In today’s digital world, with modern businesses relying heavily on the internet for everything from ecommerce to online communication, it’s imperative to take online security seriously. Research from Kaspersky shows that in 2019 alone, the firm's products repelled 975,491,360 attacks, with some 24,610,126 unique malicious objects identified and almost one in five computer users worldwide (19.8%) subject to at least one malware attack.
What is malware?
Malware is a wide-ranging term, but it essentially describes any type of software designed to infiltrate your machine and steal sensitive information, compromise software or simply wreak havoc, and there are a great many families of malware that you need to be aware of and be sufficiently protected against.
The damage done by malware can be huge, both in financial and reputational terms. In 2017, the WannaCry ransomware attack shut down hundreds of thousands of computers worldwide and cost the NHS in the UK some $113 million (£92 million). Going back further, the 2015 hacking attack on Sony Pictures badly damaged the firm's reputation when stolen emails were published, eventually leading to the departure of the firm's co-chair Amy Pascal. One of the most recent attacks took place in Baltimore, in May 2019, which cost the American city in excess of $18 million.
What are the most common types of malware?
In order to combat malware, it’s critical that you recognize the different types of malware to avoid any financial and reputation repercussions. Here’s our list of the most significant PC malware threats.
1. Fileless malware
An increasingly common trend is fileless malware, sometimes referred to as 'non malware'. These can be particularly challenging to deal with as, unlike more traditional attacks, they leave very little trace and are designed specifically to evade detection by tools such as antivirus software.
Fileless malware uses legitimate tools within the operating system's software, applications and protocols to infiltrate networks and cause disruption. PowerShell, for example, is a popular target for these attacks as it offers hackers access to everything they might need within a Windows system. However, traditional intrusion detection tools largely ignore its day-to-day activities such as automating tasks and managing configurations, making it a great place for hackers to hide malicious code.
According to research by WatchGuard, fileless malware rates increased by almost 900% in 2020 compared with the previous year, illustrating how useful this technique has become to criminals. While they can be hard to spot, an effective endpoint detection and response solution that constantly monitors your systems for unusual behavior can help make these attacks more visible.
Adware, short for advertising-supported software, is a type of malware that delivers unwanted advertisements such as pop-up ads. Often, free versions of software will be inundated with adware which can not only be intrusive but can also often be infected with other viruses such as spyware, which tracks user activity and steals information.
Adware is normally approved by software technicians and advertisers, and typically isn’t malicious, but when bundled with spyware it can be very dangerous. A report from Kaspersky shows it’s particularly problematic on mobile devices, making up almost one in five malware cases on these platforms.
Bots are popular software programs created to perform specific operations. Bots can be used for non-malicious purposes and aren’t uncommon, however they can often be used by third parties to perform DDoS attacks, render advertisements on websites, collect server data and distribute malware through platforms like downloading websites. According to one report, as many as one in five website requests were generated by bad bots in 2018.
A rootkit is a type of software that hides the actuality that a computer has been compromised by replacing vital system functions, which oftentimes means that they are overlooked by your antivirus software by ‘hiding in plain sight’. The rootkit itself isn’t harmful, but it is the malicious software that it hides – malware, bots and worms – that is harmful to a computer.
A 2016 report from McAfee shows that the number of new rootkit malware samples dropped sharply, continuing a long-term downward trend in this type of attack. However, rootkits should not be ignored, as when the rootkit has infiltrated the operating system it automatically activates before boot up and therefore makes it extremely difficult to detect. This therefore presents a dynamic way for the targeted computer to be accessed without the users notice, and the very nature of the rootkit makes them notoriously difficult to remove, but many anti-virus programs such as Kasperky have tools that can be used to remove them.
5. Computer viruses
Computer viruses are the most commonly known form of malware, with around 57% of computers with malware being those infected with viruses. The terms 'malware' and 'virus' are often used interchangeably, but in fact, a computer virus is a specific type of malware that, like a real virus, is capable of duplicating itself and spreading to other devices, attaching itself to various programs and executing code when a user launches an infected program.
Damage from viruses can be very severe as they can spread through script files, documents and cross-site scripting vulnerabilities in web apps. Typically, they:
- Steal data
- Attack host computers and networks
- Create botnets
- Steal money
- Render advertisements
As businesses fight various types of malware in an increasingly digital world, computer viruses have become rare, comprising less than 10% of all malware. But nevertheless, a strong and up to date antivirus program is the best way to protect a device against viruses; examples include Norton and Avast.
Worms are another common form of malware. Typically, they spread over computer networks by exploiting vulnerabilities in operating systems. They cause harm to host networks by consuming bandwidth and overloading web servers. They can also deliver “payloads” – pieces of code written to perform specific actions on infected computers that can be damaging. Like viruses, they are designed to steal data, delete files and create botnets. Unlike viruses however, worms can spread without the aid of human intervention, for example by creating mass emails with infected attachments to email lists.
A Trojan is a type of malware that sneaks onto your device by disguising itself as a regular file or piece of software and duping users into downloading or installing it. It can give third party access to your device, giving the hacker the ability to steal sensitive data and information, install more malware, modify files, monitor user activity, create botnets and anonymize internet activity by the attacker.
The use of Trojans is, however, on the decline. Malwarebytes' 2020 State of Malware report found, for example, that in 2019, the volume of these attacks fell by 7% from 2018.
Spyware is a form of malware that obtains covert information from an infected computer without the user’s permission or knowledge. These activities can include activity monitoring, collecting keystrokes and data harvesting to name a few. Spyware can be used to capture incredibly sensitive information and is one of the worst forms of malware on this list as it can have a long list of additional capabilities, ranging from modifying security settings of software or browsers to interfering with network connections.
Spyware spreads by exploiting software vulnerabilities, bundling itself with legitimate software, or attaching itself via Trojans. With government research into cyber-security showing that nearly 7 out of 10 attacks on all firms involved spyware and viruses, it is imperative to ensure that you have company-wide antivirus software in place.
Being aware of the kinds of malware that could infect your network is essential. There are many families of malicious software to be aware of and taking the time to familiarize yourself and your employees with them and their symptoms can not only be greatly beneficial to your company’s security, but to your personal online security too.
Keystroke loggers, or keyloggers, are an emerging class of malware that aims to steal a user's information by creating a record of every entry made on a device's keyboard, and are often deployed as part of a Trojan attack. While there are legitimate uses for this type of software, this also makes them very hard for many antimalware programs to detect. Hackers can use them to gather information such as passwords, bank details or other confidential details.
Another type of malware that's growing in popularity, ransomware works by encrypting critical files on a system, then demanding payment in exchange for the decryption key. This type of malware attack can be especially crippling to many businesses, as it can leave them without access to essential files and applications.
On average, hackers charge around $13,000 to recover files, but for larger, targeted attacks the cost of retrieving files can be hundreds of thousands of dollars, with no guarantee the criminals will keep their word if paid. The 2017 WannaCry attack is perhaps the best-known ransomware attack. So what can you do if you fall victim to this malicious software? Check out our step-by-step guide to learn how to deal with this threat.
11. Spear phishing
Spear phishing isn't a type of malware in itself, but rather a common delivery method that it's important for business users to be aware of. It works by sending targeted emails to individuals encouraging them to open an attachment or click on a web link, from which malware can be downloaded or details harvested.
For example, it could purport to come from an individual or organization you have an existing relationship with, which makes it more likely for the recipient to trust what it says and follow the instructions. Teaching employees how to recognize and respond to these attacks is one of the best things any business can do to reduce its risk of falling victim to this type of malware.
Like spear phishing, scareware uses social engineering to try and trick people into downloading more dangerous malware, or paying for unnecessary software. A typical piece of scareware may work by creating a popup on a user's machine warning them their device has been infected by malware, then directing them to a bogus website where they’re encouraged to download a fake antivirus program, which might do nothing or may even actively infect a PC with other malware.
Learn more: The State of Enterprise Security in 2022 [Infographic]
Malware protection best practices
Malware remains a risk for every business, but by sticking to a few basic principles, you can ensure you're keeping your network as safe as possible. By focusing on key best practices such as protecting your endpoints and having the toughest possible perimeter defenses in place to prevent these threats entering your systems, you can make life as hard as possible for hackers.
Here are several malware prevention tips to keep in mind:
- Focus on your entry points - The use of technology such as next-generation firewalls, intrusion detection and prevention systems and endpoint monitoring software to protect your perimeter is a crucial first step in guarding against malware.
- Make email security a priority - Email remains a key channel for incoming malware, with hackers often looking to take advantage of human carelessness to download files or click on fake links. Therefore, smart protection for these solutions is a must-have.
- Keep your frontline defenses up to date - Ensure that all applications and systems are patched frequently to guard against any newly-discovered vulnerabilities. Putting a clear schedule in place for this helps organize the process and reduce the chances of anything slipping through unnoticed.
- Make strong passwords a priority - Weak, repeated passwords are a hacker's best friend. Make life harder for criminals by having clear guidelines in place for passwords - including a minimum length as well as a combination of different character types. This is made much simpler through the use of a password manager.
- Educate your employees - Human error is the number one cause of malware gaining access to networks. Falling for phishing attempts, visiting insecure sites or connecting personal devices with weak security to networks all violate best practices, so it's vital staff members are educated on what's expected of them.
- 7 Ransomware Prevention Tactics to Fortify Your Business Defenses
- Forget Ransomware - Here's Why Extortionware Has Security Pros on Red Alert
- How to Create a Successful Cybersecurity Plan
Access the latest business knowledge in IT
Join the conversation...