So What is Malware in the wider conversation about cyber threats and security?
Here we offer a definition, along with advice on how to prevent Malware in your organisation.
You may have heard the terms ransomware, trojan and virus used in news reports and wondered what they actually mean. These words all refer to a type of malicious software used to infect computers and devices.
Malware (short for malicious software) is fast becoming one of the biggest threats online and has been used in some of the world’s largest cyber-attacks including the 2017 WannaCry attack that affected more than 200,000 victims in 150 countries.
Malware is typically installed on a computer when a user clicks on a link, downloads a malicious attachment or opens a rogue software program. Once installed, attackers can use the malware to spy on your online activities, steal personal and financial information or use your device to hack other systems.
This form of attack has proved hugely profitable and is becoming more sophisticated as criminals blend old and new variants to cause maximum damage.
There are lots of different types of malware available, with some more harmful than others. 230,000 new malware samples are produced every day and each strain has its own individual way of infecting and damaging computers. The most common types of malware are:
A computer virus is a type of malicious software that once activated, will replicate itself from folder to folder, inserting its own code. A virus can spread rapidly and will usually infect a system with the intention of stealing personal and financial information, sending spam or locking the system down.
A worm is very similar to a virus in that it replicates itself within a system but unlike a virus, it doesn’t spread to other programs. Once installed, the worm silently goes to work and infects the machine without the user’s knowledge. Worms can replicate themselves hundreds of times over, depleting system resources and damaging devices.
A Trojan is a type of malware that disguises itself as legitimate software but really serves a malicious purpose. A Trojan may claim to be a free update, game, or an anti-virus program, tricking the user into installing it onto their device. Once installed, the Trojan works quietly in the background to steal sensitive data, install a backdoor or take other harmful actions.
In recent years, ransomware has become the malware of choice and by the end of the year, it’s expected to cost the world more than $8 billion in damages. Ransomware is a type of malicious software that encrypts a victim’s data and blocks access until a ransom is paid. The most common delivery method for ransomware is by clicking on a link within an email or opening a malicious attachment.
Spyware is a type of software that installs itself on a device and secretly monitors a victim’s online activity. It collects all sorts of data, including passwords, credit card numbers and browsing activity.
Adware is a type of malware that once downloaded will unexpectedly show advertisements on the victim’s computer. Adware doesn’t tend to steal data like other forms of malware, but it can be extremely frustrating as the user is forced to see ads they would prefer not to. The ads range from small banner ads to invasive pop windows that can’t be closed down.
A bot is a device that has been infected with malicious software to do something harmful without the user’s knowledge. Botnets are networks of these infected devices that work together under the control of an attacker. Botnets can be used to conduct phishing campaigns, send out spam or used to carry out Distributed Denial of Service (DDoS) attacks.
How can I prevent my device from becoming infected with malware?
To prevent your devices from being infected with malware, there are a number of steps you can take:
1. Install Anti-virus software
One of the most important ways to protect against malware is to install anti-virus software. Anti-virus software will protect your device from malicious software that poses a threat to the system. It will scan your computer to detect and clean the malware and provide automatic updates to provide enhanced protection against newly created viruses.
2. Regularly update software
In addition to installing anti-virus software, it’s vital to ensure that your software is regularly updated to stop attackers gaining access to your computer through vulnerabilities in older and outdated systems.
3. Only buy Apps from trusted sources
Buying apps from trustworthy sources reduces the chance of your device being infected with malware. Big brands will take great care to ensure they do not damage their reputation by distributing malware. To check the authenticity of a source, you can check the full name, list of published apps and contact details in the app description within the Google Play or Apple app store.
4. Don’t click on suspicious links or download attachments from unknown sources
Phishing remains the easiest way for hackers to install malware on your device. Phishing scams trick people into opening emails or clicking on a link that may appear to come from a legitimate business or reputable source. The link may direct you to a fake website where you are prompted to enter your personal details or take you to a website that directly infects your computer with malware. If in doubt, don’t click the link.
5. Install Firewall
Another way to protect your device from malware is to use a firewall. A firewall prevents malicious attacks by blocking all unauthorised access to or from a private computer network. In addition to anti-virus software, a firewall provides an extra barrier against malware, reducing the chance of attack.
6. Back up data regularly
It’s important to back up on a regular basis to ensure that you can still retrieve all your valuable data and files if your computer is infected with malware. This will help mitigate any damage and ensure that you are not held victim to a ransomware attack.
Phishing is the number one cause of all cyber-attacks and continues to prove one of the easiest ways to steal valuable data and deliver malware. MetaPhish has been created to provide a powerful defence against these threats and enables organisations to find out just how susceptible their company is to phishing. If you would like to find out more about how MetaPhish can be used to protect your business, then contact us for further information.