What is malware, what types exist, and how can we protect against it?
Describe types of malware (virus, worm, trojan, ransomware, spyware), how they spread, and how to protect against them
A focused answer to the O-Level Computing point on malware. The main types (virus, worm, trojan, ransomware, spyware), how they spread, the harm they cause, and the measures that protect against them.
Reviewed by: AI editorial process; not yet individually human-reviewed
Have a quick question? Jump to the Q&A page
Jump to a section
What this dot point is asking
SEAB wants you to describe the main types of malware (virus, worm, trojan, ransomware and spyware), how they spread, and how to protect against them. The central idea is that malware is harmful software, that different types spread and damage in different ways, and that a mix of technical tools and careful user behaviour keeps a computer safe.
The answer
What malware is
Malware (malicious software) is any program written to harm, disrupt or gain unauthorised access to a computer or its data. It is a broad term covering several types.
Types of malware
| Type | What it does | How it spreads |
|---|---|---|
| Virus | attaches to a file or program and damages or corrupts data | when the infected file is opened or shared (needs user action) |
| Worm | a standalone program that copies itself | spreads by itself across networks, no host file needed |
| Trojan | disguised as a useful program; runs a harmful action when installed | the user is tricked into installing it |
| Ransomware | encrypts the user's files and demands payment for the key | often via attachments or downloads |
| Spyware | secretly records activity (keystrokes, browsing) and sends it to an attacker | bundled with downloads or via tricks |
Virus versus worm
A common exam point: a virus needs a host file and usually a user action (opening or sharing the file) to spread. A worm is standalone and spreads by itself across networks, which makes it spread fast and far.
Why trojans are dangerous
A trojan relies on deception: it looks like a legitimate program, so the user installs it willingly, bypassing their suspicion. Once running, it can open a back door, steal data or install more malware.
How to protect against malware
- Install and update antivirus / anti-malware software.
- Keep the operating system and software updated so security weaknesses are patched.
- Do not open suspicious attachments or links, and only install software from trusted sources.
- Use a firewall to filter network traffic.
- Keep regular backups, so files can be restored after a ransomware attack.
Examples in context
Example 1. A hospital hit by ransomware. Malware encrypts patient records and demands payment to unlock them, halting care until systems are restored. Because the hospital kept offline backups, it could rebuild its data without paying, showing why backups are the key defence against ransomware.
Example 2. A free game carrying spyware. A user installs a "free" game that secretly logs keystrokes and sends passwords to an attacker, a trojan delivering spyware. Installing only from trusted sources and running antivirus would have flagged or blocked the hidden malware.
Try this
Q1. State what malware means. [1 mark]
- Cue. Malicious software written to harm, disrupt or gain unauthorised access to a computer or its data.
Q2. Explain one difference between a virus and a worm. [2 marks]
- Cue. A virus needs a host file and user action to spread; a worm is standalone and spreads itself across networks.
Q3. Give two ways to protect a computer against malware. [2 marks]
- Cue. Up-to-date antivirus software, software updates, avoiding suspicious links and downloads, a firewall, or regular backups (any two).
Exam-style practice questions
Practice questions written in the style of SEAB exam questions on this dot point, with worked answer explainers. The year tag is the paper they imitate, not the source.
Original5 marks(a) State what is meant by malware. (b) Describe the difference between a virus and a worm. (c) Explain what ransomware does.Show worked answer →
(a) Malware (malicious software) is any program written to harm, disrupt or gain unauthorised access to a computer or its data.
(b) A virus attaches itself to a file or program and spreads when that infected file is opened or shared; it needs a user action to spread. A worm is a standalone program that spreads by itself across a network without needing to attach to a file or rely on the user. So the key difference is that a virus needs a host file and user action, while a worm self-replicates across networks.
(c) Ransomware encrypts (locks) the victim's files and demands a payment (a ransom) in exchange for the key to unlock them, denying the user access to their own data until they pay.
Markers reward malware as harmful software, the virus-versus-worm distinction (host file and user action versus self-spreading), and ransomware locking files for a payment.
Original5 marks(a) Describe what a trojan is and why it is dangerous. (b) State what spyware does. (c) Give two ways a user can protect a computer against malware.Show worked answer →
(a) A trojan (Trojan horse) is malware disguised as a legitimate or useful program. The user is tricked into installing it, and once run it carries out a harmful action such as opening a back door for an attacker. It is dangerous because it relies on the user trusting it, so it bypasses suspicion.
(b) Spyware secretly monitors and records a user's activity, such as keystrokes or browsing, and sends the information to an attacker, often to steal passwords or personal data.
(c) Protection includes: install and update antivirus / anti-malware software; keep the operating system and software updated (patches fix weaknesses); do not open suspicious attachments or links; only install software from trusted sources; use a firewall; and keep backups. Any two are acceptable.
Markers reward a trojan as disguised malware tricking the user, spyware secretly recording activity, and two valid protection measures.
Related dot points
- Explain why personal data must be protected, the risks of misuse, and measures and good practice for keeping data private
A focused answer to the O-Level Computing point on data protection. Why personal data must be protected, the risks of misuse such as identity theft, and the measures and good practice that keep data private and secure.
- Explain computer ethics including intellectual property, copyright, plagiarism and acceptable use, and the difference between legal and ethical
A focused answer to the O-Level Computing point on ethics and law. Intellectual property and copyright, software licensing, plagiarism, acceptable use, and the difference between what is legal and what is ethical.
- Discuss the social and environmental impact of computing, including benefits, the digital divide, e-waste and energy use
A focused answer to the O-Level Computing point on impact. The social benefits and drawbacks of computing, the digital divide, the effect on jobs, and environmental issues such as e-waste and energy use.
- Describe common network security threats including unauthorised access, interception, phishing and denial of service
A focused answer to the O-Level Computing point on network threats. Unauthorised access (hacking), data interception, phishing and social engineering, and denial of service attacks, and the harm each can cause.
- Describe protection measures including strong passwords, firewalls, encryption, antivirus software and user access levels
A focused answer to the O-Level Computing point on protecting networks. Strong passwords and two-factor authentication, firewalls, encryption, antivirus software, user access levels, and how a layered defence works.