Cybersecurity
Payload
Definition
In cybersecurity, the payload is the part of a piece of malware that performs the actual malicious action, such as encrypting files, stealing data, or deleting files. The rest of the malware is for delivery and concealment.
Why It Matters
The payload is what causes the actual damage in an attack. The exploit or social engineering is just the mechanism to deliver the payload.
Contextual Example
A worm might carry a ransomware payload. The worm's only job is to spread itself to as many computers as possible. Once a computer is infected, the worm executes its payload, which is the ransomware that encrypts the user's files.
Common Misunderstandings
- The term is analogous to the payload of a missile, which is the explosive part that does the damage, as opposed to the rocket that delivers it.
- The delivery mechanism and the payload can be developed separately.