There is no doubt that malware is currently the most common reason behind most of the security breaches. In year 2018 alone, more than 810 Million devices were infected and hacked through different types of malware and this number was merely 160 Million in 2013 [1]. Many of the small and medium sized businesses usually do not address issues or causes related to malware and are only dependent on firewalls and anti-virus software, which by no means provide any worthy shield against this type of data breach.

Cyber hackers and attackers use variety of channels to inject malware into the system. While, social engineering is still the top method of infecting malware into any network. Phishing, smishing, and vishing are used to blackmail or deliver spam messages and links that can further lead people to revealing their sensitive and personal information. The most common types of malwares of which everyone must be aware of includes:

Trojan Horses:

This type of malware refers to programs that act as legitimate software and are downloaded into the system usually through the links in the spam emails, malicious websites that allow automatic downloads and through messages. They cannot self-replicate or transfer to other computers on the network. They need user interaction. When activated, as a result of interaction, trojan horses can easily steal your sensitive information and easily access to your system.

Ransomware:

This is the most severe type of malware that demands money as soon as they gain access to the users’ computer. After the user computers are compromised, the data is encrypted. Following that, they might demand ransom to decrypt the data. Hackers usually demand money in digital currency to remain anonymous. Even if the victim has paid the ransom, there is no guarantee that hackers will decrypt the data completely.

Adware:

Adware can be harmless in terms of stealing sensitive information but it can be very disturbing as it continues to show ads to the users in the web browser. This malware is automatically downloaded with other files or programs without requiring access or permission from the user.

Viruses:

A virus is a piece of code that inserts itself into an executable file or an office document. The virus would be executed when the executable file or the office document runs. Once the virus is inside a network, it may be used to steal sensitive data, start DDoS attacks or manage ransomware attacks.

A virus cannot execute or replicate itself if the infected application does not run.

Typically, viruses are spread via infected websites, file sharing, or email attachment downloads, a virus remains dormant until the infected host file or program is activated. When the virus is activated, it can replicate itself and spread to your systems.

Keyloggers:

Keyloggers monitor any user’s activity i.e. keystrokes and then share the data to cyber criminals including password, identification numbers and other sensitive information. They are installed through a Trojan or connected physically to the keyboard.

Worms:

Worms usually gain access by exploiting a vulnerability in a software or operating system. Worms are more like the viruses, which have the ability to spread easily to other networks and connected computers. This malware do not need any host program for propagating and, its goal is to quickly spread over the entire network and compromise the systems.

Spyware:

As the name implies, this malware is used to gather and record personal information of the user. It can track browsing history, user’s activity and other details of the individuals and sends these information to the attacker. Spyware is normally downloaded just like adware with other programs and files and can also gain access to user’s identification number and bank details.

How to prevent against malware?

Acknowledge yourself of the fundamentals of cybersecurity. You can check your and your colleagues’ or employees’ cybersecurity awareness using S4E:Education which includes a set of cybersecurity quizzes.

Continuously scan for vulnerabilities to know everything about your digital existence before anyone else. You can use S4E:Shelter to automatize your cybersecurity & scan for more than 1,500 vulnerabilities out there.

Precautions you can take on your own:

Use antivirus or anti-malware software

Keep your computer, plugins or installed software updated

Do not open email attachments or images from untrusted sources

Be careful about clicking popups

Think twice before clicking links or downloading anything

Limit your file-sharing

Backup your data regularly

References