If you have been even just a little online over the past two decades, you have probably heard of malware. Certainly, any business or business owner whose company involves IT or does business online will likely have encountered the term. But do you really know what it is, what it does, and why precisely it is bad? And do you know how many different forms of ‘ware there are?
Viruses have been around since the internet began, and hackers have been developing software designed to exploit vulnerabilities in systems for almost as long. This malicious software, or malware, is designed to cause harm to a computer system or network, usually for financial gain.
Malware can be deployed into a network or system using a number of methods. The most common forms are either via a phishing or social engineering attack or by a breach or exploitation of a vulnerability in the system.
But what does malware actually do? And what does it look like?
Malware
Malware is the umbrella term for a range of malicious software designed to hack, break, or breach networks and systems. Malware includes computer viruses like Trojans, which disguise themselves as desirable code, or worms, which spread through a system by constantly replicating. Malware also encompasses control programs like rootkits, which allow hackers to take over control over individual machines or entire networks, as well as keyloggers that record users’ keystrokes.
Malware also includes several subcategories of ‘ware, which is what we will concentrate on today.
Ransomware
Ransomware essentially does what it says in its name - holds your data to ransomware. Once ransomware is installed on your system, it encrypts your data or even your entire network, denying you access until you pay up.
Ransomware makes an organization unable to carry out basic functions. Also, it presents the risk that essential, valuable data will either be destroyed or sold/published elsewhere, which could have serious ramifications.
Ransomware can be devastating. Baltimore in the US was hit by an attack earlier this year, forcing all public activities to stop for weeks, including tax collection, property transfers, and all government email. The attack cost the city well over $18 million.
One of the worst aspects of a ransomware attack is that there is no real way to guarantee that you will recover your data even if you pay the ransom. In fact, it is far more lucrative for a hacker to extort a ransom from the targeted business and then sell the data as well, doubling the payout. The best way to protect against a ransomware attack is by doubling down on your backups and ensuring that you can just reload and keep going in the event of being locked out of your data or your system.
Spyware
Spyware is installed on a system not to damage it but to collect information. Spyware records user activity and can result in leaks of sensitive data, including passwords, PINs, financial information, and confidential data.
Spyware can be installed on almost any device or program, including apps and mobile devices. And the repercussions of a spyware breach are not necessarily straightforward. Even if the data stolen is not critical, confidential, or even valuable, the threat of further spyware breaches can cause productivity and performance to plummet.
Fileless malware
Most malware needs to be installed on a computer or a system. Fileless malware is dangerous precisely because it does not. Fileless malware attacks start by changing preexisting files rather than installing anything new. Because these files have already been checked and greenlit by the OS, it is almost impossible for antivirus software to pick up a fileless attack. The altered files can then launch additional code later, giving hackers access to the system, recording information, or encrypting data.
Adware
Adware is very similar to spyware in that it tracks user activity, but it differs in that it runs entirely online. Nothing is installed onto a user’s computer.
Adware records browsing history and online activity, capturing personal data and displaying certain ads or sharing it with others. Adware can create a user profile based on their internet history, making it extremely valuable to marketers, even if it is recorded without consent.
Adware might seem more annoying than dangerous - after all, we freely give consent to this sort of software all the time, and optimized and personalized ads are a standard part of most people’s online experience. But adware has the potential to do far more. For example, an adware attack in 2017 called Fireball targeted 250 million devices, initially just to change default search engines and record internet usage. But Fireball was also able to run independent code and install additional malicious files on users’ devices!
Malware can sound scary, but as is so often the case with cybersecurity, the best defense is a good offense. Carrying out good digital hygiene, backing up regularly, and ensuring that your staff is fully trained in cybersecurity best practices can go a long way toward preventing malware attacks before they even happen!
If you would like to know more about how you can protect yourself online, get in touch with VC3, and our experts will be happy to help.