Viruses & Malware

Malware, short for malicious software, is an all-ecompassing term for any software designed to harm or secretly access a computer system (or smartphone) without the user's informed consent. Malware includes viruses, worms, trojan horses, spyware, adware, scareware, rootkits, exploits, and any other piece of software designed to disrupt, destroy or steal valuable information.

Twenty years ago, worms and viruses were the only forms of malware in circulation, and they were not subtle. You knew you were in trouble when a slot machine appeared on your screen along with a message inviting you to play a game to save your data (you lost it anyway). They travelled from computer to computer by floppy disk, so the pace of infection was very slow, and new versions did not appear very often. They were generally the result of teenage boredom or the frustration of Eastern European programmers whose work was not protected by copyright.

Today's malware is very different. It can come in many different forms - tens of thousands of new examples appear every day. It is designed to stay hidden until it's done its job (stolen something valuable for its creator - or the criminal gang that hired the creator). It may arrive in the guise of a "useful" download or simply as a result of a vulnerability or coding error in a regular program. When Microsoft started Patch Tuesday to issue security updates to its software, Exploit Wednesday was not far behind. And thanks to real-time Internet communication, malware can appear, spread to millions of computers, and disappear - all within the space of 24 hours or less.

Here's some basic advice to protect your system from infection:
  • Install patches and updates as soon as they're available
  • Install, run, and keep updated a good antivirus (Symantec Endpoint Protection is available free to APU students, staff, and faculty for home and on-campus systems) and keep it updated
  • Never click on a link in an email (copy and paste it into your browser instead)
  • Never open an attachment from anyone you don't know without checking by other means