Virus vs Worm vs Trojan vs Blended
Who has not had that message popup on the screen. The question is how many of you have hit the button and then realised I probably should not have done that. I will be the first to put my hand up admittedly I deliberately did it to show a client what actually happens once it is done. And then explained to them how much work was involved in removing the virus from the computer how much time it would take before they could use there computer did the sums and then helped them choose the appropriate software to protect there computer.
So let’s start with understanding the differences between Virus, Worm, Trojan Horse and Blended Attacks.
VIRUS like the human virus a computer virus can range in severity. They are always attached to an executable file.
This means that a virus is only going to infect your computer when it has been executed. The executable almost always resides on your computer somewhere or is sitting on your USB stick waiting for the moment when you run it.
Once your computer is infected with a virus the damage can just be annoying right through to completely destroying your hardware, software and your files and will almost always start infecting other computers on the same network.
WORM these are not the wiggly ones in the garden. Similar to the virus in many instances and considered a sub-class of a virus, except with one difference that this can spread without human interaction from computer to computer meaning it does not need to be executed by you to spread.
Worms do this by taking advantage of files or information transport programs on the computer which will allow it to spread (example email programs).
The biggest damage from a worm is its ability to replicate quickly and spread amongst computers. Imagine a worm sending to your address book then the address book of your contacts it would have a devastating effect on 1000 of systems.
The very nature of the Worm spreading means it can drain resources on large system causing servers to crash and web servers to be unavailable and in most cases bring a complete halt to companies.
TROJAN HORSE very much like the mythical Trojan horse the Greeks used to enter the city of Troy. Trojan horses look like software that you need on your computer. Once you install this software a Trojan horse can cause all sorts of danger from annoying changes to your operating system to full blown system changes and deletion of files.
Trojan Horses almost always open a back door program for malicious users to login and execute other code, and grab sensitive data your Bank Details.
Unlike the Virus and Worm a Trojan horse does not replicated itself.
BLENDED you guessed it, take all the best parts of the Virus, Worm and Trojan horse and you have yourself a devastating attack on your systems called Blended Threats.
Blended threats can use server and internet vulnerabilities to initiate, then transmit and also spread an attack. Characteristics of blended threats are that they cause harm to infected systems, networks, they propagate using multiple methods, the attack comes from multiple points, and blended threats exploit vulnerabilities on every system.
To be considered a blended threat you would serve multiple attacks in one payload.
Example of a Blended threat is executing a DoS (Denial of Service attack), while installing a back door vulnerability and attacking files, registry, HTML taking down multiple parts of the network at the same time. These threats will spread via, email, IRC, and file-sharing networks.
Blended threats are considered to be the worst risk to security since the inception of viruses, as most blended threats also require no human intervention to propagate across networks.
So what do we do to protect ourselves.
So before rushing out and just buying software to protect your computer you need to understand that protection from these types of viruses requires a multi layered approach.
Firstly there is three main areas that you need to address in order to give your business the best level of protection.
Make sure your operating system is up-to-date i.e. patches installed on a regular basis.
Make sure your virus software is installed up-to-date and running full scans each week as well as actively protecting
Ensure your PC firewall is on and running
One of these 3 areas of protection is not enough on it’s own, you need to ensure that all areas are addressed and protecting your computer or network system. Please if you have further questions or need to know more please do not hesitate in contacting us we would love to hear from you.