What Is Malware?
Malware is a common term in information security, but what exactly is it? In this article, we’ll explore where it comes from, what it is intended to do, and how to best protect you and your company from attacks.
Malware: A Definition
The word “malware” is a shortened version of the term “malicious software,” i.e., any type of program designed to do harm to a computer, server or network. Malware includes viruses (programs that “infect” other programs or documents and spread from computer to computer), worms (a more specific type of virus that duplicates itself) and Trojans (programs or documents that appear to be something legitimate but infect computers once they are opened).
FREE role-guided training plans
Other types of malware include spyware, which can collect keystrokes or take control of a computer’s camera; adware, which displays unwanted ads and can download further malware; ransomware, which holds a computer or network hostage until a fee is paid; and rootkits, which can secretly take admin controls over a computer, server or network.
These programs are often created as an executable file, also known by its extension .exe, a type used by PCs running Windows software. Other malware programs are embedded in macros, such as those used by Word or Excel with extensions .doc and .xls and can infect other operating systems including OSX.
They often take advantage of a vulnerability in a program or operating system which hasn’t been updated to the latest version.
How Do I Catch Malware?
As varied as the types of malware are the delivery methods in which thieves attempt to get you to open it or visit a website. The most basic and still by far the most common is through good old-fashioned email communication. This tactic is known as phishing, where a hacker may send tens of thousands of emails with a malware attachment. Phishing/malware is a numbers game: All they need is just one click to unleash the virus and spread havoc.
Another way malware spreads is through infected websites. These can be obviously marginal destinations, such as file-sharing or pornography sites, but can also be hidden in more “legitimate” sites that have been compromised. Many times the malware will be secretly downloaded in the background without your knowledge, a process known as a drive-by download. Other times, a phony alert message will pop up telling you to update your software (like Flash); when you click, you are actually installing malware.
Malware can also be placed on a USB, included in a text message or embedded in pirated software (and sometimes even bundled with legitimate applications). If someone at your work downloaded malware and it infected the network you are attached to, you and everyone else are likely infected as well.
The most common denominator between all these scenarios is that people often don’t use their best judgment before they click.
What Happens When I Get Malware?
It depends on the type of malware you have, but generally speaking, your computer becomes corrupted or compromised. You may notice that it slows down considerably or that files are missing. You may also be barraged with pop-up windows that you can’t close. It may also behave strangely, crashing and restarting without any prompting from you.
Other malware (like spyware) can be sneaky, secretly recording keystrokes or taking over your camera. Ransomware is perhaps the most obvious, as it will often display an alert telling you that you have been locked out and give you instructions on how to get access back (usually by sending bitcoin).
Examples of Malware
Malware has been around almost as long as computers themselves, first being spread by floppy disks and then graduating to macros. One of the first widespread infections was called the “ILOVEYOU” virus, created in 2000. It was a simple email that purported to have a love letter attached; once opened, it overwrote all personal files and sent itself to people in the user’s address book. It became one of the most damaging viruses of all time.
A more recent, infamous attack was the Locky ransomware virus in 2016. This virus was first spread through a Microsoft Word macro document attached to an email. In its first day, it infected half a million computers and went on to attack millions more, including hospitals and police stations. Those systems with the Locky virus were greeted with an alert screen instructing them to download a TOR browser and deliver a certain amount of bitcoin.
But these are only the tip of the iceberg when it comes to malware, as new variants are popping up every day.
How Do I Get Rid of Malware?
If your computer starts acting strangely or you think you may be infected with malware, there are some things you should do right away. If you are on a PC, the first thing you’ll want to do is go into safe mode and then delete any temporary files.
Next, you’ll want to scan for infections using software such as Malwarebytes (which is free to scan and clean, but charges for advanced features). You will need to download it to your computer or put it on a USB drive. After you’ve found the malware and cleaned it, PC World also recommends you check your browser settings to make sure they haven’t been changed to a rogue website homepage, which could start the infection process all over again.
If you find yourself locked out of your computer due to a ransomware attack, the FBI strongly advises against paying the ransom. Not only does it embolden the criminals, but there is also no guarantee the malware is completely gone or that it won’t happen again.
How to Prevent Malware Infections
Preventing malware infection requires a multi-pronged approach. Of course you’ll want an antivirus program that can spot malware and block it. You’ll also want a smart email filter that can flag and isolate potential spam messages with dangerous links or attachments; there are more advanced programs that specifically look out for ransomware as well as “sandbox” (isolate) potentially dangerous applications.
Additionally, all computers on the network should be running the latest operating system and browser software updates, which will patch known vulnerabilities. Web browser settings should disable autoplay of Java and Flash (often used for malvertising). Networks should all be secure https connections and have strong passwords and two-factor authentication for access. There should also be clear policies about smartphone use on the network as well as what to do or who to turn to in case of cyber-emergency.
But even if you have all the best software, hardware and protocols in place, there is still a chance of a malware breach. Why? The human error factor, which sophisticated hackers try to exploit. That’s why it’s also important to include awareness training in every prevention program. This should be a set of mandatory lessons that should be engaging and interactive, not just a video that can run in the background.
Awareness courses should be able to be administered automatically and monitored for completion remotely. No one should be exempt from taking them, including C-Level executives who are often targeted in malware attacks.
Metrics of course completion can tell you a lot about your company’s preparedness; however, it’s also imperative that you surreptitiously test the organization’s overall resilience. This can be done by using a phishing simulation program that will allow you to send phony spam emails to your workforce; if someone in the company clicks on a link or attachment, you can be alerted, and they can be required to take additional training.
What should you learn next?
Conclusion
Malware is a very real, constant threat that can cripple any organization. Protecting yourself involves a continuous effort to keep your employees vigilant and the hackers at bay.
Sources
- Defining Malware: FAQ, Microsoft
- Everything you need to know about macro viruses, Norton
- Locky Virus, The High Tech Society
- How did the WannaCry ransomworm spread?, Malwarebytes Labs
- Incidents of Ransomware on the Rise: Protect Yourself and Your Organization, FBI
- How to remove malware from your Windows PC, PCWorld
- 10 easy ways to prevent malware infection, Malwarebytes Labs
In this Series
- What Is Malware?
- Free Valentine's Day cybersecurity cards: Keep your love secure!
- How to design effective cybersecurity policies
- What is attack surface management and how it makes the enterprise more secure
- Is a cybersecurity boot camp worth it?
- The aftermath: An analysis of recent security breaches
- Understanding cybersecurity breaches: Types, common causes and potential risks
- Breaking the Silo: Integrating Email Security with XDR
- What is Security Service Edge (SSE)?
- Cybersecurity in Biden’s era
- Password security: Using Active Directory password policy
- Inside a DDoS attack against a bank: What happened and how it was stopped
- Inside Capital One’s game-changing breach: What happened and key lessons
- A DevSecOps process for ransomware prevention
- What is Digital Risk Protection (DRP)?
- How to choose and harden your VPN: Best practices from NSA & CISA
- Will immersive technology evolve or solve cybercrime?
- Twitch and YouTube abuse: How to stop online harassment
- Can your personality indicate how you’ll react to a cyberthreat?
- The 5 biggest cryptocurrency heists of all time
- Pay GDPR? No thanks, we’d rather pay cybercriminals
- Customer data protection: A comprehensive cybersecurity guide for companies
- Online certification opportunities: 4 vendors who offer online certification exams [updated 2021]
- FLoC delayed: what does this mean for security and privacy?
- Stolen company credentials used within hours, study says
- Don’t use CAPTCHA? Here are 9 CAPTCHA alternatives
- 10 ways to build a cybersecurity team that sticks
- Verizon DBIR 2021 summary: 7 things you should know
- 2021 cybersecurity executive order: Everything you need to know
- Kali Linux: Top 5 tools for stress testing
- Android security: 7 tips and tricks to secure you and your workforce [updated 2021]
- Mobile emulator farms: What are they and how they work
- 3 tracking technologies and their impact on privacy
- In-game currency & money laundering schemes: Fortnite, World of Warcraft & more
- Quantitative risk analysis [updated 2021]
- Understanding DNS sinkholes - A weapon against malware [updated 2021]
- Python for network penetration testing: An overview
- Python for exploit development: Common vulnerabilities and exploits
- Python for exploit development: All about buffer overflows
- Python language basics: understanding exception handling
- Python for pentesting: Programming, exploits and attacks
- Increasing security by hardening the CI/CD build infrastructure
- Pros and cons of public vs internal container image repositories
- CI/CD container security considerations
- Vulnerability scanning inside and outside the container
- How Docker primitives secure container environments
- Top 4 Zapier security risks
- Common container misconfigurations and how to prevent them
- Building container images using Dockerfile best practices
- Securing containers using Docker isolation
- Introduction to container security
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
General security
Free Valentine's Day cybersecurity cards: Keep your love secure!
General security
General security