Malware is simply malicious software. It’s a clade of cyber threats, alongside things such as spam, social engineering and phreaking, and has evolved over the years. Computers that have been infected by malware might:
- Slow down, freeze or crash;
- Create new files or modify or delete existing ones;
- Automatically run, turn off or reconfigure programs; or
- Send emails or messages to your contacts.
There are also specific types of malware designed to perform various activities. Here’s a brief guide to the most common.
The most lucrative and generally least harmful malware, adware (advertising-supported software) displays ads on your computer – typically in the form of popups and windows that can’t be closed.
Adware is usually used to generate revenue through clicks, but it’s not unusual for adware to be bundled with spyware (see below), which is much more intrusive.
As the name suggests, spyware is designed to monitor your Internet activity. It gathers information, which can either be sold to a third party or used to target you with adware.
A bot is a tool that runs automatic and often repetitive tasks over the Internet. This might not necessarily be for criminal purposes (think, for example, of Twitterbots, which perform the relatively mundane task of tweeting, following or messaging other accounts), but plenty of bots are malicious.
Bots drain the resources of the infected person’s systems, and they might be causing the computer to be part of a criminal enterprise. They are also commonly used for spambots (which spam computers with ads) and botnets (which are used for distributed denial-of-service attacks).
Ransomware is quickly becoming the most notorious type of malware. It’s most famous iteration is WannaCry, which infected hundreds of thousands of organisations across the globe in May 2017, but it was unlike most ransomware in that its scope was massive (because of its worming capabilities).
Most ransomware is spread through phishing emails, which offers a more controlled scope. A PhishMe report from last year found that ransomware was delivered in 97% of all phishing emails.
Different types of ransomware can operate in slightly different ways, but they all encrypt files and/or lock computers until victims pay for a decryption key.
5. Trojan horses
A Trojan horse (or just ‘Trojan’) is a malicious program that masquerades as something useful, tricking users into downloading it.
Attackers usually use Trojans to gain remote access to a victim’s computer. This allows them to steal data, install more malware, modify files, track the user’s browsing habits or use the computer in a botnet.
Like the kinds of virus that give you a cold, a computer virus copies itself and spreads, undetected, to other victims. It can do this by attaching itself to programs, script files, documents and cross-site scripting vulnerabilities in web apps.
As soon as the user opens the program, document, etc., the virus goes to work. This will typically mean stealing information or money, harming the host computers and networks or creating botnets.
Worms are among the most common types of malware. As with viruses, they are contagious, but instead of hiding inside existing files and relying on people to open them, worms are self-contained and self-propagating.
They usually show up via email and instant messages, and spread over networks by exploiting operating system vulnerabilities. Payloads are commonly designed to steal data, delete files or create botnets.
Preventing malware infections
As this list shows, different malware can attack you in different ways, so there’s no one way to prevent infections. However, everyone would benefit from running antivirus software, applying patches as soon as they’re released and conducting penetration tests to search for vulnerabilities in the organisation’s systems.
But technology alone isn’t enough. The key to staying secure is to follow good cyber security practices and identify problems when they arise.
Organisations looking to become more secure should prioritise information security training.
Our Security Awareness Programme uses a variety of learning methods to help organisations create tangible and lasting improvements to their cyber security culture.
This programme combines a learning needs assessment to identify the areas that your organisation should focus on with a series of tools and services to address the problems that arise, including hands-on support from a specialist consultant, pocket guides and e-learning courses.