Malicious code (also called malicious software or malware) is
|“||[p]rogram code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system.||”|
|“||[r]ogue computer programs designed to inflict a magnitude of harm by diminishing the confidentiality, integrity, and availability of information systems and information.||”|
|“||[s]oftware or firmware intended to perform an unauthorized process that will have adverse impact on the confidentiality, integrity, or availability of an information system. A virus, worm, Trojan horse, or other code-based entity that infects a host. Spyware and some forms of adware are also examples of malicious code.||”|
|“||software, for example, a virus, designed to damage or disrupt a system.||”|
Malicious code, such as viruses or Trojan horses, are used to infect a computer to make it available for takeover and remote control. Malicious code can infect a computer if the user opens an email attachment, or clicks an innocent-looking link on a website. Malicious code can scan a victim’s computer for sensitive information, such as name, address, place and date of birth, social security number, mother’s maiden name, and telephone number.
- NICCS, Explore Terms: A Glossary of Common Cybersecurity Terminology (full-text).
- Tax Information Security Guidelines For Federal, State and Local Agencies, at 154.
- CNSSI 4009.
- 45 C.F.R. §164.304.