What is Malware, and How Can You Stop It?

November 14, 2019 Eric Dosal Eric Dosal

Malware is an ever-present threat for modern organizations and individuals alike. The antivirus/antimalware industry has numerous tech giants that actively work to identify new types of malware and create effective counters for each. However, as widespread as malware is and as prominent a threat as it can be, malware is often poorly understood.

What is malware? More importantly, how can you stop it from causing harm? These questions are fairly basic, but vital. So, to help raise some cybersecurity awareness and counter malware attacks, here’s an explanation of this cyber threat and some of its most common forms:

What is Malware?

Malware is a portmanteau of “malicious software.” The term can be applied to any computer program/application/code that can be used to steal data or cause harm to a computer or network. There are many, many different types of malware that cybercriminals can use, with different impacts, attack methods, and countermeasures.

According to a report by Malwarebytes, there were over 750 million detections of malware amongst consumers and over 71 million such detections amongst businesses in 2018 alone. That’s roughly 2.25 million malware detections every day. This doesn’t even begin to cover the countless instances of malware intrusion that might go undetected.

The Most Common Types of Malware Targeting Businesses

The Malwarebytes report details which types of malware are the most frequently deployed against businesses in North America. The top 10 malware being deployed against American businesses are, in order:

  1. Trojan Malware. This term is used for any malware designed to “sneak” into a system undetected before carrying out its primary function—typically the stealing of data. Most types of malware have some limited capacity for this nowadays, as it is necessary to bypass modern network security tools.

  2. Hijacker Malware. Hijacker malware changes a target’s web browser settings without their knowledge to display unwanted ads or to redirect them to scam-filled websites (which are often spoofed copies of legitimate sites).

  3. Riskware Tool Malware. Riskware is a term for legitimate programs that can be exploited by malicious users. Riskware tool malware leverages these vulnerabilities to cause harm or steal data.

  4. Adware Malware. Adware generates unwanted advertisements and forces them into a user’s view—covering up the screen and preventing the target from completing work. These ads often have links to websites or file downloads that are rife with other malicious software.

  5. Spyware Malware. This category of malware includes many different tools meant to log user interactions and other data—such as keyloggers. While CSO Online notes that “Spyware is most often used by people who want to check on the computer activities of loved ones,” malicious actors can use this type of malware to record usernames, passwords, and other sensitive information for later use. This enables them to carry out identity theft and other forms of fraud.

  6. Backdoor Malware. Backdoors are a kind of program or code that allows someone to remotely access a system or application without using legitimate authentication processes. Instead, they simply access the backdoor program and make whatever changes they want in the system or application with the backdoor. This type of malware can be especially dangerous because it gives attackers almost unfettered access to the compromised system.

  7. Worm Malware. Worms are an old type of malware that is capable of copying itself without any input from a user. These malware programs can overload a system and clog data storage on a device—making it a significant cyber threat for companies that need to process and store sensitive information on a daily basis.

  8. Ransomware Malware. We’ve talked about ransomware before, but here’s a refresher. Ransomware is a type of malicious software that encrypts all of the data on a target’s computer or network, then presents the victim with an ultimatum: “Pay the ransom or we delete the encryption key.” This renders all of the data on the affected system useless until it’s decrypted—which can be devastating to businesses that don’t have a remote backup of their mission-critical data.

  9. Rogue Malware. Rogue malware programs pose as network security software (or other programs) and generates a warning that the user’s computer has been infected with a virus or other malware. The rogue malware then urges the user to take immediate action by clicking on the fake program prompt… which typically leads to the download of actual malware. This malicious software could be considered a type of social engineering attack because it relies on an action taken by the target to succeed.

  10. Rootkit Malware. Rootkits are closely related to Trojans and backdoors, being hard-to-detect malware that allows malicious actors to install or modify hidden processes. Rootkits are distinctive because they’re in the system kernel. This means they’re booted up before the computer’s operating system (OS), allowing them to supersede system processes while making the rootkit very difficult to detect. The easiest way to fix a rootkit infection is to completely remove the infected system’s OS and reinstall it from a trusted, “clean” source.

What Can You Do to Stop Malware?

While it’s unlikely that any cybersecurity strategy will ever be 100% proof against every type of malware and malware insertion strategy, there are some things that businesses can do to minimize their risks.

Of course, installing basic antivirus/antimalware programs is a given for detecting and safely removing most common types of malware from network security endpoints. However, a cybersecurity strategy needs to go beyond this basic measure to ensure long-term safety.

Using firewalls to isolate sensitive databases on the network, creating remote backups of critical systems and information, training employees to recognize social attacks (such as phishing or rogue malware), and regularly checking your network for signs of malware intrusion or potential security gaps that could be exploited by attackers are all crucial cybersecurity measures that modern businesses need to employ—preferably sooner rather than later.

After all, there are more than 2 million malware detections every single day, so it’s not a matter of IF your organization will be affected by malware, but rather WHEN your organization will be hit.

Need help forming a cybersecurity strategy to counter cyber threats? Reach out to the Compuquip team to get started.

vulnerability-management-services

cdo-guide-to-omnichannel-security