Malicious software, otherwise known as “malware,” is software that is installed on a user's computing device, usually without the intention of the user of the computing device. Malware may cause harm to the computing device or the data stored on the computing device thereby negatively impacting the user or owner of the computing device. In particular, malware may, against the user's will or without the user's knowledge, relay confidential data from a user's computing device to another computing device, disrupt the regular functioning of the computing device, remotely send email from a user's email account or report computing device user trends to an external computing device.
Malware is frequently disguised as and/or embedded in non-malicious files. Many types of malware exist, including but not limited to Trojan horses, viruses, worms, adware, rootkits and spyware. A Trojan horse, one of the most common types of malware, is a program that asks a user to run it while being disguised as a non-harmful, useful program. After execution of the Trojan horse, it may begin to cause harm to a user's computing device.
Malware is transferred to computing devices via a variety of methods. One of the most common methods of proliferation of malware is through the internet, through email and through the World Wide Web (WWW).
Businesses and corporations frequently take precautions to prevent malware attack against their computer networks. In addition, governmental agencies often face threats of potential domestic or foreign computer-related attacks and as a result, take precautions to prevent malware attacks against their computer networks.
In order to defend against malware, a variety of methods are used. Examples of those methods include antivirus software, website scanning software and firewalls. These methods have disadvantages and can be infected by certain types of malware.
Some institutions may user an “air gap” as a strategy to prevent the institution's network from becoming contaminated with malware. An air gap is a policy in which a network is completely isolated from computing devices in other networks, as no communication is allowed between the institution's network and other networks. A significant disadvantage of such a policy is the inability of users of the institution's network to access other networks such as the internet.