You’re probably most familiar with malware from its regular appearances in the news, typically in relation to big organisations falling victim to it. Just last year, computing giant Nvidia were the victims of a ransomware attack that exposed its data to the world, costing the firm untold sums.
But do you really know what malware is? Join us as we dig into what malware is, the types of malware, how to spot malware and how to prevent malware on your home or work network.
What is Malware?
Malware (a contraction of malicious software) is a term used to describe any software that does unwanted things on your computer or device. It can take many forms, from viruses and worms to Trojan horses and ransomware, and can be spread through various means, including email attachments, malicious websites, and infected storage devices.
These nasties can include slowing your CPU, performing tasks of their own or locking your computer down and demanding a ransom. Some can also track your activities and steal sensitive data, such as passwords and files.
What are the types of malware?
Some variations of malware are:
Viruses
Computer viruses are malicious programs that can cause a lot of damage to your computer and the data stored on it. They can spread quickly and silently without user awareness, making them particularly dangerous. They can corrupt data, delete data, or even take control of a computer, allowing hackers to access personal information or even gain access to a computer’s operating system. This can lead to identity theft, financial loss, or even the destruction of a computer.
To protect yourself, it’s important to have a good anti-virus program installed and to keep it updated regularly. Additionally, be careful when downloading files or clicking on links in emails, and make sure you have a secure, up-to-date firewall in place. Taking these steps can help protect you from computer viruses’ potential dangers.
Worms
Worms are a particularly common form of malware that spreads via operating system vulnerabilities. The most common way that a worm does its damage is by overloading web servers and using up bandwidth.
They are also capable of carrying ‘payloads’, which are bits of code included to commit certain actions, such as creating botnets, stealing data or deleting files.
Worms are quite similar to viruses. However, there are a number of differences. The main distinguishing factor is that while viruses require user action to spread (running a program, opening a file, using a USB stick), worms often spread by mass-mailing themselves to contacts or similar.
Ransomware
Ransomware has seen plenty of exposure in recent years, owing mainly to the massive ‘Wannacry’ attack. This type of malware can literally hold a device and its contents hostage, while demanding a ransom to release your data.
Ransomware does this by encrypting a hard drive and displaying a message demanding the user pays a ransom to unlock the device. Ransomware often spreads just like worms, usually arriving in the form of a network vulnerability or downloaded file.
Adware
As the name suggests, this form of malware is designed to display unwanted advertisements; this includes pop-up ads and ads shown in the software.
Many free or compromised versions of software come bundled with adware, as it is used to generate revenue for advertisers. Often, adware is backed up by spyware (see below) or other malware to track your activities and steal your data, making it more dangerous than it might seem.
Spyware
This is malware that secretly monitors, records and sends your activities to a server or malicious attacker.
The types of information typically gathered by spyware include websites visited, system information, location and login credentials. Sometimes spyware has the capability to modify network, system and application security settings too.
Perhaps the most common types of spyware are keyloggers. They can infect a device and track your keyboard activity, sending copies of your usernames, passwords, bank details and more to criminals. For more, read our complete guide to keyloggers.
Browser Jacking
Browser-jacking malware is closely related to adware. It modifies your browser, ads toolbars, search engine & homepages and can add desktop shortcuts.
This malware can also redirect you to malicious sites and download adware and spyware.
Rootkit
A rootkit is designed to remotely control or access a computer without the user’s knowledge.
Once a rootkit is installed, its malicious owner can execute software, steal data, modify the system or change software (including any software that might have been able to detect the malware). In short, rootkit malware gives somebody else complete control.
This level of secrecy means you may be unable to find or remove a rootkit using typical security software. Consequently, detection and removal rely on manual methods such as monitoring for irregular behaviour.
Trojan
Trojan malware gets its name from the Greek tale of the Trojan horse. Trojans are programs that are disguised as legitimate files or software in an attempt to trick users into downloading malware.
Once a Trojan is installed, a malicious party can control the device remotely. When the attacker has access to an infected computer, they can monitor user activity, change files and settings, steal data or install more malware.
Bot
Bots are generally created to perform non-malicious tasks automatically. However, they are increasingly being used for more malicious purposes. Specifically, bots are being deployed in botnets, as spambots, web spiders scraping server data, and distributing malware on download sites.
Bots are the reason CAPTCHA tests exist, as they cannot usually pass this test without human input.
How to spot malware
Your first port of call in spotting malware should be your antivirus software. Running an up-to-date version of an antivirus scanner on a regular basis is vital in finding malware.
However, malware can appear between these scans, and can even evade them, so keep an eye out for the following symptoms:
- Files changing, moving, or being deleted
- Slow computer or network speeds
- Increased system resource usage
- Programs running, turning off or reconfiguring themselves (malware particularly likes to reconfigure antivirus software and firewalls)
- Strange files or programs appearing
- Messages or emails being sent automatically without you sending them
- Any other strange behaviour you do not expect to see from your device
How to protect your organisation against ransomware
To protect yourself and your organisation against malware, it is important to implement a combination of technical and non-technical measures. Some key steps to take include:
- Install and regularly update antivirus software: Antivirus software is designed to detect and remove malware from a computer. You can help protect your computer against new and emerging threats by installing and regularly updating antivirus software.
- Be cautious when opening email attachments and links: Email is one of the most common ways malware spreads. Be wary of opening attachments or clicking on links from unknown sources, and always scan any attachments with antivirus software before opening them.
- Use a firewall: A firewall is a security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Using a firewall can block malicious traffic and help protect your computer from malware.
- Enable automatic updates: Many software programs, including operating systems, offer automatic updates that can help protect against security vulnerabilities and malware. Be sure to enable these updates to ensure that your software is always up to date.
- Use strong passwords: Strong passwords are a key defence against malware and other cyber threats. Use complex, unique passwords for all your online accounts, and consider using a password manager to help generate and store strong passwords.
Here are some of Bob’s top tips:
- Don’t engage with emails from unknown sources
- Be careful with physical media; don’t plug in flash drives or discs from unknown sources
- Only download software and open attachments from trustworthy and reputable sources
- Don’t open attachments from personal emails on work computers, as you are creating a potential security threat to your organisation
- Don’t just ignore emails you suspect to contain viruses; always contact your IT department, as they can then inform the rest of your organisation
- Keep your operating system, antivirus software and browser up to date
- If a link or email looks dodgy, don’t click it!