Malicious Code

Definition(s)


Malicious Code

Program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system.

Extended Definition: Includes software, firmware, and scripts.

Adapted from: CNSSI 4009. NIST SP 800-53 Rev 4.

Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards

Malicious Code

Software that compromises the operation of a system by performing an unauthorized function or process.

Adapted from: CNSSI 4009, NIST SP 800-83.

Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards

 

Malicious Code

Programs or code written for the purpose of gathering information about systems or users, destroying system data, providing a foothold for further intrusion into a system, falsifying system data and reports, or providing time-consuming irritation to system operations and maintenance personnel.

  • NOTE: Malicious code attacks can take the form of viruses, worms, Trojan Horses, or other automated exploits.
  • NOTE: Malicious code is also often referred to as “malware.”

Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard