When it comes to cyber-attacks, both business users and individuals are continuously struck by cyber criminals and their malicious intent.
In today’s digital world, with modern businesses relying heavily on the internet for everything from eCommerce to online communication, it’s imperative to take online security seriously. Research from Kaspersky shows that in 2015 alone, there were 1,966,324 registered notifications about attempted malware infections that aimed to steal money via online access to bank accounts, and Symantec states that a staggering 429 million personal information records were exposed in 2015.
Malware and its many components is a malicious type of software designed by hackers that can infiltrate your machine to steal sensitive information, compromise software or simply wreak havoc, and there are a great many families of malware that you need to be aware of and be sufficiently protected against. The Sony hacks from 2015 are a prime example of the damage that can come from these malevolent attacks, so it is therefore vital that company employees are sufficiently trained to recognize and deal with potential threats, particularly with the growing popularity of BYOD and working from home which often result in reduced or challenging security measures. In this article we will look at:
- Malware threats to be aware of
- The different families of malware and how to combat them
- Effective ways to protect your systems
Adware, short for advertising-supported software, is a type of malware that delivers unwanted advertisements such as pop-up ads. Often times, free versions of software will be inundated with adware which can not only be intrusive but can also often be infected with other viruses such as spyware, which tracks user activity and steals information.
Adware is normally approved by software technicians and advertisers, and typically it isn’t malicious, but when bundled with spyware it can be very dangerous. A report from Kasperksy shows that the number of malicious adware installation packages detected on mobile devices in late 2015 was 1,583,094, up 1.5 percent from a report earlier in the year. This type of malware can often be tackled by using applications such as AdBlock, which is specifically designed to reduce unwanted advertising.
Bots are popular software programs created to perform specific operations. Bots can be used for non-malicious purposes and are not uncommon, however they canoften be used by third parties to perform DDoS attacks, render advertisements on websites, collect server data and distribute malware through platforms like downloading websites. According to a 2015 study by WhiteOps, sophisticated bots accounted for 2.8 percent of publishers’ traffic coming from browsers on desktop systems, laptop computers and gaming consoles. Normally bots are combated with CAPTCHA tests that verify users as a human.
A rootkit is a type of software that hides the actuality that a computer has been compromised by replacing vital system functions, which oftentimes means that they are overlooked by your antivirus software by ‘hiding in plain sight’. The rootkit itself isn’t harmful, but it is the malicious software that it hides – malware, bots and worms – that is harmful to a computer.
A 2016 report from McAfee shows that the number of new rootkit malware samples dropped sharply, continuing a long-term downward trend in this type of attack. However, rootkits should not be ignored, as when the rootkit has infiltrated the operating system it automatically activates before boot up and therefore makes it extremely difficult to detect. This therefore presents a dynamic way for the targeted computer to be accessed without the users notice, and the very nature of the rootkit makes them notoriously difficult to remove, but many anti-virus programs such as Kasperky have tools that can be used to remove them.
Viruses are the more commonly known form of malware, with around 57% of computers that are infected with malware being those infected with viruses. Like a real virus, they are capable of duplicating themselves and spreading to other devices, attaching themselves to various programs and executing code when a user launches an infected program. Damage from viruses can be very severe as they can spread through script files, documents and cross-site scripting vulnerabilities in web apps. Typically, they steal data, attack host computers and networks, create botnets, steal money, render advertisements and more. A strong and up to date antivirus is the best way to protect a device against viruses; examples include Norton and Avast.
Worms are another common form of malware. Typically, they spread over computer networks by exploiting vulnerabilities in operating systems. They cause harm to host networks by consuming bandwidth and overloading web servers. They can also deliver “payloads” – pieces of code written to perform specific actions on infected computers that can be damaging. Like viruses, they are designed to steal data, delete files and create botnets. Unlike viruses however, worms can spread without the aid of human intervention, for example by creating mass emails with infected attachments to email lists.
A Trojan horse is a type of malware that sneaks onto your device by disguising itself as a regular file or piece of software and duping users into downloading or installing it. It can give third party access to your device, giving the hacker the ability to steal sensitive data and information, install more malware, modify files, monitor user activity, create botnets and anonymize internet activity by the attacker.
As of 2013, there were 27 million different types of malware; 21% of which were Trojans.
Spyware is a form of malware that obtains covert information from an infected computer without the user’s permission or knowledge. These activities can include activity monitoring, collecting keystrokes and data harvesting to name a few. Spyware can be used to capture incredibly sensitive information and is one of the worst forms of malware on this list as it can have a long list of additional capabilities, ranging from modifying security settings of software or browsers to interfering with network connections.
Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or attaching itself via Trojans. With government research into cyber-security showing that nearly 7 out of 10 attacks on all firms involved spyware and viruses, it is imperative to ensure that you have company-wide antivirus software in place.
Being aware of the kinds of malware that could infect your network is essential. There are many families of malicious software to be aware of and taking the time to familiarize yourself and your employees with them and their symptoms can not only be greatly beneficial to your company’s security, but to your personal online security too.