Ugggh, malware. That common security issue that we’ve all known about since the dawn of computing still exists. Every company needs to handle it. Every personal computer needs to handle it. Every mobile device has to handle it. So let’s talk about common malware types and their impact!
There are new malware attacks being discovered regularly. Varonis recently found the Monero crypto-jacking malware during a cybersecurity investigation that secretly exploited a company for over a year.
Social attacks are being developed to target customers and software programs via social networking sites, in an attempt to trick them into downloading malicious software (malware). A report revealed that 94% of malware was delivered by email in 2019; a staggeringly high number.
What are the effects of malware?
Malware can frequently be used as the initial step in an attack that can eventually lead to identity theft, data loss, or leakage. All of which can take a toll on your market reputation. People will think you’re stupid if you cannot handle this common issue! You don’t want that!!
As you know, malware attacks can potentially be the first step to take over your computer system, hijack your network, and redirect you to malicious sites that may look legitimate at first, but contain harmful code or data that could cause data breaches.
What’s more dangerous about malware is that it can spread itself to other systems and what initially may have started as a small scale breach can eventually take down an entire organization’s systems in a short period of time.
While most anti-virus software programs will try to address all of these, some make exclusive use of application signatures to reject known bad malware.
This is usually not very successful as malware is coming out at such high frequencies (and adapt) that it is difficult to keep a full list of malware.
More anti-virus systems are using heuristics to try to detect malicious behavior. A good option to prevent malware is to use application whitelisting where only known and trusted applications are allowed to run, all others are rejected.
What Are the Most Common Types of Malware Attacks?
There are numerous malware types, however, we have shortlisted some of the most common and dangerous types of malware attacks.
As its name suggests, Spyware is a common type of malware designed to spy on target users and gather information such as credentials, bank details, internet activity, transaction details, and more. This is the annoying one (who am I kidding, they’re all annoying!)
Attackers use this common malware type to track, monitor, and gain access to the company’s confidential data or the sensitive information of users. This could also include social security numbers, personally identifiable information, passwords, HIPAA-covered data, credit card numbers, etc.
This stolen information could lead to data leakage and impact the company’s reputation.
How Can you Prevent Spyware Attacks?
Spyware isn’t as malicious as other common malware types but you still need to handle it.
How do they hit your software programs and computer systems?
Attackers often use pop-up windows infected with spyware to target victims. Once the user clicks on the link or window, they accidentally install the spyware on their computer. Hence, it is recommended that users should refrain from clicking on suspicious pop-up windows or links.
Antivirus software programs and application whitelisting are good options to address this malware issue.
Adware, as the name suggests, is a type of malware designed to automatically deliver advertisements to users to generate revenue for its creator. Often adware is closely related to spyware and shows up in the form of ads installed in software or programs, or in pop-up windows.
This type of malware could redirect a user’s browser searches to a look-alike, harmful website containing malicious links and data that could impact the user’s system or network.
It aims to expose the compromised end-user to potentially malicious advertising, or harmful programs that might compromise the user’s computer functionality and impact their data protection. This might lead to an invasion of data privacy and could cause data leakage or identity theft.
How Can You Prevent Adware Attacks?
Attackers typically use unknown websites to create adware, therefore users should be cautious about websites that look untrustworthy. Moreover, it is recommended that users should only download programs from reputed websites that are authorized and safe to use.
While browsing websites, avoid clicking on notices, pop-ups, or advertisements. This way, you could significantly reduce the likelihood of your system getting infected with adware. Additionally, keep your operating system up to date as outdated systems are more susceptible to viruses and malware exploits.
You can also set up browser extensions that block ads or pop-ups to prevent malware attacks. Furthermore, install an antivirus software program that scans each file you download as this will give you real-time protection against both adware and spyware.
Trojans are one of the most common forms of malware. Attackers disguise trojan attacks as attractive deliverables such as gift cards, special coupons, offers, etc. to infiltrate a user’s computer system. Think “trojan horse” here.
This type of malware mimics legitimate programs, but they contain malicious instructions. They typically show up in the form of emails or links and push users to click on the infected website or link.
The most common type of trojan attacks use a fake antivirus software program, which shows as a pop-up, claims that the user’s device has been infected, and then instructs the user to run a program to clean their computer system.
Users often fall victim to such malicious links and follow the instructions, which leads to severe consequences such as data loss, theft, or leakage.
How Can You Prevent Trojan Attacks?
Trojans need your permission to access your computer, either when you download a malicious file or run the program yourself. One way you can defend yourself against this type of malware is to never run a program or open an email attachment if you’re not sure about its source or authenticity.
However, there are only so many restrictions you implement while opening an email, given today’s interconnected world, so a few more specific security measures are called for.
You can take the following measures to protect your system against Trojans:
- Install antivirus software
- Configure your firewall to reject malicious traffic
- Whitelist applications that are allowed to run on your systems (highly recommended)
Ransom malware, or ransomware, is a type of malware that encrypts user data files and/or system files using an encryption key that is only known to the attacker.
This is how ransomware affects the user:
The user then loses all access to their data and system and the attacker then offers to “sell” the encryption key to the user so that they can decrypt their files.
If the ransom is not paid, the attacker may publish or delete data. However, there is no guarantee that paying the ransom will restore access to your system or data.
How does this type of malware attack your system?
Ransomware emails use social engineering to trick users into clicking on links that may appear as legitimate. They could be appearing from a legitimate source like a friend or your employer. That’s what makes ransomware particularly malicious.
Once executed, this type of malware can encrypt the user’s files within a few minutes and lock them out.
How Can You Prevent Ransomware Attacks?
This type of malware can cause severe damage and can even lead to complete data leakage or loss if you don’t have a validated, safe backup of your data.
Make sure you use cloud storage that includes multi-factor authentication and high-level encryption to create regular backups (and maintain offline backups) of your data.
As always, application whitelisting is another good option to prevent ransomware.
A virus is a malicious computer program that can modify legitimate host files, replicate itself, and spread to other devices. This type of malware can infect web applications, script files, documents, and various other programs.
What are the most common side effects of viruses?
A significant reduction in computer speed, compromising software such as firewalls, and modification of data files are some of the most common effects of viruses. A computer virus can also modify or delete data on a computer, use an email program to spread itself, or even delete data on the hard disk.
Once it infiltrates the computer system, a virus can install spyware or ransomware leading to future damage. Some viruses can also remain dormant for a period of time, waiting for a specific trigger such as a specific date or an action.
How Can You Prevent Virus Attacks?
One thing to keep in mind about virus attacks is that they typically exploit vulnerabilities in software code or operating systems to infect your system. If there are no potential vulnerabilities or loopholes in your system to exploit, you can prevent the virus from spreading even if your system gets infected by it.
Keep your computer systems updated and patched, creating an inventory of hardware so that you know what you need to protect, monitor potential vulnerabilities in a system, and take appropriate security measures.
As always, application whitelisting is another good option to prevent ransomware.
A worm is similar to a virus in the way that it’s self-replicating and it can infect other systems. However, what makes this type of malware more dangerous than a virus is its ability to spread without end-user action. It can attach itself to an existing program and self-propagate.
A worm can install backdoor programs, slow bandwidth, and even delete data files until the drive is empty. Since worms do not require human intervention to spread, they are difficult to defend against and rid from computer systems.
How Can You Prevent Worm Attacks?
Once a worm infects a computer system, the process of eliminating it is similar to that of removing any kind of malware. You can implement a firewall to restrict or limit network traffic, especially unauthorized users.
Since the major infection vectors for computer worms are software vulnerabilities, make sure your computer’s applications and operating systems are up to date. Install these updates and patch systems as soon as they’re available.
Be aware of phishing emails that are from unknown sources that contain untrusted links or attachments. Additionally, be sure to invest in a good cybersecurity solution that can help you block suspicious malware threats. A good phishing solution should be able to defend your computer system against ransomware, spyware, viruses, and other malware threats.
Malvertising is a type of malware that uses a legitimate ad or ad network to deliver malware to the target users’ computers.
For instance, an attacker might pay to place an ad on a legitimate website and then insert a malicious code inside the ad. When a user clicks on the ad, the code inside the ad will run and either redirect the user to a malicious website or install malware on their computer.
Cybercriminals typically use malvertising to deliver malware including banking trojans, crypto mining scripts, or ransomware.
How Can You Prevent Malvertising?
Attackers can trick users easily with malvertising, given these ads are placed on legitimate websites.
The best way to protect yourself against malvertising is to invest in good antivirus software. Make sure that once you install it, you keep it up to date. Additionally, install an ad blocker software program so that you don’t accidentally click on malicious ads.
The damage caused by common malware types can be extensive — from significant downtime in computer systems to large scale data breaches.
If a computer is infected with malware, it can potentially take down the entire organization’s systems with it, leading to severe dysfunction and a data breach. Malware can delete critical system elements, cause data leakage, thus having long-term impacts on an organization. More importantly, it can make you look bad if you aren’t handling malware appropriately.
However, there are ways to protect your computer system against malware attacks and maintain better security. Be it a software patch, or running security audits regularly, a small security measure can help defend your organization against malware attacks.
Most users are often unaware that their computers have been hacked, and this is where you should get a professional expert to run a quick security check on your computer systems. If you have security measures in place, great! But there’s always scope for improvement to ensure you are safe from malware attacks.
We run in-depth security checks to ensure your organization is secure and well-protected.
Steve Kosten is a Principal Security Consultant at Cypress Data Defense and an instructor for the SANS DEV541 Secure Coding in Java/JEE: Developing Defensible Applications course.
Subscribe to FAUN topics and get your weekly curated email of the must-read tech stories, news, and tutorials 🗞️