Description: Malware is an umbrella term derived from "malicious software", and refers to any software that is intrusive (unauthorized access), disruptive, or destructive to computer systems and networks. Malware may take many forms (executable code, data files) and includes, but is not limited to, computer viruses, worms, trojan horses (trojans), bots (botnets), spyware (system monitors, adware, tracking cookies), rogueware (scareware, ransomware), and other malicious programs. The majority of active malware threats are usually worms or trojans rather than viruses.@import((Attacks-Malware-Comparison))
Targets: Ubiquitous: Large enterprises, Small-Medium Businesses (SMBs), home and mobile computer/phone users.
Countermeasures: Common malware remedies for SMBs and home computer users include, but are not limited to, firewalls, anti-virus software, anti-spam software, and practicing good Cyber hygiene habits. Remedies for larger enterprises include all the above as well as specialized anti-malware software and rigorous Penetration Testing.
- Computer Viruses (Viruses)
- Computer Worms (Worms)
- Trojan Horses (Trojans)
- Spyware - System Monitors, Adware & Web-Tracking Cookies…
- Rogue Security Software (Rogueware) - Scareware, Ransomware…
Description: A computer virus (virus) is a malware program that replicates itself by inserting a copy of itself, possibly mutated, to a program or data file on a host computer without the user's explicit consent. When the virus successfully inserts a copy of itself into a computer host, the target computer host is considered to be infected by the virus. The computer virus's replication behavior is analogous to how a biological virus propagates, hence the shared terminology.
Viruses often carry harmful payloads which disrupt or damage infected hosts by various means, such as consuming computer resources (processing cycles, storage space), corrupting data, logging keystrokes, accessing private information, etc. However, not all viruses carry harmful payloads; some viruses may be benign (i.e., replicate without permission, but do no obvious harm).
For example, you could propagate a spreadsheet virus with a data corruption payload by attaching an infected spreadsheet data file to an email, or providing a download link to the infected data file. When the recipient of your email opens the attached infected data file, or someone downloads your infected data file, the virus inserts itself and executes its harmful payload, in this case corrupting data on the recipient computer host.
In general, computer viruses are passively propagated; i.e., users need to pass them along by disk transfers and email attachments. This is in contrast to Computer Worms, which are capable of more aggressive self-propagation (e.g., they can spread themselves via email).
Targets: Ubiquitous: Large enterprises, Small-Medium Businesses (SMBs), and personal computers. Mobile computer/tablet/smartphone users are also potential targets.
Countermeasures: Anti-Virus software specializes in computer virus removal. Extreme infections may require and wiping storage disks and Operating System (OS) reinstallation.
See also: Computer Worm, Trojan Horse.
Compare & contrast: Computer Worm, which replicates like a virus but propagates more aggressively.