Nowadays, we’re no longer able to imagine a world without modern technology. Nearly everyone uses mobile devices every day and businesses can no longer operate without the internet. This modern age comes with modern risks.
Are you aware of the risks of malware? Do you know how it gets into your system and how you can prevent it? Here’s everything you need to know about malware, courtesy of Avast Business.
What is malware?
Malware is a term used for Malicious Software. This software can get into your computer and perform actions without your permission, giving hackers full access to your machine. You could compare it to a common cold. You probably can’t remember the exact time you got infected and it may even stay dormant. However, once it’s active, you start to notice the damage it’s actually doing. Just like a cold, malware changes over time. It develops constantly and finds new ways to access your device or go around your antivirus software.
Malware was initially designed as a form of cyber vandalism, breaking computers or changing your background. It has since been adopted by cyber criminals and is used to hold files for ransom, steal passwords to access bank accounts or track information to steal identities.
How does malware affect me?
Malware can affect almost any device, from your computer, phone or tablet all the way to larger systems, such as servers and databases. It is not limited to devices that are online either, malware can get into debit card readers, POS systems, ATMs and other types of devices via a USB, infected cards, or even loaded on at the factory. Malware is also a growing threat to small and medium businesses.
Malware causes damage to your device or software, which might mean your device will not operate the way it used to or might even shut down completely. Other types of malware, known as ransomware, lock or delete files. Malware can also lead to your personal or organisational information falling into the wrong hands. For businesses, even small ones, this could result in fines, loss of customers and reputational damage.
Types of malware
Malware comes in all shapes and sizes. Again, think of a cold; there’s the flu, a stomach bug, a sinus infection; they all have different symptoms and treatments. This chapter will explore the most common types of malware and how to recognise them:
Ransomware locks your files and demands you to pay a ransom to unlock your files. This type of malware is rapidly becoming more advanced. Sometimes it even starts deleting fi les as soon as you are infected pressuring you to pay up.
Worms are renowned for the amount of damage it does to your device. This mainly due to the fact that worms are self-replicating. They continue to spread through your computer, without you having to do anything. A worm infection can even spread to an entire network.
It’s already in the name; Trojans behave like a Trojan horse in the Greek tale. The soldiers hid inside of the horse to penetrate the city wall of Troy and waited until nightfall to attack. A Trojan works exactly the same. They disguise themselves as a trusted program to get into your system and attack later.
Key loggers track your keystrokes and save them in a hidden file on your computer. After a certain amount of time, the file is sent to the hacker automatically who will use the keystroke data to get your passwords or personal information.
The name “Bot” comes from the word “robot.” This type of malware often automates tasks and provides information like a robot does. They are used to gather information through chats, IMs or similar web-based programs. Bots can also be used for attacking websites often in the form of bot nets where a hacker controls multiple bot infected computers. A hacker can use the bot net to blast comment sections of blogs by submitting spam, overload servers by generating huge amounts of traffic or quickly attempt a trial and error approach to cracking passwords on secure sites.
This type of malware spies on user activity, from collecting keystrokes to browser history to data harvesting. However, spyware often has additional capabilities as well, ranging from modifying your security settings to interfering with network connections. Spyware spreads by bundling itself with trusted programs or by using Trojans.
A RootKit is able to remotely access or control a computer without being detected by users or security programs. This way cyber criminals are able to execute files, steal information, modify configurations, alter software or even install more malware. A RootKit is very difficult to remove, so prevention is key!
Most people have heard of viruses. For viruses to be effective, you actually need to run the software that contains the virus. They do not spread by disguising themselves as legitimate software, but often are files that contain nothing but the malicious code. However, viruses can be embedded in a Word or Excel document as a macro. The virus will be enabled once you agree to enable macros.
Malware attacks explained
Most types of malware require a user to open the door. This means that you will first have to perform an action, in order to get infected with malware. Malware can be very clever and trick you into inviting them in.
You have probably seen emails with subject lines like “You Have Won …”, “Past Due Invoice”, “Your Refund has been approved.” or have received a message from someone you don’t know. Often, these types of emails contain malicious software or a link that enables malware. Using Social Engineering, the message just has to be interesting enough to have you click. The best thing to do when you receive these emails is delete them.
Malware can also spread through websites. These websites can include pop-up advertisements that launch malware when you click on them. Malware can also be hiding behind links to free gambling, clothing deals or warnings that appear on your screen claiming that you have a virus. If something appears too good to be true or if it seems untrustworthy, don’t click it.
Opening the backdoor
Programs or operating systems you are using may have weaknesses. These weaknesses or vulnerabilities allow a person who is technically inclined to make changes to the program from outside of the device. These vulnerabilities are very dangerous as hackers can gain direct access to your computer to launch the type of malware they prefer. In some cases, the hacker can even disable your antivirus software. That’s why it is important to always ensure you are running the most up to date versions of your operating system and software, ensuring that known vulnerabilities are minimised.
Shut your doors to malware
Prevention is cheaper than the alternative. There are a few ways to protect yourself and your business from a malware infection.
Keep your operating system software and 3rd party applications (Adobe Reader, Adobe Flash, Microsoft Office, etc.) up to date, to ensure all possible vulnerabilities are covered.
Back up your files
You want your files to be available at all times. It is important to back up your files regularly. By using an external drive or the cloud to do so, you will ensure the malware attack cannot spread to your back up as well.
Know how to spot malware
Now that you know the types of links to avoid in an email or on a web page, it should be easier to prevent malware attacks. When in doubt, always delete the email or close the web page.
Educate your employees
Transfer this knowledge to your employees so they also know how to spot a malware attack once they see one. Most attacks succeed through human error or uninformed clicking.
Create policies for reporting and dealing with malware
When an employee receives a malicious email or spots a file that contains malware, they should know where to report this or how to deal with it. By knowing when one of your employees or co-workers has been attacked, you can prevent others from inviting malware into your business.
Use a good multi-layer antivirus program
Not all antivirus solutions are able to scan files to a level that can actually prevent a malware attack. Make sure you use protection that utilises a multi-layered approach to detecting and eliminating malware.
Glossary of malware terms
Just in case you’re confused at this point, here is a quick-fire glossary to glance over.
Advanced persistent threat
An adversary that possesses sophisticated levels of expertise and significant resources which allow it to create opportunities to achieve its objectives by using multiple attack vectors (e.g. cyber, physical and deception)
A program that specialises in detecting and blocking or removing forms of spyware.
A program that monitors a computer or network to detect or identify major types of malicious code and to prevent or contain malware incidents. Sometimes by removing or neutralising the malicious code.
Observing activities of users, information systems and processes and measuring the activities against organisational policies and rule, baselines of normal activity, thresholds and trends.
All files are made of code.
Underground network that has controlled access that can be used for buying and selling of user data and malicious code.
To protect and lock data from being tampered with and read.
Is unencrypted reversing the encryption see above.
Someone who hacks someone for political gain rather than financial.
An attack funded by a government or political movement.
Someone in his bedroom, students that write malicious code.
All the different types of attacks that are in use.
The part of your network or devices that are attacked. Machines without antivirus, unpatched operating systems, devices with default passwords.
The different ways that an attack happens; email with a link, email with attachments, malicious links on web pages, redirection to malicious websites, pop-ups.