Malware: worms, trojans, ransomware, etc.

4.2 Summarize various types of attacks and their impact

📘CompTIA Network+ (N10-009)

Malware is short for malicious software. It’s any software intentionally designed to harm a computer, network, or user. Malware can:

  • Steal sensitive data (like passwords or financial info)
  • Disrupt systems or networks
  • Allow attackers to gain unauthorized access
  • Encrypt data and demand ransom

Malware can spread in many ways, including email attachments, infected software downloads, network vulnerabilities, or removable media.

Types of Malware

1. Viruses

  • Definition: A virus is a piece of code that attaches itself to files or programs. It spreads when the infected file is opened or executed.
  • Behavior in IT systems:
    • Can corrupt files or system data
    • Might cause programs or servers to crash
    • Can slow down network or system performance
  • Example: A virus attaches to an internal company document. When employees open it, their computers get infected, and the virus spreads to shared network drives.

2. Worms

  • Definition: Worms are self-replicating malware that spread automatically across networks without user action.
  • Behavior in IT systems:
    • Exploit vulnerabilities in operating systems or network services
    • Can flood network traffic, causing slowdowns or outages
    • Can deliver other malware payloads (like ransomware)
  • Example: A worm exploits a network printer vulnerability and automatically copies itself to every connected computer in the office.

3. Trojans (Trojan Horses)

  • Definition: Trojans appear to be legitimate software but contain hidden malicious functions. Unlike viruses and worms, they don’t self-replicate.
  • Behavior in IT systems:
    • Can create a backdoor for attackers to remotely access the system
    • Can steal credentials, install keyloggers, or download additional malware
  • Example: An employee downloads a software update from an unverified source. It installs normally but secretly gives hackers remote access to the workstation.

4. Ransomware

  • Definition: Malware that encrypts a victim’s files or systems and demands payment for decryption.
  • Behavior in IT systems:
    • Encrypts critical files, making them inaccessible
    • Often spreads through phishing emails or infected downloads
    • Can halt operations until the ransom is paid
  • Example: A ransomware attack encrypts all files on a company file server. Employees can’t access shared documents until the attack is mitigated or a backup is restored.

5. Spyware

  • Definition: Malware that secretly monitors user activity and sends the information to an attacker.
  • Behavior in IT systems:
    • Can log keystrokes to capture usernames and passwords
    • Can monitor network traffic or browser activity
    • Can operate silently, making it hard to detect
  • Example: Spyware installed on office computers records login credentials for cloud services.

6. Adware

  • Definition: Software that automatically displays unwanted advertisements. Some adware may also collect user information.
  • Behavior in IT systems:
    • Generates pop-ups, redirecting users to malicious sites
    • Can consume network bandwidth and slow down systems
  • Example: Adware installed on a workstation triggers pop-ups when employees browse the internet, distracting them and slowing performance.

7. Rootkits

  • Definition: Malware designed to gain unauthorized administrative access while hiding its presence.
  • Behavior in IT systems:
    • Allows attackers to control systems without detection
    • Can disable security software or hide other malware
  • Example: A rootkit installed on a server hides itself and other malware while giving hackers full access to sensitive databases.

8. Keyloggers

  • Definition: Malware that records every keystroke made on a device.
  • Behavior in IT systems:
    • Captures sensitive information like passwords, credit card numbers, or confidential documents
    • Often installed as part of a Trojan
  • Example: A keylogger captures credentials of the IT admin, allowing attackers to access secure network resources.

9. Botnets

  • Definition: Networks of infected devices controlled by an attacker (bots). They can be used for large-scale attacks.
  • Behavior in IT systems:
    • Launch Distributed Denial of Service (DDoS) attacks
    • Send spam emails or malware
    • Operate silently on multiple systems
  • Example: Hundreds of office computers infected with bot malware are remotely controlled to overwhelm a target website with traffic.

Malware Delivery Methods

  • Email attachments or links
  • Infected websites or downloads
  • Network vulnerabilities (unpatched software)
  • Removable media (USB drives)
  • Malvertising (malicious ads)

Impact of Malware on IT Systems

  • Data loss or corruption
  • Unauthorized access to sensitive information
  • Financial loss due to downtime or ransom
  • Network congestion or system crashes
  • Reputation damage for organizations

Key Points for the Exam

  • Know the difference between viruses (attach to files), worms (self-replicate), Trojans (disguise as legitimate software).
  • Understand ransomware encrypts files, spyware steals data, rootkits hide themselves, keyloggers track keystrokes, botnets control multiple devices.
  • Recognize malware delivery methods and impacts on IT systems.

Leave a Reply

Your email address will not be published. Required fields are marked *

Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by