The lowdown on malware

Related Links

Dangers in disguise

What's malware? Software written for malicious purposes, such as:
  • viruses, or programs that spread through altered or 'infected' data files

  • Trojan horses, or software that poses as something else to get a computer user to execute its function

  • spyware, or software that tracks the activities of a computer user and reports them back to the developer

  • back-doors, or software that provides a way for a hacker to circumvent security and gain access to functions of the computer the software is installed on.

How does it get on my network? The most common approach to spreading malware is by e-mail, via attached files. Worm Trojans and viruses can hijack an infected computer's e-mail client to send hundreds or thousands of copies of itself to addresses in the user's e-mail address book or in any other files on the computer. Trojans such as the recent MyDoom disguise where they've come from by spoofing the address of a person found in the address book.

Another increasingly common approach is to exploit other weaknesses in operating system security. MSBlaster exploited a problem with Microsoft Windows' use of Remote Procedure Calls; Code Red used weaknesses in Microsoft SQL Server to spread itself.

How much will protection cost me? Depending on how thick you lay on the protection, it can cost as little as $20 per user per year, or as much as $100 per user for more complete protection.

Must-know info? The best approach is a defense in depth. This includes a mail scanner at the server or mail gateway to block incoming messages with viruses or Trojans, desktop virus scanners to stop viruses and other malware that get onto systems by other means, and management software to control access policies to desktops and quickly deploy patches to vulnerabilities.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected