Malware, short for malicious software, is a blanket term for viruses, worms, trojans and other harmful computer programs hackers use to wreak destruction and gain access to sensitive information. Malware is a catch-all term to refer to any software designed to cause damage to a single computer, server, or computer network. In other words, software is identified as malware based on its intended use, rather than a particular technique or technology used to build it.
This means that the question of, say, what the difference is between malware and a virus misses the point a bit: a virus is a type of malware, so all viruses are malware (but not every piece of malware is a virus).
The way malware goes about doing its damage can be helpful in categorizing what kind of malware you're dealing with. The following is a list of common types of malware, but it's hardly exhaustive:
Any specific piece of malware has both a means of infection and a behavioral category. So, for instance, WannaCry is a ransomware worm. And a particular piece of malware might have different forms with different attack vectors: for instance, the Emotet banking malware has been spotted in the wild as both a trojan and a worm.
A look at the Center for Internet Security's top 10 malware offenders for June of 2018 gives you a good sense of the types of malware out there. By far the most common infection vector is via spam email, which tricks users into activating the malware, Trojan-style. WannaCry and Emotet are the most prevalent malware on the list, but many others, including NanoCore and Gh0st, are what's called Remote Access Trojans or RATs—essentially, rootkits that propagate like Trojans. Cryptocurrency malware like CoinMiner rounds out the list.
In the past, before the pervasive spread of the World Wide Web, malware and viruses would need to be manually, physically, delivered, via floppy disc or CD Rom.
In many cases, malware is still delivered by using an external device, although nowadays it is most likely to be delivered by a flash drive or USB stick. There are instances of USB sticks being left in car parks outside targeted organizations, in the hope that someone picks one up out of curiosity and plugs it into a computer connected to the network.
However, more common now is malware that is delivered in a phishing email with payloads distributed as an email attachment.
The quality of the spam email attempts varies widely -- some efforts to deliver malware will involve the attackers using minimal effort, perhaps even sending an email containing nothing but a randomly named attachment.
In this instance, the attackers are hoping to chance someone naive enough to just go ahead and click on email attachments or links without thinking about it -- and that they don't have any sort of malware protection installed.
With spam and phishing email being the primary vector by which malware infects computers, the best way to prevent malware is make sure your email systems are locked down tight—and your users know how to spot danger. Carefully checking attached documents and restricting potentially dangerous user behavior — as well as just familiarizing users with common phishing scams - can greatly reduce the spread of malware by just using common sense.
When it comes to more technical preventative measures, there are a number of steps you can take, including keeping all your systems patched and updated, keeping an inventory of hardware so you know what you need to protect, and performing continuous vulnerability assessments on your infrastructure. When it comes to ransomware attacks in particular, one way to be prepared is to always make backups of your files, ensuring that you'll never need to pay a ransom to get them back if your hard drive is encrypted.
Sign up to stay current with all the developments concerning cyber security, cyber insurance, and the cyber threats facing your organization.
1.888.727.6232
info@cyber-armada.com
433 Plaza Real, Suite 275
Boca Raton, FL 33432
Copyright © 2020 Cyber Armada, Inc.