The term malware is a contraction of malicious software.
Simply put, malware is any piece of software designed to damage, disrupt or gain unauthorised access to your device and inflict harm to data and/or people in multiple ways.
It is one of the biggest threats on the internet.
And it comes in a bewildering variety of forms, each with its delivery method (attack vector). The AV-TEST Institute registers over 350,000 new malicious programs (malware) and potentially unwanted applications (PUAs) daily.
Cyber criminals have increasingly turned to fileless malware as an effective alternative form of attack, making it all the more difficult for traditional antivirus (AV) software to detect because of the low footprint and the absence of files to scan.
So, users must know how to recognise the different types of malware to help protect themselves and their business systems from being compromised. While some are well-known (at least by name), others are poorly understood.
» Find out what each type of malware is capable of, how it finds its way into your network and what you can do to avoid falling victim to these types of cyber attacks...
Worms are spread via software vulnerabilities or phishing attacks. Once a worm has installed itself into your computer’s memory, it starts to infect the whole machine and in some cases... your entire network.
Depending on the type of worm and your security measures, they can do serious damage. These parasitic nasties can...
They can infect large numbers of computers fast, consuming bandwidth and overloading your web server as they go.
Unlike worms, viruses need an already-infected active operating system or program to work. Viruses are typically attached to an executable file or a Word document.
Most people probably know that a .exe file extension could lead to issues if it’s not from a trusted source. But there are hundreds of other file extensions that denote an executable file.
Usually spread via infected websites, file sharing, or email attachment downloads, a virus will lie dormant until the infected host file or program is activated. Once that happens, the virus can replicate and spread through your systems.
For computer viruses, your contact list is the equivalent of a packed train for the common cold. It hijacks your applications and uses your apps to sneeze all over everyone… sending out infected files to your colleagues, friends and clients. Because it looks like it’s coming from a trustworthy source (you!), it has a much higher chance of spreading.
A bot is a computer that has been infected with malware so that a hacker can control it remotely.
That bot (a zombie computer) can then be used to launch more attacks or become part of a collection of bots (a botnet).
Botnets are popular with hacker show-offs (the more bots you collect, the mightier a hacker you are) and cyber criminals spreading ransomware. Botnets can include millions of devices as they spread undetected.
Botnets help hackers with all manner of malicious activities, including:
Just as it sounds, a Trojan Horse is a malicious program that disguises itself as a legitimate file. Because it looks trustworthy, users download it and... hey presto, in storms the enemy.
Trojans themselves are a doorway. Unlike a worm, they need a host to work. Once you’ve got the Trojan on your device, hackers can use it to...
Ransomware denies or restricts access to your files. Then, it demands payment (usually in cryptocurrencies) to let you back in.
In May 2017, a ransomware attack spread across 150 countries and compromised over 200k computers within one day. Aptly named WannaCry, the attack caused damage estimated to be tens of millions to billions of dollars.
WannaCry affected Microsoft operating systems that did not have the latest patch installed for a known vulnerability. To reduce the risk of ransomware attacks…
Adware is one of the better-known types of malware. It serves pop-ups and displays ads that are often irrelevant to the user.
Some users will put up with certain types of adware in return for free software (games, for example). But not all adware is equal. At best, it isn’t very pleasant and slows down your machine. At worst, the ads link to sites where malicious downloads await unsuspecting users. Adware can also deliver Spyware, which is often easily hacked, making devices that have it installed a target for hackers, phishers, and scammers.
Spyware secretly records your online activity, harvesting your data and collecting personal information such as usernames, passwords and surfing habits.
Spyware is a common threat, usually distributed as freeware or shareware, with an appealing function on the front end and a covert mission running in the background that you might never notice. It’s often used to carry out identity theft and credit card fraud.
Once on your computer, spyware relays your data to advertisers or cyber criminals. Some spyware is additional malware that changes your settings.
Phishing is a type of social engineering attack rather than malware, but it is a common method of cyber attack. It is successful because the emails, text messages, and web links created look like they’re from trusted sources. Criminals send phishing emails to fraudulently acquire personal and financial information.
Some are highly sophisticated and can fool even your most savvy users. Especially in cases where a known contact’s email account has been compromised, and it appears you’re getting an instruction from your boss or IT colleagues. Others are less sophisticated and simply spam as many emails as possible with a message about ‘checking your bank account details’.
If you’ve noticed any of the following, you may have malware on your device:
Attackers have many methods and techniques to disrupt and compromise users, networks and systems. Basic security practices such as regular user awareness training and patch management will place you in a far better position to create actionable steps to mitigate unwanted threats and make a real difference to your overall cyber security improvement programme.