Archive 4 min read

Cybersecurity Basics #6 - Malware

Malicious software (malware) is an umbrella term that covers a number of different types of software designed to do bad things...but those specific categories don't mean to much day-to-day when it comes to defence...

Cybersecurity Basics #6 - Malware

Watch this episode on YouTube.

Reasonably Accurate 馃馃 Transcript

Good morning, everybody. How are you doing today? Back with another episode. This time again, talking about cybersecurity basics. We're moving into um, a little more of what you probably thought when you started thinking about cybersecurity basics. Um And that let me just adjust the frame.

There we go. Um, is malware. We're going to talk about malware today. Now, it's telling that I waited until episode six of the basics run to start talking about something that most people think are with cybersecurity. And I think that is because we spend far too much time talking about these crazy new attacks, these theoretical ways of breaching systems.

And we do spend too much time talking about malware. So what exactly is malware? Well, malware is malicious software. Now, we started using the name malware probably about 15 years ago or so, but we used to call these computer viruses.

And the first one popped up in 1971 as an experiment and it was designed to see how systems, how software could move between systems. And then there was cases throughout the seventies and then it really started picking up a little bit more in the eighties and the early nineties, the system started to be more connected because if you can remember, like I can, um, before the internet, um, if you wanted to share software, you physically had to give somebody a floppy disk, big floppy disk and they had to then go to their system and install it.

And we started calling software that infected other computers, viruses. Now, a virus would infect a computer when a certain program was executed. So if you tried to install that Pirated game, and yes, it started with a lot of Pirated software way back when you would actually end up getting a nasty surprise in that there was a virus program on that, on that disk that was designed to either do some destructive actions or, you know, play a trick.

There wasn't so much of a cybercrime enterprise, but it wasn't long before criminals figured this out, especially as computers got connected. So now, you know, we started to see different kinds of viruses pop up. We saw things called worms and now the defining characteristic of a worm is that it will self propagate, it will start to push itself to other systems.

So a virus had to be installed or run from a point of infection on every machine. Whereas a worm kind of figures itself out and it worms its way through a network or connected computers, right? Makes total sense. But since then, we started to see different types of malware pop up.

Now, I think being a grammar nerd, half of the naming thing came from, people couldn't remember whether to call multiple viruses, viruses or Vira really depends. Computer mice and computer mouses. But we moved to Malware and there's a whole bunch of other wares.

We have software. Everybody knows that we have hardware, people know that. And so malware does make sense, malicious software. But now we also have spyware. This is software with a malicious intent that's designed to spy on your activities.

This is normally disguised or normally actually piggybacked on legitimate software. Spyware will then creep on what you're doing and report back to some central authority. We actually saw this early on with a lot of marketing campaigns and sort of, you know, the intention was either to enforce copyright or to gather data, not necessarily malicious.

But now we're seeing that obviously in the malicious context, same with adware. Adware isn't necessarily malware, but a lot of people treat it as such. It's software that pushes ads down to you nonstop. Of course, in 2016, 2015, we started to see the rise of ransomware and this is malicious software.

It's malware that infects your computer and encrypts your data. It locks you out of your own data and it tries to sell you back the key. And so essentially it locks you out of all your precious photos and movies and says, hey, if you want to access back to these, you're going to have to pay me 300 to $600 in Bitcoin or equivalent in Bitcoin.

And I'll give you the key back. Now. We know from the statistics you're very unlikely to the key to get your data back. And obviously you shouldn't be paying cyber criminals and encouraging them because this is a profit driven business.

But ransomware is another one of the malware family. So malware really straightforward. It's software that's designed with a malicious intent. There's a lot of different types of it where we see new types all the time. We see cyber criminals, you know, working on called exploit kits, which helps them generate new malware to take advantage of vulnerabilities.

There's a whole host of them and while the individual sort of subgroups tell you something as a defender, as a concerned, it user, the real thing here is the malware is malicious software. It's designed to do something that you don't want it to do.

So that's the term malware. Does that make sense to you? Let me know, hit me up online at marknca for those of you on the vlog in the comments down below and as always for podcast listeners and for everybody else, you can hit me up on email

What's your favorite subgroup of the wee suffixed family? Um Do you have a particular example that you would kind of dawned on you that? Wow, this is a real big problem. Maybe that was slammer. Maybe that was the Morris Worm way back when there's a ton of different interesting historical cases, um, associated with malware.

Um, what do you think of the fact that it took six episodes of basics to actually start to get on to the stuff that most people think is the coolest. Um, let me know. I hope you're set up for a fantastic day.

I am off for the next few days. I am back on Tuesday, the fourth of September 2018. Um, enjoy your long weekend. I know I am gonna do my best to do that. I hope, uh, you will talk to me soon because the show is very much audience driven.

Um, again, have a fantastic long weekend and we'll see you next week.

Read next