What is a general term that describes software designed to infiltrate a computer system without the users consent?

UnderstandingThreats

Computer security is a rapidly changing subject. Administrators and information security professionals invent and adopt a variety of terms and phrases to describe potential risks or uninvited incidents to computers and networks. The following is a discussion of these terms and their meanings as used in this document.

Virus/Malware

A computer virus/malware is a program – a piece of executable code – that has the unique ability to replicate. Virus/malware can attach themselves to just about any type of executable file and are spread as files that are copied and sent from individual to individual.

In addition to replication, some computer virus/malware share another commonality: a damage routine that delivers the virus payload. While some payloads can only display messages or images, some can also destroy files, reformat your hard drive, or cause other damage.

• Malware: Malware is software designed to infiltrate or damage a computer system without the owner's informed consent.

• Trojans: A Trojan is a malicious program that masquerades as a harmless application. Unlike virus/malware, Trojans do not replicate but can be just as destructive. An application that claims to rid your computer of virus/malware when it actually introduces virus/malware into your computer is an example of a Trojan.

• Worms: A computer worm is a self-contained program (or set of programs) that is able to spread functional copies of itself or its segments to other computer systems. The propagation usually takes place through network connections or email attachments. Unlike virus/malware, worms do not need to attach themselves to host programs.

• Backdoors: A backdoor is a method of bypassing normal authentication, securing remote access to a computer, and/or obtaining access to information, while attempting to remain undetected.

• Rootkit: A rootkit is a set of programs designed to corrupt the legitimate control of an operating system by its users. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security.

• Macro Viruses: Macro viruses are application-specific. The viruses reside within files for applications such as Microsoft Word (.doc) and Microsoft Excel (.xls). Therefore, they can be detected in files with extensions common to macro capable applications such as .doc, .xls, and .ppt. Macro viruses travel amongst data files in the application and can eventually infect hundreds of files if undeterred.

The Agent programs on the client computers, referred to as the Client/Server Security Agents, can detect virus/malware during Antivirus scanning. The Trend Micro recommended action for virus/malware is clean.

Spyware/Grayware

Grayware is a program that performs unexpected or unauthorized actions. It is a general term used to refer to spyware, adware, dialers, joke programs, remote access tools, and any other unwelcome files and programs. Depending on its type, it may or may not include replicating and non-replicating malicious code.

• Spyware: Spyware is computer software that is installed on a computer without the user’s consent or knowledge and collects and transmits personal information.

• Dialers: Dialers are necessary to connect to the Internet for non-broadband connections. Malicious dialers are designed to connect through premium-rate numbers instead of directly connecting to your ISP. Providers of these malicious dialers pocket the additional money. Other uses of dialers include transmitting personal information and downloading malicious software.

• Hacking Tools: A hacking tool is a program, or a set of programs, designed to assist hacking.

• Adware: Adware, or advertising-supported software, is any software package, which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used.

• Keyloggers: A keylogger is computer software that logs all the keystrokes of the user. This information could then be retrieved by a hacker and used for his/her personal use.

• Bots: A bot (short for "robot") is a program that operates as an Agent for a user or another program or simulates a human activity. Bots, once executed, can replicate, compress, and distribute copies of themselves. Bots can be used to coordinate an automated attack on networked computers.

Certain applications are classified by Trend Micro as spyware/grayware not because they can cause harm to the system on which they are installed, but because they potentially, expose the Client or the network to malware or hacker attacks.

Hotbar, for example, is a program that embeds a toolbar into Web browsers. Hotbar tracks URLs that users visit and records words or phrases that are entered into search engines. These pieces of information are used to display targeted ads, including pop-ups, on users' browsers. Since the information that Hotbar collects can potentially sent to a third party site and used by malware or hackers to collect information about your users, Worry-Free Business Security Services prevents this application from installing and running by default.

If you want to run Hotbar or any other application that WFBS-SVC classifies as spyware/grayware, you need to add it to the spyware/grayware trusted list.

By preventing potentially risky applications from running and giving you full control over the spyware/grayware trusted list, WFBS-SVC helps ensure that only the applications you approve run on Clients.

Client/Server Security Agents can detect grayware. The Trend Micro recommended action for spyware/grayware is clean.

Network Viruses

A virus spreading over a network is not, strictly speaking, a network virus. Only some of the threats mentioned in this section, such as worms, qualify as network viruses. Specifically, network viruses use network protocols, such as TCP, FTP, UDP, HTTP, and email protocols to replicate.

Firewall works with a network virus pattern file to identify and block network viruses.

Intrusions

Intrusions refer to entry into a network or a computer either by force or without permission. It could also mean bypassing the security of a network or computer.

Malicious Behavior

Malicious Behavior refers to unauthorized changes by a software to the operating system, registry entries, other software, or files and folders.

Fake Access Points

Fake Access Points, also known as Evil Twin is a term for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up by a hacker to eavesdrop on wireless communications.

Explicit/Restricted Content in IM Applications

Text content that is either explicit or restricted to your organization being transmitted over instant messaging applications. For example, confidential company information.

Online Keystroke Listeners

An online version of a keylogger. See Spyware/Grayware for more information.

Packers

Packers are tools to compress executable programs. Compressing an executable makes the code contained in the executable more difficult for traditional Antivirus scanning products to detect. A Packer can conceal a Trojan or worm.

The Trend Micro scan engine can detect packed files and the recommended action for packed files is quarantine.

See Also:

• Overview of Trend Micro™ Worry-Free™ Business Security Services

• WFBS, WFBS-A, WFBS-SVC

• Choosing Your Edition

• What's New in This Release?

• Key Features

• Protecting Your Network

• Scan Engine

• Benefits of Protection

• Components

• Product Component Terminology

What do you call a collection of programs that can infiltrate a computer system?

What can self replicate without a host program and will spread without human interaction or directives from malware authors?

Are malicious programs that come into a computer system?

What is malware quizlet?