The terms used to talk about computer security threats are famous for being many and confusing. It seems to me that there is one main reason for this.

But first, we need a word to cover all these pests in general: for that we will use the word Malware.

(We also understand if people prefer the word SCUMWARE for this.)

Remember the basic questions that are always used to train students, journalists, detectives, scientists and researchers: e.g. WHO?, WHEN?, HOW? and WHY or WHAT FOR?

When it comes to malware the key questions are HOW and WHAT FOR?

So, some terms refer to what the malware was made for (e.g. to spy on you). Some refer to how it spreads (e.g. as a virus) and how it can hide on your system, and so on.

It is easiest to explain this is by example.

There are...

Terms that describe HOW a piece of malware spreads.

E.g. the terms Trojan Horse, Virus and Worm identify different ways that malware can spread and replicate.

Terms that describe what the malware is for.

E.g. Spyware is called Spyware because it is used to Spy on you.

Adware will send advertising to your browser or desktop.

Terms that describe how the malware operates.

E.g. a keylogger intends to spy on you by recording what keys you press on your keyboard. Somebody could discover your passwords by doing this.

A keylogger could be delivered to your computer by way of a virus or worm, and intend to spy on you. So it is a piece of Spyware.

There are also other terms to describe these pests in more detail. You have probably heard of things such as a Boot Virus, a Root Kit and so on.

These more specific terms often identify more exactly how the malware functions.

For example these terms might identify exactly how some malware is designed to hide in your computer and yet run without you being aware of its presence.

Malware

What is Malware?

Malware is the general term we will use to refer to all these other pests and security threats.

Obviously this is Malware:

Things that are very obviously malware include viruses and worms and other programs that have malicious intent to spy, steal or destroy your computer (or some other computer or network server etc.).

This is Malware too:

Other malware is less obviously malicious.

For example, Adware often arrives on a person's computer because the person knowingly downloaded and installed some software. But then the software turns out to be part of a system of aggressive and/or misleading marketing, questionable business practices and/or violation of privacy.
This brings up the question of informed consent, especially about anything connected to the privacy and proper functioning of our computers.
Although people do personally download programs that amount to Adware and Spyware, the thinking here is that have been tricked – they would never have wanted it if they had known what it was really up to.

Less obvious, but this is Malware too:

There are Rogue Programs and just plain Rubbish.
The people at Spyware Warrior and Malwarebytes (makers of Rogue Remover) are specialists in this kind of malware.

Real Rogues:

This is the kind of software that claims, for example, to be a spyware remover – but actually is spyware or adware .
Real Rogues like this are definitely malware.

Rubbish:
When it comes to security, some people consider poorly made security software to be Malware. Especially if it is advertised in an aggressive or misleading way.
Why is this Malware?
Because it promises to keep you safe and secure but it can't do it.
If we were manufacturing and selling vehicles we would have to achieve recognised quality standards for parts such as brakes, tyres and seatbelts.
There are no similar legal regulations about computer security tools. Fortunately, there are concerned internet citizens who make it their business to identify the suppliers of poor quality security 'brakes, tyres and seatbelts'.
The people at Spyware Warrior and Malwarebytes act as consumer watchdogs for this.
At Spyware Warrior there is a list of rogue software. This is mainly software that purports to keep you safe from Spyware but is either lying about that or just plain useless.
Of course if you already have some of this rogue software you might not be able easily to identify and completely remove it.
The people at Malwarebytes provide a program, Rogue Remover, that is dedicated to exactly this job. (It is free to use for a trial period: you can clean up your computer for free.)

How Malware spreads:

Virus

What is a virus?

A virus is a computer program or piece of code that can copy itself – and spread to more computers by making copies of itself.
A virus typically 'infects' another file. So, for example, you could download a free game from a website, and it could be infected with a virus.
When you start your game, you are also letting the virus run.
(It might actually be the last time anything runs on your computer. Because the virus might have a malicious 'payload' – that is, the ability to further interfere with your computer or disable it in some way.)
It is not safe to download just anything from any website (or peer-to-peer file-sharing system) without taking precautions.
So far we are describing what a virus is by describing a method of spreading. Because, to be strict, the term 'computer virus' merely identifies a method of spreading.
A more important concern is about why the piece of code is designed to spread.
Because the virus can usually do more than just spread: it depends on what it is for.
These days a virus is very likely to be malware, i.e. part of an attempt at vandalism, theft, spying or extortion.

Worm

What is a computer worm?

A worm is a program or piece of code that copies and spreads itself to many computers. Unlike a virus, a worm does not rely on infecting a host file. The term 'worm' is used to identify programs that aim to spread through a network, by whatever means possible, without users knowing about it.
These means of spreading can include emails and instant messaging.
As with viruses, our concern is not so much with how these things spread, but what they intend to do.
For example, the infamous worms SoBig and MyDoom were able to make infected computers Zombies.

Trojan Horse

What is a Trojan Horse?

A Trojan Horse is usually a computer program or software that appears harmless but carries malware.
People like to download eye-candy, browser add-ons, and free software or games. However, sometimes the reason that the software is free is because it is a trojan horse.
A trojan could carry a variety of malware: e.g. if a RAT – Remote Access Trojan – gets onto your machine it enables somebody to have access to your computer across the network (if you are connected to the internet you are 'on the network' in this sense.)

Blended Threat

What is a Blended Threat?

The idea of a Blended Threat refers to the fact that a collection of hacking tools can be used together: once attackers have one foot in the door to a private computer they can try to get more control over it and make more use of it.
For example: if a trojan horse is successfully installed on a computer, it could open a door (a backdoor) to virus infections, worms and tools aimed at disabling security software.

Main Types of Malware

Adware

What is Adware?

Adware can possibly be quite harmless but sometimes it is there to spy.

Harmless adware

Sometimes you are offered a free program to download on the understanding that the free version displays advertising. Often you can upgrade to the paid version and then you do not see advertising when you use the program.

But even relatively harmless adware is considered Malware if it offends our ideas of informed consent.
For example, you are invited to download a handy toolbar for your browser: it is also a mechanism for serving advertising to your browser or desktop but this is not explained to you.
So it seems that you are actually being tricked into installing something without being clearly informed about what it will do.

More sneaky adware

Adware can be also be delivered by stealth (e.g. by Trojan Horses or Viruses), install itself on your computer and feed you advertising without asking.
Really bad adware can also be spyware.

Spyware

What is Spyware?

'Spyware' refers to programs that run without asking and invade your privacy. Spyware can track the websites you visit, collecting and reporting the information to another party. This other party would usually be somebody very keen to send you more 'targeted' advertising that you did not ask for.

Very bad spyware is intent on identity theft, including attempts to discover personal information such as your credit card details and passwords. See keyloggers below for an example.

If there is adware or spyware on your PC you might find that it runs slowly or that you see a lot more 'pop-up' advertising when you use the internet. On the other hand, clever spyware can also hide, undetected, without causing these symptoms.

Keylogger

What is a Keylogger?

A Keylogger is a kind of Spyware. It is a computer program or piece of code that collects a record of all the keys you type on your keyboard.
A person in a position to collect this data can possibly access your private affairs, such as your bank account or credit card details, your passwords and your private business or personal communications.

Rogue Programs

What are Rogue Programs?

This is explained above under the general topic of Malware, but here it is again for convenience.

There are Rogue Programs and just plain Rubbish.
The people at Spyware Warrior and Malwarebytyes (makers of Rogue Remover) are specialists in this kind of malware.

Real Rogues:

This is the kind of software that claims, for example, to be a spyware remover – but actually is spyware or adware .
Real Rogues like this are definitely malware.

Rubbish:
When it comes to security, some people consider that poorly made security software is Malware. Especially if it is advertised in an aggressive or misleading way.
It's just poor quality, why say it's Malware?
Because it promises to keep you safe and secure but it can't do it.
If we were manufacturing and selling vehicles we would have to achieve recognised quality standards for parts such as brakes, tyres and seatbelts.
There are no similar legal regulations about computer security tools. Fortunately, there are concerned internet citizens who make it their business to identify the suppliers of poor quality security 'brakes, tyres and seatbelts'.
The people at Spyware Warrior and Malwarebytes act as consumer watchdogs for this.
At Spyware Warrior there is a list of rogue software. This is mainly software that purports to keep you safe from spyware but is either lying about that or just plain useless.

Of course if you already have some of this rogue software you might not be able easily to identify and completely remove it.
At Malwarebytes you can get a program, Rogue Remover, that is dedicated to exactly this job. (It is free to use for a trial period: you can clean up your computer for free.)

Other Related Terms:

Botnet

What is a Botnet?

Bot can just mean a computer program or piece of code that runs automatically. A Botnet would be a group of these, and/or a group of computers on which the bots are running. However, in security terms a Botnet is a collection of computers running an unwanted program. The computers have become somebody's zombies. They could be used in a co-ordinated way to attack other computers or send spam.

Botnets have usually been associated with IRC (Internet Relay Chat, i.e chat rooms). This particular layer of the internet – chat servers and clients – has provided opportunities for attackers to build and control their networks of bots.

It is not really possible to describe the workings of a malicious IRC botnet in simple terms.

Depending on the intentions of the bot controller, the network can become a means to create an army of zombie computers that can be used to spy or spread other malware.

If you would like to read in detail about IRC bots there is an interesting paper at HoneyNet.

HoneyNet is an interesting site for anybody wanting to learn more about computer security.

Also, the New Zealand chapter of HoneyNet makes available a free tool to detect malicious websites.

You can type in the address of a website there and it will check for signs that the site might carry a threat to your security.

Backdoor

What is a Backdoor?

A Backdoor is a computer program or piece of code that could enable somebody to use your computer without your knowledge.
Some of the well known worms (e.g. Sobig and Mydoom) could install a backdoor on affected computers.

The term 'backdoor' really refers to the specific way in which this security breach works.

Imagine a computer system where actions such as deleting files or installing software can only be performed by a user who has permission to do so – a user who had to log in, with a unique name and password.

In that case the purpose of a backdoor is to secretly add a valid user with a password and permissions to do things like install and remove software, delete files, alter system settings and so on.

This will be a 'hidden' user. I.e. you won't see the user name for this one at your login screen.

By the way, all Unix type operating systems work in this way: they have a list of users who can perform actions on the computer only if they have been given permission.

A nasty reality of having a backdoor on your PC is that the open door might be used by anybody who finds it.

In other words it's not like 'somebody stole the key to my door and can get in (until I change the lock)': it's more like 'somebody unlocked my door and now anybody can walk in'.

NOTE

About that "all Unix type operating systems... have a list of users who can perform actions on the computer only if they have been given permission"...

Microsoft Windows computers can be made more like this too. But the approach is different in Windows: anybody who logs in, even as a new user, can do a lot of damage to the system. In Windows you need to actually do something to restrict the permissions of different users.

This is because Microsoft's philosophy has been that everyone can have a computer that is easy to set up and use. So you can 'get started' with a Windows system without needing to create a special 'Administrator' account and password, and then some 'User' accounts with limited permissions, and so on.

In other words, in Windows you can get started without making the computer secure. But you shouldn't leave it like that.

If you use Windows you should know about setting up separate Administrator and Limited users. It's a basic security measure.
You can find out how to do it at Microsoft's page about setting up user accounts.

Zombie

What is a Zombie?

A zombie is what your computer can become if you let malware in.
Your computer has become a zombie if somebody else can use it for their own purposes without you knowing.
Somebody could sneak some code onto your machine (with the code spreading as a virus or worm, for example) and then employ your machine to do things such as spread spam or attack other computers or networks.
It seems that, as of 2007, most spammers rely on having a lot of zombies at their disposal in order to distribute huge amounts of spam.
At the end of May 2007 there were some arrests of major spammers, e.g. the "Buffalo Spammer". But reports of spam activity suggested that there was little drop-off in spam. There are always more spammers to take their place. And unfortunately there are altogether too many unprotected computers in the world – enabling spammers to create their legions of zombies.