01 Aug Virus, Trojan Horse, Worm, Rootkit – What Does It All Mean?
You hear your IT guys toss these terms around all the time. It can be dizzying. They all amount to the same thing, don’t they? The answer to that question is both yes and no.
Broadly speaking, yes; they all infect your computer and cause damage in various forms, but there are subtle differences that make each of these unique. Each requires a slightly different approach to safely remove them from an infected system. You don’t have to be an expert, so what follows will be a high level treatment of the topic, but you should be at least passingly familiar with what each of these are, and the potential dangers they represent.
Taking its name from medical science, computer viruses operate on a lot of the same principles. Their first priority is always survival. In order to survive, they seek to make as many copies of themselves as they can. Viruses are most commonly spread via attachments in email files, but you can get one if you download an infected file from the internet. Viruses can damage files because in the process of copying themselves, they attach themselves to various files, where they may damage the data those files contain, or otherwise corrupt it. If they happen to latch onto your company’s financial records, it could spell serious real world trouble for you, which is why prevention and protection are so important. Note that the virus only spreads by human action. A human must click an infected file, download something, or take some tangible action for the virus to spread.
Worms are standalone bits of malware code that share some things in common with viruses. Chiefly, they seek to make as many copies of themselves as possible. Unlike a virus, however, worms do not require human action to spread. They can self replicate. Once they get into your system, they can quickly overwhelm it by mass producing copies of themselves. The big danger here is that so many worms appearing so quickly can overload a server’s capacity to handle the traffic, causing it to crash.
The Trojan Horse
This appears at first glance to be a perfectly normal, acceptable, usable piece of legitimate software. That’s what makes it so tricky. Because it looks perfectly legit, you’re inclined to click on it to run the program. That’s when the trouble starts. Once the program runs, it unleashes its malware package. These are usually more annoying than dangerous. They might add strange icons on your desktop that you can’t seem to get rid of, or change your desktop background and not let you change it back. The real risk, however, comes in the form of the back door that Trojans often leave open. This allows the person who owns the Trojan to slip into your system undetected and take it over. From that position, they can steal or corrupt data, log your keystrokes, or even slave your computer to use for some nefarious purpose.
Rootkits share some similarities with Trojans, in that their ultimate purpose is to open a back door into your system, while hiding the fact that it has done so. This enables a hacker unfettered long term access, and leaves you completely unaware. Rootkits are commonly employed in industrial espionage, as they allow companies to spy on their competition for extended periods of time.
If you’re not sure how to protect your system, then call in the professionals. Many IT companies provide excellent security advice – you’ve nothing to lose and a lot to gain by making sure your systems are watertight.