One of the prominent problems that has emerged with the
spread of technology is malware. Malware is a term that covers
viruses, worms, Trojans, and logic bombs as well as adware
and spyware. These types of malware have caused a number of problems over the years,
ranging from simple annoyances to dangerous and malicious exploits. Software that fits
in the category of malware has evolved dramatically to now include the ability to steal
passwords, personal information, and identities as well as damage hardware in some cases
(as Stuxnet did).
Malware is a new term, but the software types that it covers are far from new. Viruses
and worms are some of the oldest forms of malicious software in existence. What has
changed is the power of the technology, the creativity of the designers, and the effective
distribution methods, such as more complex networks, file sharing, and other mechanisms
that have come to the forefront over the years.
This chapter also explores covert channels, the use of which has increased over the
years. These channels are unknown, unmonitored pieces of a system that can be exploited
to gain access to the system. Through the use of a covert channel, an attacker may be
able to successfully gain access to a system without the owner’s knowledge, or delay
detection so much that by the time the entry point is discovered, it is too late for the
defender to do anything about it.
This chapter covers the following topics:
■ Trojans
■ Viruses
■ Worms
■ Using covert channels
■ Creating covert channels
■ Distributing malware
■ Working with logic bombs
Malware
Malware is a term that is frequently used but frequently misapplied, so let’s first clarify
its meaning. The term malware is short for malicious software, which accurately explains
what this class of software is designed to do: to perform malicious and disruptive actions.
Simply put, malware is any type of software that performs actions without the consent or
knowledge of the system owner and results in a disruptive action or actions.