CS Fundamentals
Learn about malware — the different types of malicious software, how they spread, what damage they cause, and how to protect yourself against them.
Introduction
Malware — short for malicious software — is any software intentionally designed to cause damage to computers, networks, or users. It is the digital equivalent of disease: it infects systems, spreads to others, disrupts normal functioning, and can cause devastating damage. Just as understanding diseases helps you prevent them, understanding malware helps you protect yourself and your systems.
Malware is big business for cybercriminals. Ransomware attacks alone extracted over $20 billion in payments globally in recent years. Data-stealing malware compromises millions of accounts daily. Botnets (networks of infected computers) are rented out for attacks. For BCA students entering IT careers, understanding malware is not just about personal protection — you may be responsible for protecting entire organizations and their users.
What Is Malware?
Malware is an umbrella term for any software created with malicious intent — to damage, disrupt, steal, or gain unauthorized access to computer systems. Unlike bugs (unintentional software errors), malware is deliberately crafted by attackers to cause harm.
Malware authors have various motivations: financial gain (stealing banking credentials, demanding ransoms), espionage (stealing corporate or government secrets), hacktivism (disrupting organizations for political reasons), vandalism (causing destruction for entertainment), and building attack infrastructure (creating botnets for larger attacks).
Types of Malware
Viruses are programs that attach themselves to legitimate files or programs and replicate when the host file is executed. Like biological viruses, they need a host to survive and spread. When you run an infected program, the virus code executes first — it might copy itself to other files, damage data, or perform other malicious actions. Viruses spread through infected files shared via USB drives, email attachments, or downloads.
The key characteristic: viruses require human action to spread (running the infected file). They cannot propagate autonomously across networks.
Worms are self-replicating programs that spread across networks without human intervention. Unlike viruses, worms do not need a host file — they are standalone programs that exploit network vulnerabilities to copy themselves to other computers automatically. A single worm can infect thousands of machines in hours because it spreads exponentially.
The Morris Worm (1988) was one of the first, bringing down much of the early internet. More recently, WannaCry (2017) spread across 150 countries in a single day by exploiting a Windows vulnerability, encrypting files and demanding ransoms.
Trojans (Trojan Horses) disguise themselves as legitimate, useful software to trick users into installing them. Named after the ancient Greek wooden horse, they appear harmless on the outside but contain hidden malicious functionality. A trojan might look like a free game, a PDF reader, or a system utility, but once installed, it might steal passwords, create backdoors for remote access, or download additional malware.
Key characteristic: trojans rely on social engineering — tricking users into voluntarily installing them. They do not self-replicate like viruses or worms.
Ransomware encrypts your files using strong encryption and demands payment (usually in cryptocurrency) for the decryption key. Without the key, your files are permanently inaccessible. Ransomware attacks have hit hospitals (forcing them to turn away patients), schools (losing student records), businesses (halting operations for weeks), and government agencies.
Protection against ransomware relies primarily on backups — if you have a recent, uninfected backup, you can restore your files without paying. Never pay ransoms if possible — it funds criminal organizations and does not guarantee you will receive the decryption key.
Spyware secretly monitors your computer activity and sends information to the attacker without your knowledge. It might capture keystrokes (keyloggers — recording everything you type, including passwords), take screenshots, monitor browsing history, activate your camera or microphone, or steal stored credentials.
Adware displays unwanted advertisements, often as pop-ups or by redirecting your browser. While less dangerous than other malware types, aggressive adware can slow your system, collect browsing data, and serve as a gateway for more serious infections.
Rootkits hide deep within the operating system, modifying system files to conceal other malware from detection tools. They are extremely difficult to detect and remove because they intercept the very tools used to look for them — like a thief who can make themselves invisible to security cameras.
Botnets are networks of infected computers (zombies) controlled remotely by an attacker (botmaster). Individual infections may seem harmless — the malware quietly waits for commands. But collectively, thousands of bots can be directed to perform massive DDoS attacks, send spam, mine cryptocurrency, or perform other coordinated malicious activities.
How Malware Spreads
Email attachments remain one of the most common delivery methods — infected documents, executables disguised as PDFs, or links to malicious downloads. Malicious websites can exploit browser vulnerabilities to install malware without you clicking anything (drive-by downloads). Infected USB drives can auto-execute malware when plugged in. Software downloads from untrusted sources often bundle malware with legitimate-looking programs. Network exploitation allows worms to spread by targeting unpatched vulnerabilities in operating systems or services.
Protection Against Malware
Keep all software updated — most malware exploits known vulnerabilities that patches have already fixed. Use reputable antivirus software and keep it updated. Never open unexpected email attachments or click suspicious links. Download software only from official sources. Be skeptical of free software from unknown websites. Back up important data regularly (following the 3-2-1 rule). Use a standard user account (not administrator) for daily use. Keep your firewall enabled.
Key Takeaways
- Malware is any software intentionally designed to cause harm — it encompasses many specific types
- Viruses attach to files and require human action to spread; worms self-replicate across networks
- Trojans disguise as legitimate software; ransomware encrypts files for ransom; spyware monitors secretly
- Regular backups are your best defense against ransomware — they eliminate the attacker's leverage
- Keep software updated, use antivirus, and exercise caution with downloads and email attachments
- Malware is a multi-billion dollar criminal industry — understanding it is essential for IT professionals
- Multiple layers of defense (updates, antivirus, backups, awareness) provide the best protection
- If you suspect infection, disconnect from the network immediately to prevent spread
Exam Focus
Revise definitions, diagrams, examples, and short-answer points for Malware.
Interview Use
Prepare one clear explanation, one practical example, and one common mistake for this Computer Fundamentals topic.
Search Terms
computer-fundamentals, computer fundamentals, computer, fundamentals, cybersecurity, basics, malware
Related Computer Fundamentals Topics