Malware is ‘malicious software’ intended to damage, disable, or exploit computers or computer systems. It is a term most have become familiar with in the digital age because of its high presence and problematic consequences.
Furthermore, the use of malware continues to dramatically increase and evolve each year. G DATA Security reported that in 2016, about 127 million new malwares emerged, which is approximately 1 per every 4.2 seconds. More recently, different types of malware have been specifically programmed with a specific function to generate profit for their creators through the theft of sensitive information, forced advertisements, extortion of money, and email spam. Due to the variety of malware, it is important to understand and recognize the different types of malware that your organization could come across.
Spyware is exactly what you would guess – malware designed to spy on and gather information about the user. It can be used to track and monitor Internet activity, discover and extract sensitive information, and log keystrokes.
If your system becomes infected with spyware, the hacker can access company information, payment card information, and the consumer profile of users. This stolen activity and information can be sold or used to harm the infected user.
Prevention tip: Don’t click embedded links within pop-up windows
Pop-up windows can include spyware just by clicking the link or window, accidentally installing spyware to the computer. Avoiding these links can prevent an accidental download.
Adware is a type of malware that automatically delivers advertisements to a user to generate revenue for its creator. This can be done through pop-up internet ads or ads embedded in the interface of a program. Adware is popularly used in conjunction with spyware.
Once personal information has been collected through spyware, advertisements can be catered to the user. This invades the privacy of users and causes disruption of computer functionality and productivity.
Prevention tip: Only download from known, credible websites
Unknown websites are common grounds for adware, therefore users should be vigilant about the locations from where they are downloading items.
Ransomware is a type of malware that can restrict users from accessing a system or data, and even delete or publish data if a ransom is not paid. It can restrict a user from access to files through encryption. There is still no guarantee that paying the desired ransom will restore systems or data.
Most ransomware today falls under two categories:
- Locker ransomware: restricts access to the computer or infected device
- Crypto ransomware: restricts access to files and stored data
Although malware is continually evolving, there are common strains of ransomware that have been discovered and identified including Cerber, CTB- Locker, TeslaCrypt, and CryptoWall.
Prevention tip: Back-up data offline daily
An infected system cannot compromise data that has been backed up offline. Thus, users who experience a ransomware attack will have a complete untouched backup of their files, and will not be forced to pay the ransom to receive access to their data.
The most common form of malware is a Trojan Horse. Attackers disguise this malware as something desirable such as a special offer or gift, to infiltrate a computer system they otherwise would not have access to. A Trojan Horse can often share the same competences as other malware including, spyware and adware causing enormous problems for the user.
Once granted access, this malware can:
- Steal sensitive data
- Crash devices
- Block anti-virus software
- Control the system remotely
- Spy on users
- Take payment card information
- Delete or modify user data
- Use the computer as a proxy
- Spread itself across networks
Prevention tip: Carefully read licensing agreements before downloading
A Trojan Horse can only access a system if given permission by the user, therefore it uses deceptive communications in downloads during the agreement section. Use caution to avoid accidentally downloading something that could cause harm to your computer.
One of the most widely discussed types of malware is the virus. A virus is a malicious computer program used to alter the way the computer operates, and capable of replicating itself and spreading to other devices. These can infect documents, script files, web applications, and other various programs.
Consequences of a computer virus can vary widely from annoying and benign to severely damaging. The most common side effects include a drastic decrease in computer speed, modification of data files, and compromising software such as a firewall. Once infected, viruses can install ransomware and spyware leading to further damage. Viruses can reduce computer performance and permanently crash or disable computer systems. Some viruses can even remain dormant after being acquired, waiting for a specific trigger such as a date or the presence of another file to execute.
Prevention tip: Only join secure networks
Using an open Wi-Fi connection puts a system at risk of a virus by allowing unauthorized users and systems to access files. Only use secure networks or VPNs when in public locations.
A worm is like a virus in the way it can replicate itself to infect other computer systems. However, unlike a virus, a worm doesn’t need to be attached to an existing program or be prompted to execute. A virus requires human intervention to become attached to a file, attachment, or website link while a worm can attach itself and self-propagate.
A worm can slow bandwidth, install backdoor programs, and even “eat” data files and operating systems until the drive is empty. Because worms don’t require any action by the user to be released or spread, these are particularly tricky to defend against and rid from computer systems.
Prevention tip: Use the appropriate firewall
By implementing a firewall, a user can limit or restrict network traffic, especially unauthorized users.
Without protective and proactive measures, organizations can experience the costly and damaging effects of malware. According to Forbes, cybercrime costs are projected to reach $2 trillion by 2019. Amongst the increasing cybercrime landscape, organization should be preparing for any potential danger including cyber-attacks. To mitigate the increased risks, A-LIGN can help you with the right strategy to prevent your organization from becoming another victim of malware attacks. To learn more about increasing your organization’s cybersecurity, read our Cyber Defense Guide 2017: Part 1.