Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
    • Physical attacks
    • Insider attacks
    • Electronic attacks
      • Malware
      • Hacking
      • DoS and DDoS
      • Keystroke logging
      • Malicious hardware
      • Phishing and spoofing
      • Reporting electronic attack incidents
      • Botnets
  • Protecting your assets
  • Products and services
  • Research
Home > Methods of attack > Electronic attacks > Malware

Malware

Quick links

Mitigating the risk of malicious software (PDF - 694KB)

Understanding intrusion detection systems (PDF - 75KB)

Deployment guidance for intrusion detection systems (PDF - 315KB)

Malware is any program or file that is harmful to a computer, the term covers viruses, worms, Trojan horses, and spyware (programming which gathers users' information without permission). Malware is becoming increasingly sophisticated and can be used to compromise computers to install DOS zombie programs or other malicious programs.

The key implication of ubiquitous wireless connectivity is that attackers can get to you at all times. Although, it is still early days for malware that exploits mobile phones, future devices will have greater processor power and software capabilities providing further opportunities for miscreants. There will be more code to exploit and greater functionality to subvert. In contrast to the PC, the mobile phone provides a billing platform and therefore increasing opportunities to make money through manipulating call charges.

Trojan horse programs - so called because they hide malicious code behind 'innocent' documents or programs - have a wide range of capabilities. Once installed they can be used to perform functions including:

  • collecting usernames and passwords for email accounts
  • collecting system information and scanning of drives
  • uploading documents and data to a remote computer
  • downloading programs (e.g. more sophisticated Trojans); and
  • relaying further attacks against other computers and networks.

An infected computer is potentially under the control of the attacker and can be directed to carry out any function normally only available to the system owner.

There are many ways by which malware can get onto a computer system and there is no foolproof method of preventing infection. However, there are some key steps which minimise the risk:

  • ensure that anti-virus software and application-aware firewalls are implemented, configured and maintained
  • install the latest available security patches (subject to testing)
  • block the entry of executable files, including compressed executable files
  • implement a spam filter service
  • ensure that all users' permissions reflect the least privilege
  • implement an intrusion prevention system
16/07/2007
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |