Viruses, Worms, and Trojan Horses are all malicious computer programs that threat your data security and integrity.
What are they and what are the differences between Viruses, Worms, and Trojan Horses?
- Viruses -- A computer virus is a small program written to alter the way a computer operates, it attach itself to legitimate programs and files without the permission or knowledge of the user. It have to execute itself and replicate itself. A virus's duplicate requires the spreading of an infected host file. An "affected" program or file can log user keystrokes, steal sensitive data, corrupt file system, display misleading message etc.
- Worm -- Worms are programs that replicate themselves from system to system without the use of a host file. First it takes control of features on the computer that can transport files or information. Once a worm is in your system, it can travel alone automatically. A worm can open backdoors on your computer for file transfer, turning your computer into a zombie of a botnet, the backdoors can also be explored by other malware.
- Trojan horse -- Trojan horses are files that claim to be something desirable but, in fact, are malicious. A very important distinction between Trojan horse programs and true viruses is that they do not replicate themselves. For a Trojan horse to spread, you must invite these programs onto your computers; for example, by opening an email attachment or downloading and running a file from the internet. Once the user has installed the program (with admin password), it can create backdoors, install more malicious programs, log all the key strokes, steal sensitive data, etc.
The counter measures includes:
- set up policy to prevent users from downloading files from internet. Needed files can be downloaded from white listed sites, intranet, LANDesk etc.
- keep the operation system and softwares updated. Worms exploit vulnerability in the operation system, applications with bugs make virus infection easier. Operation system and software update make the overall system more robust and healthy.
- have anti-virus softwares installed on all the end points on the network. Having the anti-virus software updated and schedule regular scans. Anti-virus software need to use the latest virus database to keep up with the latest virus in the wild. Regular scan is like regular health check, it kept the risk low and prevent virus to spread in your network.
- Scan external devices, network storage, email attachments before copying/downloading to your computer.
- Make regular backup of your data.
- enable logging.