IMPORTANT INFORMATION SECURITY CONCEPTS

Malware is short for malicious software, meaning software that can be used to
compromise computer functions, steal data, bypass access controls, or
otherwise cause harm to the host computer.
VIRUS
• A virus is a form of malware that is capable of copying itself and spreading to
other computers. Viruses often spread to other computers by attaching
themselves to various programs and executing code when a user launches one of
those infected programs. Today, with different kinds of malware infecting the
cyber world, computer viruses have become rather uncommon; they comprise
less than 10% of all malware.
WORMS
• A worm is self-replicating and spreads without end-user action, causing real
devastation. Viruses need end users to kick them off so that they can go on and
infect other files and systems. On the other hand, worms don’t need any such
end-user action. They’d simply spread by themselves, self-replicating in the
process and destroying systems, devices, networks and connected infrastructure
as well.
TROJAN HORSE
• A Trojan horse, commonly known as a “Trojan,” is a type of malware that
disguises itself as a normal file or program to trick users into downloading and
installing malware. A Trojan can give a malicious party remote access to an
infected computer. Once an attacker has access to an infected computer, it is
possible for the attacker to steal data, install more malware, modify files, monitor
user activity etc.
ROOTKITS
• A rootkit is a type of malicious software designed to remotely access or control a
computer without being detected by users or security programs. Once a rootkit
has been installed it is possible for the malicious party behind the rootkit to
remotely execute files, access/steal information, modify system configurations,
alter software (especially any security software that could detect the rootkit),
install concealed malware, etc. Rootkit detection can be very difficult.
RANSOMWARE
• It is type of malware that will either encrypt your files or will lock your computer
making it inaccessible either partially or wholly. Then a screen will be displayed
asking for money i.e. ransom in exchange. Most ransomware programs are
Trojans, which means they must be spread through social engineering of some
sort. Once executed, most look for and encrypt users’ files within a few minutes,
although a few are now taking a “wait-and-see” approach.
KEYLOGGER
• Keyloggers are a type of monitoring software designed to record keystrokes made
by a user. One of the oldest forms of cyber threat, these keystroke loggers record
the information you type into a website or application and send to back to a third
party through mail or upload on a website. Criminals use keyloggers to steal
personal or financial information such as banking details, which they can then sell
or use for profit. Keyloggers are a form of Spyware.
GRAYWARE
• The term grayware was coined in September 2004 and describes unwanted
applications or files that aren't malware but worsen the performance of the
computer and can cause cybersecurity risk. At a minimum, grayware behaves in
an annoying or undesirable manner and at worst, monitors the system. Malwares
like Adware and Spyware fall under Grayware.
FILELESS MALWARE
• While traditional malware travels and infects systems using the file system, file-
less malware travels and infects without directly using files or file systems. Such
malware exploits and spread in memory only; they also spread using ‘non-file’ OS
objects, like APIs, registry keys etc. Fileless malware attacks are harder to detect
and stop.
ADWARE
• Adware is nothing but attempting to expose users to unwanted, potentially
malicious advertising. These ads most likely end up infecting a user’s device.
There are adware programs that redirect a user, during browser searches, to look-
alike web pages that have promotions of other products. Removing adware is
easier. You just need to find the malicious executable and remove it.
MALVERTISING
• Malvertising is the use of legitimate ads to covertly deliver malware to unsuspecting
users’ computers. For example, a cybercriminal might pay to place an ad on a
legitimate website. When a user clicks on the ad, code in the ad either redirects
them to a malicious website or installs malware on their computer. In some cases,
the malware embedded in an ad might execute automatically without any action
from the user.
SPYWARE
• The Spyware is malware that gathers information about a person or organization
and sends the information to the attacker without the victim's consent. Spyware
usually aims to track and sell your internet usage data, capture your credit card or
bank account information or steal personally identifiable information (PII). Some
types of spyware can install additional software and change the settings on your
device. Spyware is usually simple to remove because it is not as nefarious as other
types of malware.
BOTS & BOTNETS
• A bot is a computer that is infected with malware that allows it to be remotely
controlled by an attacker. The bot (or zombie computer) can then be used to
launch more cyber attacks or become part of a botnet (a collection of bots).
Botnets are a popular method for distributed denial of service (DDoS) attacks,
spreading ransomware, keylogging and spreading other types of malware.
BACKDOORS
• A backdoor is a malware that covertly bypasses the normal authentication or
encryption in a computer, product, embedded device (e.g. router) or other part
of a computer. Backdoors are commonly used to secure remote access to a
computer or gain access to encrypted files. From there, it can be used to gain
access to, corrupt, delete or transfer sensitive data. Backdoor malware is
generally classified as a Trojan.
BROWSER HIJACKER
• A browser hijacker or hijackware changes the behavior of a web browser by
sending the user to a new page, changing their home page, installing unwanted
toolbars, displaying unwanted ads or directing users to a different website.

CRIMEWARE
• Crimeware is a class of malware designed to automate cybercrime. It is designed
to carry out identity theft through social engineering or stealth to access the
victim's financial and retail accounts to steal funds or make unauthorized
transactions. Alternatively, it may steal confidential or sensitive information as
part of corporate espionage.
BUGS
• A bug is a flaw in a piece of software which produces an undesired outcome.
Minor bugs only slightly affect a program’s behavior and as a result can go for
long periods of time before being discovered. More significant bugs can cause
crashing or freezing. Security bugs are the most severe type of bugs and can
allow attackers to bypass user authentication, override access privileges, or steal
data.
HYBRID MALWARE
• Today, we have malware that could be a combination of more than one stream of
traditional malware. For example, some malware is part virus, part Trojan, and
part worm. Such a malware might appear as a Trojan during the initial stage, after
which it would perhaps spread like a worm.
THANK YOU