Malware 183
The Patriot Act This act expanded on the powers already included in the Computer Fraud
and Abuse Act. The law provides penalties of up to 10 years for a first offense and 20 years
for a second offense. It assesses damages to multiple systems over the course of a year to
determine if such damages are more than $5,000 total.
CA N- SPA M Act This law was designed to thwart the spread of spam: mass-mailed
messages that harass or irritate the recipient into purchasing products or services.
Each country has approached the problem of malware a little differently,
with penalties ranging from jail time to potentially steep fines for violators.
In the United States, states such as California, West Virginia, and a host of
others have put in place laws designed to punish malware perpetrators.
Although the laws have different penalties designed to address malware’s
effects, it has yet to be seen how effective these laws are.Categories of Malware
As stated earlier in this chapter, malware is an extremely broad term that blankets a range
of software packages. We can say that malware is anything that steals resources, time,
identity, or just about anything else while it is in operation. In order to understand what
malware is, let’s look at the major types before we delve deeper into the mechanics of each:
■ Viruses are by far the best-known form of malicious software. This type of malware
is designed to replicate and attach itself to other files resident on the system. Typically,
viruses require some sort of user action to initiate their infectious activities.■ Worms are a successor to viruses. The worm has been around in some shape or form
since the late 1980s. The first worms were primitive by today’s standards, but they
had a characteristic that is still seen today: the ability to replicate on their own very
quickly. Worms that have emerged over the past decade or so have been responsible for
some of the most devastating denial-of-service attacks known.■ Trojan horses are a special type of malware that relies in large part on social-
engineering techniques to start infecting a system and causing harm. Similar to a virus
in many respects, this malware relies on the user being somehow enticed into launching
the infected program or wrapper, which in turn starts the Trojan.■ Rootkits are a modern form of malware that can hide within the core components of a
system and stay undetected by modern scanners. What makes rootkits most devastating
is that they can be extremely difficult to detect and even more difficult to remove.■ Spyware is malware designed to gather information about a system or a user’s activities
in a stealthy manner. Spyware comes in many forms; among the most common are
keyloggers.■ Adware is malware that may replace homepages in browsers, place pop-up ads on
a user’s desktop, or install items on a victim’s system that are designed to advertise
products or services.