Definition(s)
Malicious Code
Program code intended to perform an unauthorized function or process that will have adverse impact on the confidentiality, integrity, or availability of an information system.
Extended Definition: Includes software, firmware, and scripts.
Adapted from: CNSSI 4009. NIST SP 800-53 Rev 4.
Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Malicious Code
Software that compromises the operation of a system by performing an unauthorized function or process.
Adapted from: CNSSI 4009, NIST SP 800-83.
Source: NICCS™ Portal Cybersecurity Lexicon, National Initiative for Cybersecurity Careers and Studies (https://niccs.us-cert.gov/glossary) as of 11 November 2015, Global Standards
Malicious Code
Programs or code written for the purpose of gathering information about systems or users, destroying system data, providing a foothold for further intrusion into a system, falsifying system data and reports, or providing time-consuming irritation to system operations and maintenance personnel.
- NOTE: Malicious code attacks can take the form of viruses, worms, Trojan Horses, or other automated exploits.
- NOTE: Malicious code is also often referred to as “malware.”
Source: ANSI/ISA–99.00.01–2007, Security for Industrial Automation and Control Systems, Part 1: Terminology, Concepts, and Models, 29 October 2007. National Standard