What is malicious code?
Malicious code is created to intentionally harm computers, systems or other devices. Malicious code often takes the form of a legitimate action, often hidden in application code of a program that performs a legitimate task. This makes malicious code more difficult to eliminate than typical viruses because common antivirus applications are unable to pick up the malicious code until it has been identified and stored in the antivirus database. There are many different types of malicious codes, but the three most common types are viruses, worms and trojan horses.
- Virus: Viruses are basically applications that exhibit harmful behavior once they have been activated. They are often sent via email or posted on websites and forums. Clicking on the contaminated link or opening of the malicious file can infect computers or entire networks.
- Worm: Worms are dangerous pieces of malicious code that can infiltrate computers, damage it and then spread to other computers across the cyberspace. Worms are typically spread by accessing an infected user’s address book and emailing replicas of itself to all entries.
- Trojan horse: Hackers and other malicious attackers usually prefer to implement Trojans. A trojan horse is malicious code hidden in legitimate applications. Once an unsuspecting user clicks on the file, the trojan horse springs into action. Since the legitimate action the file was intended to perform is also executed simultaneously, many computer users have no way to know they have been infected until it is too late.
How malicious code can affect companies
Malicious code can affect companies in several different ways. Viruses can destroy hard drives, wipe out data or cause other compromises. Worms can infect entire companies, causing widespread damage that can involve data and identity theft. Trojan horses can enable an attacker to completely take over company networks. The results of these attacks can be devastating.
According to the latest study by the Ponemon Institute, “Global companies also are worried about malicious code and sustained probes, which have increased more than other threats. Companies estimate that they will be dealing with an average of 17 malicious codes each month and 12 sustained probes each month. Unauthorized access incidents have mainly stayed the same and companies estimate they will be dealing with an average of 10 such incidents each month.”
The typical result of a malicious code attack is a data breach. According to the Ponemon Institute study, in 2013 the average cost companies had to pay as a result of a data breach was $3.5 million, and attacks had increased by 15 percent over the previous year.
How to eliminate the threat from malicious code
Static Code Analysis (SCA) is arguably the most effective method to prevent malicious code from successfully causing damage to company computers. Today’s leading scanners can quickly detect malicious code such as Anti-Debugging techniques, Deliberate Information and Data Leakage, Time Bombs, Rootkits, Hardcoded Cryptographic Constants and Credentials, backdoor threats and more. The majority of these threats can evade typical antivirus software and conventional vulnerability tests. Scanning and testing should be performed as early as possible, because once a data breach is successful, the damage is already done.
Latest posts by tal (see all)
- Checkmarx Visual Studio Static Code Analysis Plugin - October 15, 2014
- Secure SDLC - October 15, 2014
- Spoofing Attack - October 15, 2014