Introduction to cyber security: stay safe online | 1

Introduction to cyber security: stay safe online

Week 3: Malware

Introduction
Video player: ou_futurelearn_cyber_security_vid_1005.mp4

The two biggest threats to consumers online are malware and phishing. Cory introduces you to
malware, which is the focus of this week.
Malware is the collective name for software that has been designed to disrupt or damage data,
software or hardware. There are several types of malware, such as viruses, worms and Trojans,
which you’ll learn more about in the next few sections.
However, as malware has evolved from its beginnings as demonstrations of prowess by individual
programmers to sophisticated technologies developed by organised crime, the boundaries between
the different categories are beginning to blur.
 Introduction to cyber security: stay safe online | 2

1 Viruses

Figure 1
Long description
The best-known type of malware is probably the virus; although many pieces of malware are called
viruses, they are nothing of the sort.
A virus is a piece of software that has been written to insert copies of itself into applications and data
and onto crucial parts of a computer’s hard disk. Viruses are said to be self-replicating programs and
date back as far as the early 1970s, but they only became well known with the advent of
microcomputers and later, the internet.
Viruses attach themselves to specific applications on a computer and are activated when the
program is first run. At that point, the virus may make a copy of itself on the hard disk and continue
to run, or it may only run each time the application is used. Early viruses, relying on floppy disks for
transmission, spread quickly as infected data disks were shared around an office, or pirated software
was passed around a playground. Nowadays, viruses rely on devices such as flash memory cards or
are transmitted through internet connections.
Although some viruses are not intended to cause harm, the majority of these programs are designed
to harm users, by corrupting their data or attacking the operating system itself or providing an
exploitable ‘back door’, giving attackers access to the computer. Even where no harm is intended,
viruses consume memory, disk space and processing power.
 Introduction to cyber security: stay safe online | 3

1.1 Worms

Figure 2

Long description
Another type of self-replicating malware is the worm; like a virus it is designed to make copies of
itself, but unlike a virus, a worm is a standalone application.
Worms spread through network connections, accessing uninfected machines and then hijacking
their resources to transmit yet more copies across the network.
There are four stages in a worm attack:
1. The first stage is when the worm probes other machines looking for a vulnerability that can be
exploited to copy itself to.
2. The second stage is to penetrate the vulnerable machine by performing the operations for
exploiting the vulnerability. For example, the worm might detect an open network connection,
through which it can get the remote machine to execute arbitrary instructions.
3. In the third stage, the worm will download itself to the remote machine, and store itself there.
This is often called the ‘persist’ stage.
4. In the final stage, the worm will propagate itself by picking new machines to attempt to probe.
Worms were invented as a curiosity and have even been suggested as ways of testing networks or
distributing software patches across a network; however their drawbacks far outweigh their benefits.
Even the most ‘benign’ worm consumes resources and can affect the performance of a computer
system.