Types Of Malware In IT Environment Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Computer virus is the most infamous type of malware in today's IT environment, which is a software program that spreads from one computer to another computer to interfere with computer operation. The viruses might corrupt or delete the data in the system, or even delete the all data in the computer. The viruses infect via variety of programs such as e-mail attachment, instant message program, downloading some subject via Internet, and removal media devices. Once the user open the e-mail attachment contains the viruses, the malicious program starts on the system automatically which interrupt the user's operations, such as the computer runs slower, freezing the system and stop to responding, see unusual error message, and more.


A computer virus is a piece of harmful code that replicates itself and attaches itself to existing programs when infecting a computer, and it usually affects certain files on the target computer. Computer worms, on the other hand, are self-replicating computer programs capable of transmitting copies of themselves over a network to other targets (Zacharias 2010). Some worms can install back doors to gain unauthorized access to a computer, and it possible for attacker to control over the targeted system. In the recent past, Conficker was first detected in 2008, which targeted on Windows operation system. Conficker worm is designed to create an enormous global botnet which is a network of computers controlled by a central command center who is a creator of the worm (Hoffman, 2009). Through the botnet controlling by the creator of conficker, it allows them to engage stealing information/data from those computers, launching attacks particular web sites, or infected machine to sent spam e-mails.

Trojan programs

In contradiction to viruses, Trojan does not spread itselves, but disguises themselves as valuable and useful software for download on the internet. There are many types of Trojan horse. One types of it is Remote Access Trojan which is one major types of Trojan horse designed to provide the attacker with complete control of the victim's system. Attackers usually hide these Trojan horses in games or other programs that unsuspecting users then execute on their computer. FTP Trojan acts like an FTP server once it has been installed on a computer. This type of Trojan allows to hacker can download any program or file from infected computer.

2. Discuss some of the basic attacks used by computer and technology criminals.

Denial of Service Attacks

Denial of Service (DoS) attack is an attacker attempts to prevent legitimate users from accessing information or services. By targeting your computer and its network connection, or the computers and network of the sites you are trying to use, an attacker may be able to prevent you from accessing email, websites, or other services affected computer. The most common and obvious type of DoS attack occurs when an attacker floods a network with information which send over flow the request to the server to disable to process with that requests. Distributed Denial of Service (DDoS) attack, an attacker may use another computer to attack the targeted computer using techniques such as worms to launch the program to force your computer to send huge amounts of data to a website or send spam to particular email addresses without the owner's knowledge (McDowell 2004).

Port Scanning

The port scanning is an act that scanning a computer's ports where information goes into and out of a computer, thus port scanning identifies open doors to a computer. It is one of the easiest ways to find out vulnerabilities in the system using by the port scanner software. Port scanning has been used in managing networks usually by the administrator in security manner, but it also can be malicious in nature if unauthorized individual is looking for a weakened access point to break into targeted computer, and possible intrude into the computer to steal the information, or corrupt or destroy the system.

3. Categorize some of the vulnerabilities inherent in TCP/IP platforms.

Targeting vulnerabilities in network protocol is one of the most common methods of attack because the weakness is inherent within the protocol itself and can be harder to defend against such attacks (Ciampa 2009). TCP/IP is the set of communications protocols used for the Internet and other similar networks, in other words, it is a door for the communication to other computer via LAN or Internet. Once opening the door, the computer is able to communicate to another computer allows to send or receive the data and request, such as e-mail or access to Web sites.

Although the normal TCP connection establishment sequence involves a 3-way handshake which is a procedure to establish the connection between two computers, there is a security hole that third unauthorized person might be able to interfere without legitimate user's knowledge. IP spoofing is one common technique of the hackers exploit the vulnerability of TCP/IP platform. IP spoofing is where the intruder disguises his IP address into the target's, and runs through the firewall in order to intrude into the target's network system. In IP communication, filtering is usually set in order to prevent unauthorized access, and allow connections to the network only from specific IP addresses. Even under such strict conditions to access the network, intruders can bypass the IP access restrictions by spoofing the address, this creates more chances for a successful intrusion for unauthorized access to the system.

Man-in-the-Middle attack is one of spoofing technique which intercepting legitimate communication, and the attacker might forging a fictions response to the sender. Denial of Service (DoS) attack is another type of attack exploiting the limitation of TCP/IP platform, and that is designed to bring the network to unavailable by flooding it with useless traffic.