Cybersec Basic 3: What is Malware?

Malware is the hottest topic in cybersecurity in recent years. Industries across the globe have been experiencing a stream of malware attacks that have caused significant damage. Cybercriminals have made malware into a large profiting business, extorting millions of dollars in the process.

What is Malware?

Malware is a term used to describe any type of malicious software that is created to cause harm and exploit devices, servers, or networks. Malicious software such as trojans, spyware, and ransomware are just some examples that fall under this category. Threat actors use malware to gain access to a target’s system and extract data that they can use as leverage over victims for financial gain.

Malware can be spread in various ways. Threat actors would include it in email attachments, fake software installations, infected apps, phishing emails, malicious advertising, infected drives, and text messages. Recently, there have been reports of malware being found in graphics cards. It is reported that cybercriminals are selling malware-infected GPUs to unsuspecting victims. There has also been an account of the proof-of-concept (PoC) technique— which allows storing malware on the graphics card— being sold on a hacker forum. In the post, the seller stated this PoC technique keeps the malicious code safe from being detected through RAM scanning by antivirus software, making it a possible serious malware threat to users.

Types of Malware

There are different kinds of malware that users should be aware of. Here are five common types:

  1. Virus

A computer virus is what most regular users know as malicious software. A computer virus has the ability to attach to another program and replicate and spread when a user runs it on their system. It is the only type of malware that can infect other files, which makes them hard to eliminate.

  1. Spyware

As the name implies, spyware is malware that allows hackers to spy on users without their knowledge. It lets threat actors collect personal data such as passwords or other sensitive data and use it to exploit their victims. However, spyware has also been used by law enforcement and other government agencies to monitor communications in sensitive areas or investigations. Either way, having spyware in a device indicates that the user is open to a breach.

  1. Botnets

Botnets, also known as robot networks, is known as a network of computers that are linked together by malware. Using it, threat actors will secretly take control of the infected devices, which can range from just a couple of devices to millions. Botnets enable threat actors to steal sensitive data, spy on users, or launch DDoS attacks on networks and websites. Bots are programmed to carry out the specific operation and since they are hard to detect, they usually go unnoticed.

  1. Trojans

Like the Greek story, Trojan is a malware program that masquerades as legitimate programs such as antivirus software. It is an old but common form of malware that threat actors still use to this day. Users are tricked into installing the malicious program on their device and, like the hidden men in the wooden horse, they will attack the user’s system. This gives threat actors to personal data such as banking information, system information, login credentials, and more.

  1. Ransomware

Recently, ransomware has been making headlines. Large-scale companies such as Colonial Pipeline and Accenture have fallen victim to ransomware attacks just this year. Ransomware is a type of malware that encrypts a target’s data and holds it hostage until the target pays the ransom. Threat actors have targeted a range of organizations such as government agencies, large-scale businesses, and even hospitals. Ransomware groups usually study their targets beforehand to understand the behavior and their financial status to know what the victim can afford. They usually use social engineering techniques to infect a system by tricking users to download or click malicious attachments or links. It is expected that ransomware attack damages will exceed $265 billion by 2031 globally.

How to Protect Yourself 

  1. Be cautious

It’s important to always be wary of any suspicious links, emails, and attachments. These days there are countless of apps that help users scan downloads and verify links to detect if it is safe or harmful. Threat actors usually hide malware through these avenues and being cautious of suspicious links or attachments can prevent malware from infecting your device.

  1. Install trusted software

As illustrated above, some malware is found posing as legitimate programs such as antivirus software online. Purchasing security software from legitimate companies or official app stores ensures users that their programs are safe. Also, installing security defenses like antivirus or malware software and using a firewall can reduce the likelihood of being compromised by malware. Having layers of security helps fend off attacks and stop threat actors from gaining access to sensitive data and systems.

  1. Regular update and check-up

Maintaining regular updates for software is an important step to take to prevent malware attacks. Threat actors are constantly looking for vulnerabilities to gain access and regularly updating software eliminates previous vulnerabilities of outdated software. Also, it is important to run regular check-ups by scanning devices to ensure that devices are not corrupted.

  1. Awareness

Creating awareness of what malware is and the harm that it can potentially cause can greatly benefit users and companies alike. This is usually overlooked but numerous cybersecurity experts agree that awareness is a vital factor in cyberattack prevention. The majority of online users are not aware of the dangers that malware can inflict so giving awareness to the different types of malware present online can help reduce compromises.

Cyber crimes have been on a steady incline throughout the years. Hackers have made it a booming industry that gains millions and millions of dollars a year at the expense of others. Malware, especially ransomware, has made headlines with groups attacking industries and organizations across the globe and they are not slowing down. Companies need protection now more than ever and establishing protocols and a detailed cybersecurity plan can help protect them from attacks. Malware is a serious threat that can potentially cause millions in damage and having the proper security in place and detecting them early can make a huge difference for you and your company.

About IPV Network

Since 2016, IPV Network has been a trusted partner of leading enterprises in the Philippines. It brings the best-of-breed cybersecurity solutions. IPV network helps businesses identify, protect, detect, respond, and recover from cyber threats. Email us at [email protected] or call (02) 8564 0626 to get your FREE cybersecurity posture assessment!

References:

Fruhlinger, Josh. “Malware Explained: How to Prevent, Detect and Recover from It.” CSO Online, 17 May 2019, www.csoonline.com/article/3295877/what-is-malware-viruses-worms-trojans-and-beyond.html.

Grimes, Roger. “9 Types of Malware and How to Recognize Them.” CSO Online, 17 Nov. 2020, www.csoonline.com/article/2615925/security-your-quick-guide-to-malware-types.html.

“How To Recognize, Remove, and Avoid Malware.” Consumer Information, 28 May 2021, www.consumer.ftc.gov/articles/how-recognize-remove-and-avoid-malware.

Palmer, Danny. “What Is Malware? Everything You Need to Know about Viruses, Trojans and Malicious Software.” ZDNet, 30 May 2018, www.zdnet.com/article/what-is-malware-everything-you-need-to-know-about-viruses-trojans-and-malicious-software.

Humphries, Matthew. “Malware Found a New Place to Hide: Graphics Cards.” PCMag Asia, 1 Sept. 2021, sea.pcmag.com/security/45745/malware-found-a-new-place-to-hide-graphics-cards.

Zamora, Wendy. “10 Easy Ways to Prevent Malware Infection.” Malwarebytes Labs, 10 July 2019, blog.malwarebytes.com/101/2016/08/10-easy-ways-to-prevent-malware-infection.

Braue, David. “Global Ransomware Damage Costs Predicted To Exceed $265 Billion By 2031.” Cybercrime Magazine, 11 June 2021, cybersecurityventures.com/global-ransomware-damage-costs-predicted-to-reach-250-billion-usd-by-2031.

 

Previous

Next