Damage potential

A malware's damage potential rating may be high, medium, or low based on its inherent capacity to cause both direct and indirect damage to systems or networks. Certain malware are designed specifically to delete or corrupt files, causing direct damage. Denial of service (DoS) malware may also cause direct and intended damage by flooding specific targets. Mass-mailers and network worms usually cause indirect damage when they clog mail servers and network bandwidth, respectively.

High

  • System becomes unusable (e.g. flash bios, format HDD)
  • System data or files are unrecoverable (e.g. encryption of data)
  • System cannot be automatically recovered using tools
  • Recovery requires restoring from backup
  • Causes large amounts of network traffic (packet flooders, mass-mailers)
  • Data/files are compromised and sent to a third party (backdoor capabilities)

Medium

  • System/files can be recovered using Trend Micro products or cleaning tools
  • Minor data/file modification (e.g. file infectors)
  • Malware that write minimal amount of data to the disk
  • Malware that kill applications in memory
  • Causes medium amount of network traffic (e.g. slow mailers)
  • Automatically executes unknown programs
  • Deletes security-related applications (e.g. antivirus, firewall)

Low

  • No system changes
  • Deletion of less significant files in the system
  • Changes can be recovered by users without using any tools
  • Damage can be reversed just by restarting the system
 

Glossary A-C

Glossary D-F

Glossary G-I

Glossary J-L

Glossary M-O

Glossary P-R

Glossary S-U

Glossary V-Z