In data security lingo, the public world outside of a company’s internal data communications
network, which includes the Internet, is often referred to as “The Wild.”
The Wild is typically the source and the preferred method of propagation and transportation of
software written by individuals or teams trying to affect the confidentiality, availability, and/or
integrity of electronic data and information.
Although the biological term of virus is often used, it is important to know that the term is an often
misused generic term to represent the malicious software found in The Wild. When speaking in a
generic/broad sense, it is more correct to use the term “Malicious Code." Malicious code refers to
any unwanted code/software that modifies or destroys data, steals data, allows unauthorized access,
exploits or damages a system, or does something that the user did not intend. A computer virus is
just one of many types of malicious code, and just like a biological virus, the method of detection
and cure differs from other forms of malicious code.
Malicious code branches out into two areas: one branch of code needs a host program to operate,
and another branch is independent of programs in the environment that it has contaminated. Below
are definitions of the various malicious codes.
Just like the name implies, a trap door is a secret entry point into a program that allows someone
who is aware of the trap door to gain access without going through the usual security access
procedure. At times, a trap door will be installed by the application developer or maintenance
programmer. However, a trap door can also be installed by someone gaining entry through either
unauthorized external or internal access.
Logic Bomb is code embedded in some legitimate program that executes when a certain predefined
event occurs. The event can be date triggered or triggered by other means such as the processing of
someone’s identification number. These codes are secretly inserted into an application or operating
system that causes it to perform some destructive or security-compromising activity
An electronic Trojan horse masks its identity as a seemingly useful program or command procedure
containing hidden code that when invoked performs some unwanted or harmful function. The
integrity of the system or applications is questioned due to the unwanted code.
Zombie refers to a machine that is under the spell or influence of a third party. It is a program that
secretly takes over another internet-attached computer and then uses that computer to launch
attacks that are difficult to trace to the zombie’s creator. Most owners of a zombie computer are
unaware that their system is being used in a malicious way. According to a past article in PC
World, "Spam Slayer: Slaying Spam-Spewing Zombie PCs," in 2005, an estimated 59-80% of
spam is being sent by zombie computers.
The all too famous virus is a classic example of a program that mimics biological life. A virus is a
program that can 'infect' other programs or hosts by modifying them. The modification includes a
copy of the virus program, which can then go on to infect other programs. A virus can do anything
that other programs do. The only difference is that it attaches itself to another program and executes
secretly when the host program is run. Once a virus is executing, it can perform any function such
as erasing files and programs. These were the first forms of malicious code. Included were boot
sector and program (.bin, .com, .exe, .ovl, .drv, .sys) viruses.
Although any sort of malicious code on a workstation is often referred to as a virus, in many
instances, the malicious code is not in fact virus related.
Although less known, worms cause more damage in terms of network outages or denial of service
attacks than any other form of malicious code. A worm is a self-replicating, stand-alone program
that exploits security holes to compromise other computers and spread copies of itself through the
Unlike viruses, worms do not need a host. Because of the recursive structure of this propagation,
the spread rate of worms is very fast and poses a big threat on the Internet infrastructure as a whole.
The most destructive effect of an Internet worm that was faced by Oakland City was attempting to
replicate itself, in which the worm consumes all of the network's resources, preventing any other
forms of communication from passing through, causing a denial of service attack.
As smart phones, I-pads and other mobile devices become more technologically advanced,
attackers are finding new ways to target victims. By using text messaging or email, an attacker
could lure you to a malicious site or convince you to install malicious code on your portable device.
Such headlines as those listed below are becoming more and more common:
Within the next few months, there will be an article describing best practices in Mobile Security.
There are all sorts of approaches being taken to compromise the data and information on City
workstations, servers, mobile devices and the network.
Although the benefits and gains of providing network and Internet access to City computing
devices exceed the risks, the City’s Department of Information Technology Services is in a
constant battle to ensure malicious code does not enter the internal network, or if it does, it is
immediately detected and removed.
The approach of that detection and removal depends on what sort of code it is, which is why it is so
important to be knowledgeable of the malicious codes.
The City relies on a sophisticated layered approach to securing its information technology
infrastructure. Although multi-layered or in-depth, the last and most important line of defense is its
users. If while operating your City computing device, you notice strange behavior, use your good
judgment, and if you feel it merits it, please do not hesitate to call the help desk.
As mentioned in a previous email, program notification and program progress can be tracked
If you have any concerns, please use email@example.com, or contact Ken Jaworski at
firstname.lastname@example.org, or call (313) 224-1313, or contact Terrence Sims at
email@example.com, or call (313) 224-3354.
Tags: no tags
2004-2013© City of Detroit ITS/Communications and Creative Services Division
For information about the City of Detroit’s Web site, email the Web editor
Content Approval | Login