Understanding malware: 4 common types explained.
You may have seen news of high-profile malware attacks in recent years. Prevalent and costly, malware attacks should be a concern for businesses large and small. Malware, or malicious software, is software that is deployed to gain access to, damage or disable computers and computer systems. It is used by internet criminals for a variety of reasons, including making money and causing disruption.
Computers infected with malware may:
- Slow down, freeze or crash
- Automatically run, turn off or reconfigure programs
- Send emails or messages to contacts
- Create new files or modify and delete existing ones
To help you know what to look for, and how to defend yourself against malware attacks, we’ve put together an overview of some common attacks, types of malware and preventive measures.
Types of attacks.
Hackers have found many ways to get malware onto computers. One of the most common, phishing, involves tricking someone into clicking on a link or attachment with the malware contained within it. A computer can also become infected with malware if someone downloads software that has malicious applications bundled with it.
In a watering hole attack, the fraudster infects websites that members of a targeted group are known to visit. Then, when they visit the site, the malware is added to the user's computer and gains access to the network at their place of employment.
Types of malware.
Malware can go by many names. You’ve probably heard of some or all of the following common types of malware:
A virus can replicate itself and therefore spreads quickly as it attaches itself to another commonly used, legitimate program on a computer. A virus can also be transported. If the virus attaches to a music file, for instance, the virus goes with that file if it’s copied onto a disk, memory card or USB stick.
Like a virus, worms are infectious and are designed by cybercriminals to replicate themselves. Worms carry themselves in their own containers and often confine their activities to what they can accomplish inside the application that moves them. They use a computer network to spread, relying on security failures on the target computer to gain access and steal or delete data.
These are malicious programs designed to infiltrate a computer and automatically respond to and carry out instructions received from a central command and control server. An entire network of compromised devices is known as a botnet. One of the most common uses of a botnet is to launch a distributed denial of service (DDoS) attack to make a machine or an entire domain unavailable.
Ransomware is a type of malware that locks the data on a victim’s computer, typically by encryption. The cybercriminal behind the malware demands payment before decrypting the ransomed data and returning access to the victim. The motive for ransomware attacks is nearly always monetary.
Steps to take.
Since different malware can attack you in different ways, consider using a “layered defense” approach to help protect your organization. This includes, but is not limited to, antivirus software, using host-based firewalls and application control. You and your staff should also follow these best practices:
- Do not click on links sent to you by strangers
- Do not download programs or applications from unreliable sources
- Use strong passwords to protect your identity
Malware is constantly evolving and new types of attacks are being created. The threat of malware attacks is all too real, but by understanding what they are and how they work, you can be more prepared to defend against them. Educate your employees and consider using a layered defense approach to help your organization fend off cyberattacks.