|Summary: Malicious software|
|Outcome: Computer and network damage, theft of personal data|
|Addressed by ICANN Policy: N|
|Addressed by Legislation: Y|
|Related to: Phishing, Spam, Botnet Attacks, DDoS Attacks, Pharming|
Malware, an abbreviated version of malicious software, is "software designed specifically to damage or disrupt a system." Malware remains a major security threat for Internet users.
Common Examples of Malware
- Adware: This software is responsible for undesired pop-ups and other kinds of aggressive advertisements.
- Bots: This software, once installed, operates based on orders given from an outside party, such as a hacker. While bots can be used for harmless purposes, they can also create large security threats if programmed to "infect a host and connect back to a central server or servers that act as a command and control (C&C) center for an entire network of compromised devices." Bots can be used in botnets, DDoS, spam or fast flux attacks. Botnets have become an increasing problem in recent years, and individuals with compromised computers may not be aware they are infected.
- Ransomware: this allows a malicious third party to essentially stop users from accessing their computers, often by locking the users' system or encrypting files, until a specified amount of money is paid. Sometimes attackers using ransomware will pose as legitimate authorities. McAfee security observed a large increase in ransomware in 2012 with 200,000 new versions of it found per quarter.
- Spyware: this software monitors the user's activities and then sends the information to other "interest parties." Spyware can track a user's Internet history, log keystrokes, and steal data. A recent Kindsight Security Report indicated that spyware is also targeting and spreading to mobile devices.
- Trojans: trojans or trojan horses are a fairly well known classification of malware. They disguise themselves as harmless files and downloads; however, after they are installed, they can severely hobble a computer or system by creating backdoors or distributing other malware. Trojans can also harvest personal data, change files and settings, or allow a hacker to control the computer.
- Viruses: this type of malware can spread from system to system, often by using infected attachments. Unlike some of the other kinds of malware listed, viruses can copy themselves or insert themselves into other programs.
- Worms: this malware can also replicate itself and does not "require a host program or human help to propagate." Worms often use system vulnerabilities to infect computers or networks.
Spreading malware is a practice that is viewed very negatively. Malware can be used to crash a computer, steal data, or freeze an entire network. As such a large threat, many users are aware of the dangers posed by malware and choose to use Internet security services. However, malware is a constantly evolving threat.
Malware is dangerous and has equally severe consequences. Malware can slow down a computer's operating system, use infected computers in cyber attacks, completely disable a network, or steal private or financial data.
Malware is evolving and changing, both in the sophistication of the malware used and the type of malware favored by attackers. For example, in the late 1990s and early 2000s, worms and viruses that spread through email attachments were a major threat. The early 2000s also saw the emergence of using links and social engineering in emails to spread malware. In recent years, attention has shifted to trojans and botnets. According to a 2013 PandaLabs Report, trojans represented about 80% of computer infections. Sophos's 2014 Threat Report highlights the growing threat that botnets pose to Internet users. The amount of malware available also seems to be growing. The same PandaLabs Security Report found that as many as 6.5 million pieces of malware were created in the first quarter of 2013. The increasing amount of malware available reveals the serious threat faced by Internet users.
- ICANN does not have a policy or reporting procedure relating to malware as "malware are outside of ICANN's scope and authority."
- 2013 Registry Agreement (RA): This agreement, which all new gTLD applicants were required to sign, states that registries must require their registrars to include policies that prohibit registrants from activities like creating and distributing malware. Additionally, registries are required to "periodically conduct a technical analysis to assess whether domains in the TLD are being used to perpetrate security threats" and to keep security files on threats and the remedial actions taken by the registries.
- Computer Fraud and Abuse Act (CFAA): This act makes it illegal to use "malicious code" to damage protected computers.
- In addition to this act, many states also have legislature that addresses computer crimes.
- Many other countries also have laws that address malware and other computer crimes. In some countries, it is illegal not only to use malware but to have or create malware, such as in Japan.
- In 2004, the Computer Software Privacy and Control Act was introduced in congress with the goal of addressing adware and spyware, particularly. However, the bill was not enacted.
Awardees take proactive steps to monitor, identify, and prevent the spread and distribution of malware.
- Read Microsoft's Malware, a Ten Year Review
- See Kindsight Security Lab's Malware Report: Q2 2013
- View Sophos Security Threat Report for 2014
- Malware at Webopedia
- Common Malware Types: Cybersecurity 101 (October 12, 2012), Veracode
- Adware at Wikipedia
- What Is the Difference: Viruses, Worms, Trojans, and Bots?, Cisco Systems
- Botnets 101: What They Are and How to Avoid Them (June 5, 2013), Federal Bureau of Investigation
- Ransomware, Microsoft Malware Protection Center
- The state of malware 2013, SC Magazine
- Viruses, Spyware, and Malware, Information Systems and Technology
- Kindsight security Labs MaLware report – Q2 2013 (PDF), Kindsight
- Evolution of Malware, Microsoft Security Intelligence Report
- About Malware, Internet Corporation for Assigned Names and Numbers (ICANN)
- View the Updated Registry Agreement (PDF), ICANN
- Computer Fraud and Abuse Act at Wikipedia
- State Hacking/Computer Security Laws, IronGeek.com
- What the Law Says about Distributing a Virus or Malware by Craig S. Wright (September 20, 2011), Infosec Island (Wired Business Media)
- Japan makes malware writing illegal, AVG Australia
- Federal Computer Crime Laws by Maxim May (June 1 ,2004), SANS Institute
- H.R. 4255 (108th): Computer Software Privacy and Control Act, Govtrack.us