What types
of files can attackers corrupt?
An attacker
may be able to insert malicious code into any file,
including common file types that you would normally consider
safe. These files may include documents created with word processing
software, spreadsheets, or image files. After corrupting the file, an
attacker may distribute it through email or post it to a web
site. Depending on the type of malicious code, you may infect your
computer by just opening the file.
When
corrupting files, attackers often take advantage of
vulnerabilities that they discover in the software. These
vulnerabilities may allow attackers to insert and execute malicious
scripts or code, sometimes without being detected. Sometimes the
vulnerability involves a combination of certain files (such as a
particular piece of software running on a particular operating system)
or only affects certain versions of a software program.
What
problems can malicious files cause?
There are
various types of malicious code, including viruses,
worms, and Trojan horses (see Why is
Cyber
Security a Problem? for more information). However, the range
of
consequences varies even within these categories. The malicious code
may be designed to perform one or more functions, including:
- interfering
with your computer's ability to process information by
consuming memory or bandwidth (causing your computer to become
significantly slower or even "freeze")
- installing, altering, or deleting files on your computer
- giving the attacker access to your computer
- using your computer to attack other computers (see Understanding
Denial-of-Service Attacks for more information)
