Malware Defined: What Exactly Are We Looking At?
The word malware is a mash up of the words malicious and software. The term malware refers to any software that is intended to threaten or compromise information or systems. Hackers use malware to compromise networks or devices with the intent of stealing information or making a system inoperable. Malware is most often used to illicitly obtain information or disrupt business operations.
A Brief History of Malware
The first malware dates back to the 1980s. The first documented computer virus was discovered on a Mac in 1982 and was dubbed Elk Cloner. A strain of PC-based malware was discovered not long after in 1986 and was titled Brain.
The evolution of malware seems to directly correspond with the development of technology. Much like superheroes who develop new powers only to be met with an equally-matched enemy, malware often develops alongside the technology businesses are adopting. When email became popular, so did email-based malware, for example.
While it would be difficult to chronicle all the malware instances over the past 40 years, we can give you a brief rundown.
- The 80s saw the first viruses and internet-based attacks.
- The 90s saw more sophistication as email viruses began to take hold.
- In the 2000s, malware ramped up with the entrance of phishing and web-based applications.
- From 2010 on, we’ve seen the most sophisticated attacks with worms, spyware, ransomware and other malware attacking connected devices and businesses in an attempt to compromise information.
Types of Malware: Categories of Compromise
Types of Malware: Categories of Compromise Malware is a general term that encompasses many different types of threatening software. For IT pros, it’s important to identify which category malware falls into in order to determine the best approach for containment.
Here are the different types of malware:
- Virus: Similar to a real-life virus, this type of malware attaches itself to benign files on your computer and then replicates, spreading itself and infecting other files.
- Worms: Worms resemble viruses as they are a type of infection that replicates to infect other systems. However, unlike viruses, worms don’t need a host to spread. Worms are self-sustaining and can spread without human or technological assistance.
- Trojans: The trojan hails its name from the story of the Trojan Horse. Trojans masquerade as harmless software and can initiate a variety of attacks on systems. Some trojans are aided by human action while others function without user intervention.
- Spyware: Another type of malware with a telling name, spyware is software that is covertly installed on a system or device and monitors activities to glean useful information.
- Bots: Bots are often used to automate tasks and dynamically interact with website visitors. Unfortunately, what is used for good can often be commandeered for evil, and bots are a prime example of that. Botnets connect back to a server and self-propagate, making them particularly useful for compromising a large number of devices. This is a common tactic in DDoS attacks.
- Ransomware: This category of malware locks you out of systems or encrypts your data, with the intent of restoring access once a fee is paid.
- Adware: Adware is a particular nuisance when it comes to malware. It takes shape in the form of popups and advertising that send out data when clicked upon.
- Rootkits: Rootkits use a process known as hooking to obtain access to and modify operating system API calls that are used to supply system information. This form of malware is present at the kernel level or on system firmware. Rootkits can be used to mask nefarious activities taking place behind the scenes.
- Keyloggers: Keylogger programs track keystrokes to help attackers discern sensitive information.
This is by no means a complete list, but it offers a jumping-off point for identifying and evaluating more sophisticated threats.
How to Prevent and Protect Against Malware: A Primer in Safety
Protecting against malware is often easily done with responsible device and password management and a healthy dose of best practices.
Here are some tips to help protect your device and prevent malware:
- Use strong passwords and change frequently, especially if suspicious activity occurs.
- Perform regular system and app updates to eliminate system vulnerabilities.
- Install a solid antivirus software to identify and prevent malware from infecting your systems.
- Don’t open emails and messages from unverified sources, and only download from trusted entities.
What’s the Difference Between Ransomware vs. Malware vs. Social Engineering vs. Phishing?
Ransomware, malware, social engineering and phishing all encompass different forms of ill-intentioned cyberattacks.
- Malware is a general term formed by the words “malicious” and “software” that describes different types of software intended to compromise systems, obtain sensitive data or gain unsanctioned access to a network.
- Ransomware is a category of malware where attackers use various methods to encrypt your data, making it inaccessible, or bar you from entry to a particular system or device. Attackers then demand a ransom in exchange for reinstating your access.
- Social Engineering, by contrast, is a method used to extract sensitive details by way of human manipulation. With social engineering, hackers connect with users while pretending to represent a legitimate organization and seek to ascertain critical information such as account numbers or passwords.
- Phishing is a form of social engineering that involves email, phone, text or illegitimate websites. In both instances, the collected information is used to access protected accounts or data.
While our guide acts as an introduction into the threats posed by malware, this is by no means an exhaustive list. Malware and the cybersecurity world change on a daily basis, and attacks are becoming increasingly sophisticated. The best way to combat cyberattacks is to prepare your business with proper protection and precautions.