often captured by Spyware to enable its author to gain unauthorised access to the services that these credentials are intended to protect.
A Trojan Horse program is a specific form of malware. Like the Trojan Horse of Greek mythology, Trojan Horse programs trick a user into installing them on their phone or computer by masquerading as genuinely useful applications. Once installed however, the Trojan Horse will perform some unauthorised and malicious activity on the computer or phone. Trojan Horses are one reason why you should only install software on your phone or PC if you are confident that you can trust the source of this software. Trojan Horse programs differ from Viruses and Worms because Trojan Horse programs do not replicate.
A Virus program is a specific form of malware. Viruses infect phones and computers by attaching themselves to files, executables or documents. When an infected file is transferred from one device to another and the file is opened, for instance by opening an e-mail attachment, the virus infects the receiving device. Unlike worms, viruses are unable to propagate between devices automatically, they rely on some human action to transfer them from machine to machine. Once installed on a phone, a virus will make copies of itself and embed these on files found within the phone to evade simple deletion, it will also generally perform some unauthorized and malicious activity on the computer or phone.
Worms are a specific class of malware. Worms differ from viruses in that a worm spreads by transmitting itself from an infected computer or mobile phone to another vulnerable device without human intervention. In the PC space, worms typically propagate from one computer to another over network connections, including the Internet. In the mobile phone arena, worms usually use Bluetooth or MMS messaging to move from one phone to another. Most mobile operators block worm transmission by MMS (by scanning media before forwarding to recipient). Virtually all known mobile phone worms can't infect a phone without first displaying a number of prompts on the phone display. Users can block infection of their device or the spread of the worm by selecting the right response to these prompts. For instance, users can answer 'No', if prompted, to decline a connection from a nearby mobile if the user is unsure of the source.
Here are some other, more detailed definitions of malware and a taxonomy:
http://en.wikipedia.org/wiki/Malware
http://maec.mitre.org/about/index.html
----------------------------
John Brady is Information Security Architect Engineer at Westfield Insurance. Sharing Knowledge. Building Trust
