It is often misconstrued by the media that all cyber-attacks are a result of viruses. A virus is a type of malware, not the other way around. It is crucially important that all IT professionals understand the difference between the three parent-classes of malware.
- Virus – a computer virus, much like in the human body, propagates within the system by making copies of itself to further the spread of its ‘disease’.
- Trojan – a Trojan, like the infamous Trojan horse, typically obfuscate its true identity by appearing like a common system file, then installs itself on critical sectors of the hard drive.
- Worm – a worm is commonly known to be the most ‘deadly’ as worms spread by feeding on vulnerabilities within a system. A worm often carries a malicious payload, which is used to perform an objective like password stealing or keylogging.
Malware is exactly as it sounds; malicious software. All software has an author, the same rule applied to malware. We must be vigilant, as cybersecurity professionals, in maintaining a core knowledge of identifying strands of malware and performing a basic understanding of the differences between each flavor of malware.
The first step in malware recognition starts with awareness – read, ask, investigate. Utilize technologies that can aide in your overall resolve.
Contact our Security Solutions Team so we can work with you to aide in preventative and proactive measures.
We must be vigilant, we must be ready, and most of all, we must be educated!
Adam Zimmerman, Security Solutions Architect
With over six years of experience in the technology industry, Adam’s experience covers information security operations, cyber security advisory, penetration testing, and advanced exploitation. Adam’s primary focus is helping organizations build strong security practices and prepare for potential attacks.
Adam holds a Masters in IT Security from the University of Ontario Institute of Technology, where he successfully developed a malware classification tool with a security firm based in Ottawa. Additionally, he has worked on several cyber consulting engagements as a lead security researcher and was able to develop an exploit for the FAA’s NextGen Air Traffic Control Management System.
Adam currently serves in the Canadian Armed Forces as a Second Lieutenant where he holds a command position as a Troop Commander for 32 Combat Engineer Regiment of Toronto; specializing in mobility denial and facilitation, tactical breaching, controlled munitions disposal, and various humanitarian support operations.