What is Malware and How to Protect Your Business Against it?

What is malware? 

The term ‘malware’ refers to any software designed to intentionally harm a computer or a network. Malware comes in many varieties and can harm a computer in many different ways. Frequently, malware is incorrectly referred to as a computer virus, but in actuality a computer virus is just one of the common varieties of malware. 

Different types of malwares are designed to carry out a range of malicious activities on a computer or network. Common forms of malware may plaster a computer with adverts; look for sensitive information such as passwords or bank information; or hijack parts of a computer so it may be used by the hacker. 

How does malware infect a computer? 

In the modern day, the vast majority of malware finds its way onto a network through the internet. More often than not, malware is downloaded onto a computer through untrustworthy file downloads or scam internet links. 

Most hackers make use of social engineering to trick users into downloading their software, after all, malware would never get anywhere if it was simply uploaded to the internet in the hopes someone downloads it. One example of social engineering a hacker may use is phishing. Hackers will send out official-looking emails with innocent looking attachments. These attachments will have the malware attached and will infect a computer it is downloaded to. A hacker may also design software with backdoors in place to gain access to a computer, this is known as a trojan. 

It is not always obvious that a download is untrustworthy. However, as many malware developers will go to great lengths to make downloads look official. Even with training and experience, it may still be difficult to avoid more meticulously planned malware attacks as hackers are working constantly to improve infiltration tactics and malware effectiveness. 

Common malware types 

Malware takes many different forms. The different forms of malware all look for different things to attack, and take different approaches to infecting a computer or network. Being able to differentiate the more common varieties of malwares and what they do can help prevent attacks from happening. 

• Viruses – Computer viruses are one of the most common forms of malware, and they can very easily infect the networks of entire businesses, not just personal computers. Much like a real virus, a computer virus can spread through a network from a single infected computer. Once downloaded, a virus will attach itself to a common program and remain dormant until the user activates this program. Once activated a virus may destroy data, steal passwords, or even hijack the host computer. 
• Adware – This type of malware is usually not dangerous to a computer, but can be very disruptive to the user. Adware usually disguises itself as legitimate software and when downloaded will bombard the user with adverts. Commonly adware will inject adverts into web browsers through pop-ups or search engine results. 
• Worms – Similar to viruses, worms are capable of infecting entire networks once one computer is infected. Unlike viruses, worms will self-replicate. This means they do not need user action to help them infect other computers on a network. Because worms do not lay dormant, they can be more easily noticed than a virus, however they can also spread much faster than a virus if not caught in time. 
• Trojans – Trojan horse malware is often one of the most dangerous forms of malware. Trojans will be disguised as legitimate software but will have secret malicious code attached. Trojans are one of the most robust forms of malware and as such there are many different kinds. Common types of trojan include backdoor trojans that allow attackers to remotely control an infected computer; keyloggers that will read what a user is typing to steal information; and downloader trojans that utilise access to the infected computer to install other malware.  
• Ransomware – Ransomware is becoming the most prevalent and dangerous form of malware. Often downloaded via a trojan, ransomware finds and locks important information. The hacker that created the ransomware locks or threatens to leak important information unless a ransom is paid. Ransomware hackers will often target business to restrict access to necessary data and demand a large ransom to give access back to the business.  
• Cryptominers – Malicious cryptominers will often be installed onto a computer through trojans. When installed, a crypto miner will use the infected computers power to mine for cryptocurrency such as Bitcoin. Cryptomining is very resource intensive and can slow down a computer to a crawl. In the long term cryptomining can also cause damage to a computers’ physical components. 

How can malware be detected? 

Some of the most common malware varieties will target personal computers or the networks of small businesses. In most cases, malware leaves tell-tale signs of its presence. For example, if you have been infected by adware you will see adverts and pop-ups appear where they would not have beforehand. Most malware uses a computer’s resources to do their job. A computer that has been infected will often run sluggishly, or be more prone to crashing and freezing. Some malware such as viruses may not leave obvious signs of their presence however, and by the time they are noticed they have already spread to other computers on the network. 

How can malware be prevented? 

When dealing with malware it is better to take preventative measures rather than reactive ones.

1) When downloading something from the internet double-check to make sure it is from a trustworthy source.

2) Always read the addresses of any suspicious-looking emails before downloading any attachments.

3) If you run a business, it is often helpful to train employees to be more cautious when operating online.  

4) Using reputable anti-malware and security software will generally help to catch and destroy malware before it makes it onto your system. 

How Securiwiser can help

Securiwiser can help protect your organisation against cyber-attacks like malware. With Securiwiser you can generate a detailed cybersecurity posture profile. It will also provide you with recommendation on what you can do to improve your organisation's cybersecurity posture, and how you can prevent cyber-attacks from happening to you. Click here for a free cybersecurity report.