9.1: Malware & Threats
Eduqas / WJEC
What is malware?
Malware is any type of harmful program that seeks to damage or gain unauthorised access to your computer system.
A virus can replicate itself and spread from system to system by attaching itself to infected files.
A virus is only activated when opened by a human.
Once activated, a virus can change data or corrupt a system so that it stops working.
A worm can replicate itself and spread from system to system by finding weaknesses in software.
A worm does not need an infected file or human interaction to spread.
A worm can spread very quickly across a network once it has infiltrated it.
A trojan is a harmful program that looks like legitimate software so users are tricked into installing it.
A trojan secretly gives the attacker backdoor access to the system.
Trojans do not self replicate or infect other files.
Spyware secretly records the activities of a user on a computer.
The main aim of spyware is to record usernames, passwords and credit card information.
All recorded information is secretly passed back to the attacker to use.
A keylogger secretly records the key presses of a user on a computer. Data is stored or sent back to the attacker.
The main aim of a keylogger is to record usernames, passwords and credit card information.
Keyloggers can be downloaded or plugged into the USB port.
9.1 - Malware & Threats:
1. What is malware? 
2a. Describe three characteristics of a virus. 
2b. Describe three characteristics of a worm. 
2c. What is a trojan? 
2d. Describe how spyware and keyloggers work. 
2e. In your opinion, which malware do you think is the most dangerous and why? 
3a. Describe what is meant by 'hacking'. 
3b. What is interception? What software is used to intercept data packets? 
3c. What is a technical breakdown? 
3d. Describe why devices should be disposed of securely. 
Hacking is the method of exploiting weaknesses in a system or network to create, view, modify or delete files without permission.
A hacker is anyone who gains access to data or systems that they do not have authority to access.
This is when data packets on a network are intercepted by a third party (e.g. a hacker) and copied to a different location than the intended destination.
Software called packet sniffers are used to intercept and analyse data packets.
This is when a computer has crashed and will not restart.
The breakdown may have been caused by a virus corrupting important system files or by the machine overheating.
Computer systems (e.g. laptops) or storage devices (e.g. USB stick) may be stolen in public or from offices.
Unwanted systems and storage media should be disposed of securely as data could be stolen from discarded devices.