Hostile software programs may have several different types of functions. These functions may cause damage or allow unauthorized access to be gained allowing the program to be spread or information may be compromised. These are some functions that hostile software may perform:
- Damaging operating systems.
- Damaging or destroying data.
- Sniffing the network for any data or passwords.
- Installing itself or some other hostile software on computer systems for later use.
- Acquisition of unencrypted passwords on the network.
- Forwarding compromised information to hostile parties through the firewall.
- Harvesting e-mail addresses.
- Putting unsolicited advertisements on infected computer systems. These programs are called adware and may come with other "useful" applications.
- Spyware - A type of program that usually comes with a useful application but sends information to its creator about what the computer user is doing on the internet. Some of these programs creators actually tell the user that the program comes with ability to see what the user is doing on the internet. Others do not.
You should be aware that all types of hostile programs such as viruses and trojans can perform any of the above functions. There is a tendency for viruses to only damage systems or data, and trojan programs to send compromised data to other parties, but either type of program can perform any of the functions. This is why all unauthorized programs are a very serious matter.
Viruses reproduce themselves by attaching themselves to other files that the used does not realize are infected. Viruses are spread today mainly through E-mail attachments. The attachment may be a file that is a legitimate file but the virus may be attached as a macro program in the file. An example is a Microsoft word file. These files can contain macro programs which can be run by Microsoft Word. A virus may infect these files as a macro and when they get on the next user's computer, they can infect other files. These virus programs normally take advantage of a security vulnerability of the running application. In the case of this example a Microsoft Word macro permission security vulnerability is exploited. Viruses can directly affect executable files or Dynamic Link Library (DLL ) files that the operating systems and applications use to run.
Usually the virus will spread before it will do anything that may alert the user to its presence.
The countermeasure to prevent virus programs from infiltrating your organization is to implement the countermeasures in the section titled "Software vulnerability Control". Running virus scanning software on every computer in the organization is a primary step in minimizing this step.
Trojan Horse Software