The IT Law Wiki
Register
Advertisement

Definitions[]

Malicious code (also called malicious software or malware) is

[p]rogram code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system.[1]
[r]ogue computer programs designed to inflict a magnitude of harm by diminishing the confidentiality, integrity, and availability of information systems and information.[2]
[s]oftware or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. A virus, worm, Trojan horse, or other code-based entity that infects a host. Spyware and some forms of adware are also examples of malicious code.[3]
software, for example, a virus, designed to damage or disrupt a system.[4]

Overview[]

Malicious code, such as viruses or Trojan horses, are used to infect a computer to make it available for takeover and remote control. Malicious code can infect a computer if the user opens an email attachment, or clicks an innocent-looking link on a website. Malicious code can scan a victim’s computer for sensitive information, such as name, address, place and date of birth, social security number, mother’s maiden name, and telephone number.

Malicious software can result in performance degradation, loss of system availability, and the capture, modification, or deletion of data.

References[]

  1. NICCS, Explore Terms: A Glossary of Common Cybersecurity Terminology (full-text).
  2. Tax Information Security Guidelines For Federal, State and Local Agencies, at 154.
  3. CNSSI 4009.
  4. 45 C.F.R. §164.304.

See also[]

Advertisement