Abstract
Malicious software, or malware for short, is software designed with a nefarious intent of harming the computer user. There are many types of malware, depending on how they are spread and the nature of harm they intend. Some examples of malware include – viruses, worms, Trojan horses, spyware, keyloggers, botnets, rootkits, ransomware, scareware, and drive-by downloads. To date, over a million different viruses and other malware have been detected. Some have caused significant damage to individuals and organizations, sometimes in the order of billions of US dollars. Some notable viruses, in chronological order, include the Morris worm in 1988, the Melissa virus in 1999, the ILOVEYOU virus in 2000, the Anna Kournikova virus in 2001, The code Red worm in 2001, the Slammer virus in 2003, the Mydoom worm in 2004, the Sasser and Netsky worms in 2004, the Storm worm in 2007, the Mirai malware in 2016, and the WannaCry ransomware in 2017. The malware with the most damage known to date have been the Sasser and Netsky worms with an estimated damage of $31 billion. Sometimes, even governments tend to use malware for espionage and other political motives. Malware can be prevented by using appropriate security software such as firewalls, antivirus software, and antispyware. In addition, researchers have employed criminological theories, in particular, self-control and routine activity theories, to determine factors that may increase the risks of malware infection victimization. The extant evidence indicates that irresponsible use of the Internet, such as failing to use a security software or clicking on questionable websites, can also lead to malware infection victimization. Accordingly, to effectively address malware, the technical aspects of the problem as well as the human side of the issue must be jointly considered and targeted. Malware developers are getting smarter in terms of their ability to develop malware that goes undetected by antimalware software, and antimalware developers need to constantly remain innovative to combat smarter malware.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Alazab, M. (2015). Profiling and classifying the behavior of malicious codes. Journal of Systems and Software, 100, 91–102.
Alazab, M., & Venkatraman, S. (2013). Detecting malicious behavior using supervised learning algorithms of the function calls. International Journal of Electronic Security & Digital Forensics, 5, 90–109.
BBC News. (2004). Teen ‘confesses’ to Sasser worm. Retrieved from: http://news.bbc.co.uk/2/hi/europe/3695857.stm
BBC News. (2008a). Computer viruses hit one million. Retrieved from: http://news.bbc.co.uk/2/hi/technology/7340315.stm
BBC News. (2008b). Fighting the scourge of scareware. Retrieved from: http://news.bbc.co.uk/2/hi/technology/7645420.stm
BBC News. (2009). ‘Scareware’ scams trick searchers. Retrieved from: http://news.bbc.co.uk/2/hi/technology/7955358.stm
Bergmann, M. C., Dreißigacker, A., von Skarczinski, B., & Wollinger, G. R. (2018). Cyberdependent crime victimization: The same risk for everyone? Cyberpsychology, Behavior and Social Networking, 21, 84–90.
Biggs, J. (n.d.). Hackers release source code for a powerful DDoS app called Mirai. Retrieved from: https://techcrunch.com/2016/10/10/hackers-release-source-code-for-a-powerful-ddos-app-called-mirai/
Boettger, L. (2000). The Morris worm: How it affected computer security and lessons learned by it. Global Information Assurance Certifications. Retrieved from: https://www.giac.org/paper/gsec/405/morris-worm-affected-computer-security-lessons-learned/100954
Bossler, A. M., & Holt, T. J. (2009). On-line activities, guardianship, and malware infection: An examination of routine activities theory. International Journal of Cyber Criminology, 3, 400–420.
Bossler, A. M., & Holt, T. J. (2010). The effect of self-control on victimization in the cyberworld. Journal of Criminal Justice, 38, 227–236.
Brewster, T. (2014). Cryptolocker: Police take further action on ransomware that hit 50,000 in UK. The Guardians. Retrieved from: https://www.theguardian.com/technology
Ceruzzi, P. E. (1998). A history of modern computing. Cambridge, MA: MIT Press.
Choi, K. S. (2008). Computer crime victimization and integrated theory: An empirical assessment. International Journal of Cyber Criminology, 2, 308–333.
CNN. (2004). Sasser worm spreading quickly. CNN.com. Retrieved from: http://www.cnn.com/2004/TECH/internet/05/03/sasser.worm/index.html
Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 44, 588–608.
eEye Digital Security. (2001). ANALYSIS: .ida. “Code Red Worm.” Retrieved from: https://web.archive.org/web/20110722192419/http://www.eeye.com/Resources/Security-Center/Research/Security-Advisories/AL20010717
Elahi, A. (2018). Computer systems: Digital design, fundamentals of computer architecture and assembly language. Cham: Springer.
Everett, C. (2016). Ransomware: To pay or not to pay? Computer Fraud & Security, 4, 8–12.
Gandotra, E., Bansal, D., & Sofat, S. (2014). Malware analysis and classification: A survey. Journal of Information Security, 5, 56–66.
Gomez, M. A. (2018). Viruses. In B. Warf (Ed.), The Sage encyclopedia of the Internet (pp. 914–920). London, UK: Sage.
Gottfredson, M. R., & Hirschi, T. (1990). A general theory of crime. Stanford: Stanford University Press.
Grasmick, H. G., Tittle, C. R., Bursik, R. J., Jr., & Arneklev, B. J. (1993). Testing the core empirical implications of Gottfredson and Hirschi’s general theory of crime. Journal of Research in Crime and Delinquency, 30, 5–29.
Hern, A. (2017). WannaCry, Petya, NotPetya: How ransomware hit the big time in 2017. The Guardians. Retrieved from: https://www.theguardian.com
Hollis, M. E., Felson, M., & Welsh, B. C. (2013). The capable guardian in routine activities theory: A theoretical and conceptual reappraisal. Crime Prevention and Community Safety, 15, 65–79.
Holt, T. J., & Bossler, A. M. (2013). Examining the relationship between routine activities and malware infection indicators. Journal of Contemporary Criminal Justice, 29, 420–436.
Holt, T. J., & Bossler, A. M. (2014). An assessment of the current state of cybercrime scholarship. Deviant Behavior, 35, 20–40.
Imperva. (2016). The secret behind CryptoWall’s success. Retrieved from: www.imperva.com/docs/IMPERVA_HII_CryptoWall_report.pdf
Jackson, L. A. (2018). Malware. In B. Warf (Ed.), The Sage encyclopedia of the Internet (pp. 619–624). London, UK: Sage.
Jansen, J., & Leukfeldt, R. (2016). Phishing and malware attacks on online banking customers in the Netherlands: A qualitative analysis of factors leading to victimization. International Journal of Cyber Criminology, 10, 79–91.
Kharraz, A. (2018). Ransomware. In B. Warf (Ed.), The Sage encyclopedia of the Internet (pp. 720–724). London, UK: Sage.
Knecht, T. (2016). A brief history of bots and how they’ve shaped the Internet today. Retrieved from: https://www.abusix.com/blog/a-brief-history-of-bots-and-how-theyve-shaped-the-internet-today
Larkin, E. (2007). The Internet’s public enemy number one. PCWorld. Retrieved from: https://www.pcworld.com/article/138694/article.html
Leukfeldt, E. R. (2015). Comparing victims of phishing and malware attacks: Unraveling risk factors and possibilities for situational crime prevention. Retrieved from: https://arxiv.org/ftp/arxiv/papers/1506/1506.00769.pdf
Lévesque, F. L., Fernandez, J. M., & Somayaji, A. (2014). Risk prediction of malware victimization based on user behavior. In 2014 9th international conference on malicious and unwanted software: The Americas (MALWARE) (pp. 128–134). IEEE.
Lewis University Online Programs. (n.d.). The evolution of the computer virus. Retrieved from: https://online.lewisu.edu/mscs/resources/the-evolution-of-the-computer-virus
Lindorfer, M., Federico, A. D., Maggi, F., Comparetti, P.M., & Zanero, S. (2012). Lines of malicious code: Insights into the malicious software industry. In ACSAC ‘12 Proceedings of the 28th annual computer security applications conference, Orlando.
Mirkovic, J. (2018). Distributed denial-of-service attack. In B. Warf (Ed.), The Sage encyclopedia of the Internet (pp. 250–253). London, UK: Sage.
Moore, D., & Shannon, C. (2001). The spread of the Code-Red worm (CRv2). Center for Applied Internet Data Analysis. Retrieved from: http://www.caida.org/research/security/code-red/coderedv2_analysis.xml
Newton, K. (2014). CryptoLocker victims pay out. University of Kent Retrieved from: www.kent.ac.uk/news/science/528/cryptolocker-victims-pay-out
Ngo, F. T. (2018). Cybercrime. In B. Warf (Ed.), The Sage encyclopedia of the Internet (pp. 128–135). London, UK: Sage.
Ngo, F. T., & Paternoster, R. (2011). Cybercrime victimization: An examination of individual and situational level factors. International Journal of Cyber Criminology, 5, 773–793.
Nipkow, T., Grumberg, O., & Hauptmann, B. (2012). Software safety and security: Tools for analysis and verification. Amsterdam: IOS Press.
Norton. (2016). The 8 most famous computer viruses of all time. Symantec Corporation. Retrieved from: https://uk.norton.com/norton-blog/2016/02/the_8_most_famousco.html
Norton. (n.d.-a). How to spot online scareware scams. Symantec Corporation. Retrieved from: https://us.norton.com/internetsecurity-online-scams-how-to-spot-online-scareware-scams.html
Norton. (n.d.-b). When were computer viruses first written, and what were their original purposes? Symantec Corporation. Retrieved from: https://us.norton.com/internetsecurity-malware-when-were-computer-viruses-first-written-and-what-were-their-original-purposes.html
Office of Public Affairs. (2018a). Two Chinese hackers associated with the Ministry of State security charged with global computer intrusion campaigns targeting intellectual property and confidential business information. The United States Department of Justice. Retrieved from: https://www.justice.gov/opa/pr/two-chinese-hackers-associated-ministry-state-security-charged-global-computer-intrusion
Office of Public Affairs. (2018b). Grand jury indicts 12 Russian intelligence officers for hacking offenses related to the 2016 Election. The United States of Department of Justice. Retrieved from: https://www.justice.gov/opa/pr/grand-jury-indicts-12-russian-intelligence-officers-hacking-offenses-related-2016-election
Panda Mediacenter. (2018). The most famous virus history: Melissa. A. Panda Security. Retrieved from: https://www.pandasecurity.com/mediacenter/malware/most-famous-virus-history-melissa
Post, A. (n.d.). W32.Storm Worm. Symantec Corporation. Retrieved from: https://www.symantec.com/security-center/writeup/2001-060615-1534-99
Raice, S., & Angwin, J. (2011). Facebook “unfair” on privacy. The Wall Street Journal. Retrieved from: https://www.wsj.com
Rehman, R., Hazarika, G. C., & Chetia, G. (2011). Malware threats and mitigation strategies: A survey. Journal of Theoretical and Applied Information Technology, 29, 69–73.
Schreck, C. J. (1999). Criminal victimization and low self-control: An extension and test of a general theory of crime. Justice Quarterly, 16, 633–654.
Seetharaman, D., & Grind, K. (2018). Facebook’s lax data policies led to Cambridge Analytica Crisis. The Wall Street Journal. Retrieved from: https://www.wsj.com
Seetharaman, D., & McKinnon J. D. (2018). At Facebook hearing, senators Warn Mark Zuckerberg of New Regulations. The Wall Street Journal. Retrieved from: https://www.wsj.com
Tian, R., Batten, L. M., & Versteeg, S. C. (2008). Function length as a tool for malware classification. In 2008 3rd international conference on malicious and unwanted software (MALWARE) (pp. 69–76). IEEE.
Vaidya, T. (2015). 2001–2013: Survey and analysis of major cyber attacks. Washington, DC: Georgetown University.
van der Wagen, W. (2018). Botnet. In B. Warf (Ed.), The Sage encyclopedia of the Internet (pp. 68–72). London, UK: Sage.
Venkatraman, S. (2009). Autonomic context-dependent architecture for malware detection. In: Presented at the e-Tech 2009 International Conference on e-Technology, Singapore, pp. 2927–2947.
Ward, M. (2010). A decade on from the ILOVEYOU bug. BBC News. Retrieved from: https://www.bbc.com/news/10095957
Williams, C. (2016). IoT gadgets flooded DNS biz Dyn to take down big name websites. Retrieved from: https://www.theregister.co.uk/2016/10/21/dyn_dns_ddos_explained
Zeller, T. (2005). Sony BMG sued over CD's with anti-piracy software. The New York Times. Retrieved from: https://www.nytimes.com
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 The Author(s)
About this entry
Cite this entry
Ngo, F.T., Agarwal, A., Govindu, R., MacDonald, C. (2020). Malicious Software Threats. In: Holt, T., Bossler, A. (eds) The Palgrave Handbook of International Cybercrime and Cyberdeviance. Palgrave Macmillan, Cham. https://doi.org/10.1007/978-3-319-78440-3_35
Download citation
DOI: https://doi.org/10.1007/978-3-319-78440-3_35
Published:
Publisher Name: Palgrave Macmillan, Cham
Print ISBN: 978-3-319-78439-7
Online ISBN: 978-3-319-78440-3
eBook Packages: Law and CriminologyReference Module Humanities and Social SciencesReference Module Business, Economics and Social Sciences