Malware—short for malicious software—is the umbrella term for any type of program created to inflict harm on a computer, server, or network. There is a broad range of variation in the degree of damage malware is capable of causing. While some malware simply causes an annoyance, most are significantly more hazardous, deleting sensitive data and preventing mission-critical operating systems from functioning at all.
Setting up effective defenses against the threat of malware attacks is an essential component of any business’ cybersecurity strategy. In order to establish appropriate safeguards, however, you must understand the enemy you’re defending against. With that in mind, here is a quick overview of malware—what it is, how your systems get infected by it, and how you can defeat it.
Types of Malware
Malware exists in many forms, and each type has a distinct attack strategy and/or spreads in a particular way. Categories of malware include:
Viruses – A virus is a malicious code that is attached to or inserted within a host program. Once the program is opened or executed, the attached virus replicates and spreads to other programs. Computer viruses usually originate from an executable file.
Worms – A worm also replicates itself, but unlike a virus it is a standalone program that is not attached to a “host.” They are particularly dangerous because they can spread across a shared network on their own and rapidly infect other computers.
Trojans – A trojan is standalone malware that disguises itself as legitimate software (e.g., an antivirus program) to fool the victim into downloading, opening, and subsequently activating it. Unlike viruses and worms, trojans cannot replicate themselves.
Adware – Adware displays intrusive advertisements on a computer, usually through the web browser (e.g., banner ads). Often, these advertisements install additional malware on the computer if the user clicks on them.
Spyware – Spyware is specially engineered to gather information about activity associated with a computer. Some spyware is designed to record and transmit keystrokes, which can expose user passwords, credit card numbers, and other sensitive data. Trojans and adware can sometimes be classified as spyware.
Rootkits – A rootkit is intended to give the hacker administrator-level (“root”) access to a computer or system—essentially allowing them to “take control” from a remote location. Typically, rootkits are designed to enable this access without being detected by authorized users.
Ransomware – Ransomware uses encryption to prevent access to a system, either in whole or in part, until a ransom is paid (usually in bitcoins via a link provided by the malware).
So-called blended threats (or blended attacks) have characteristics of multiple types of malwares.
How Malware Infections Begin
Most malware infections originate from an avoidable action taken by a computer user. People can inadvertently install malware on a computer in a variety of ways, including:
- Downloading an infected email attachment (usually an .exe file)
- Visiting a compromised website
- Clicking a phishing link in an email or instant message, in which criminals try to trick you into surrendering personal information
- “Malvertizing” or clicking on internet advertisements that redirect a user to malicious sites designed to look like legitimate sites or compromised sites that have been infected
- Downloading infected software from the internet
- Plugging a compromised USB flash drive into a computer
Any desktop, laptop, or mobile device, whether it runs on a Mac or Windows OS, is susceptible to malware infection. Even devices that are not connected to the internet can be compromised by installing an infected disk or flash drive.
What Malware Does
Generally speaking, malware cannot damage computer hardware. It can, however, cause irreplaceable loss of data to a computer system and major disruption to your operational processes. A malware infection is often the initial stage in a data breach that leaks your customers’ and/or employees’ sensitive personal information to threat actors or hijacks critical data required for processes to function for ransom.
Some malware infections are quite obvious. If you’re infected with ransomware, for instance, it’s difficult to ignore the attacker’s demand for payment. In many cases though malware infections are much more insidious, working behind the scenes for weeks undetected, collecting valuable data or finding its way to other users. Indications of possible infection include:
- Excessive pop-up ads in your browser
- Regular crashing or freezing
- Reduced performance
- Your antivirus keeps turning off
- Unusually high hard drive activity (e.g., 100% disk usage in Task Manager)
- Unfamiliar desktop icons or unexplained apps
- Abnormal surge in data consumption
- Unexplained charges
- New browser homepage
- Strange spam emails to contacts
- Battery draining faster
Though some malware symptoms may seem mild, there is no such thing as a “harmless” infection. The presence of malware on your computer is by itself sufficient to cause significant degradation of system performance and potentially wipe out valuable data.
Tips to Prevent Malware from Infecting Your Computer
Malware infections tend to result from user error, so your actions play a big part in helping to keep data safe. To stay protected from malware and minimize your chances of a security breach, it is important to learn about cybersecurity best practices. Here are some precautionary steps you can follow to protect your data.
Back up your data – Ransomware attacks and malware-related system crashes can rob you of your data. Making sure your data is backed up in secure, portable server storage units like the Ciphertex SecureNAS Series ensures you have a copy of your data, in the case the original is compromised, removing the risk of extortion.
Regular software updates – Unpatched systems and outdated antivirus software are vulnerabilities through which attackers can gain access to your computer. Keep your systems, browsers, and software regularly updated.
Educate employees – Companies must develop comprehensive cybersecurity policies and ensure employees understand the hazards posed by opening emails from unfamiliar sources, plugging in unfamiliar USB devices, and downloading software from suspicious websites. A single unsuspecting employee could click on the wrong advertisement and cause a company-wide breach.
Implement strong passwords – It’s old advice, but it remains effective for reducing the risk of malware infection and other cyber-attacks. Be sure not to store passwords in the browser or share passwords with other users.
Restrict use of administrator accounts – The zero-trust model focuses on a “least access policy” that only grants a user access to the resources that are necessary for their role or job since malware infections frequently exploit the system privileges in place at the time of initial infection. Protecting the network requires IT teams to know who has access to what resources at all times.
Monitor internet traffic – If possible, try to monitor incoming and outgoing traffic for signs of suspicious activity. Sometimes it’s possible to stop ransomware infections and other cyber attacks by blocking them in the early stages, before a connection can be established with a threat actor.
Avoid third-party app stores – You’re far less likely to download malware from an official vendor.
Ciphertex produces highly secure portable data storage systems that utilize the power of AES-256 encryption to help businesses keep valuable information safe. All our products are manufactured at an ISO9001 facility in Chatsworth, CA. For more information, call us at 818-773-8989.