component in a computer system: the hardware. In reality, it would not be
easy to implement this kind of attack. The contents of firmware update files
made for Intel processors appear to be encrypted (with the decryption key hid-
den safely inside the processor), and their exact contents are not known. For
more information on this topic see Malware: Fighting Malicious Code by Ed
Skoudis and Lenny Zeltser [Skoudis].Uses of Malware
There are different types of motives that drive people to develop malicious
programs. Some developers are interest-driven: The developer actually gains
some kind of financial reward by spreading the programs. Others are moti-
vated by certain psychological urges or by childish desires to beat the system.
It is hard to classify malware in this way by just looking at what it does. For
example, when you run into a malicious program that provides backdoor
access to files on infected machines, you might never know whether the pro-
gram was developed for stealing valuable corporate data or to allow the
attacker to peep into some individual’s personal files.
Let’s take a look at the most typical purposes of malicious programs and try
to discover what motivates people to develop them.
Backdoor Access This is a popular end goal for many malicious pro-
grams. The attacker gets unlimited access to the infected machine and
can use it for a variety of purposes.
Denial-of-Service (DoS) Attacks These attacks are aimed at damaging a
public server hosting a Web site or other publicly available resource. The
attack is performed by simply programming all infected machines (which
can be a huge number of systems) to try to connect to the target resource
at the exact same time and simply keep on trying. In many cases, this
causes the target server to become unavailable, either due to its Internet
connection being saturated, or due to its own resources being exhausted.
In these cases, there is typically no direct benefit to the attacker, except
perhaps revenge. One direct benefit could occur if the owner of the server
under attack were a direct business competitor of the attacker.
Vandalism Sometimes people do things for pure vandalism. An
attacker might gain satisfaction and self-importance from deleting a
victim’s precious files or causing other types of damage. People have a
natural urge to make an impact on the world, and unfortunately some
people don’t care whether it’s a negative or a positive impact.
Resource Theft A malicious program can be used to steal other people’s
computing and networking resources. Once an attacker has a carefully280 Chapter 8