What is Malware and what does it do?

Most people who have any kind of online life would have heard the term malware even if only in the context of needing anti-malware software to protect against cybercriminals.

But what exactly is malware?

Malware is an umbrella term which covers all malicious software – anything that once on your machine can extract data, corrupt files, or even hold your machine to ransom until a quantity of bitcoin is paid. This is known as ransomware and in 2020 there was a 485% increase in attacks on 2019. So, if you do not have protection against ransomware, today may be a goodtime to think about getting some.

Different types of Malware

Ransomware, however, is not the only form of malware that is out there waiting to infect you PC, laptop, or handheld device. The six most common types of malware are:

1.       Virus: A virus enters your PC or device and corrupts data, steals information, damages computers or networks and can create botnets which can then send spam emails from all networked PCs without any external interference or the user even being aware. These are often spread through email attachments or downloading something with the virus embedded into it.

2.       Worm: This is a sneaky piece of software which can self-replicate once on your system to infect other machines. It often uses something called a payload, which is a piece of code which can wreak havoc on your systems, deleting or corrupting files, encrypting data, stealing personal or financial data or creating botnets.

3.       Trojan Horse: When you download a trojan you think it is a ‘normal’, harmless file or software, but once on your system it has access to all your data, it can track your behaviour, gather personal data, install further malware as well as carry out Denial of Service (DoS) on your websites.

4.       Spyware: This is often installed on your device without your knowledge (as indeed most malware is) and tracks browsing and internet behaviour. This can result in the loss of financial details, banking logins and passwords – essentially access to your online life.

5.       Adware: In the modern world we are used to seeing constant adverts on the screen – it is just a part of life, but adware takes this to a new level. Malicious adware can collect data on you which can then be passed onto a third party, but it can also change browser settings and search settings which can be really inconvenient.

6.       Ransomware: The most common form of malware is ransomware as it is the easiest for the cybercriminals to make money from. Once a machine is infected, data files will become encrypted or the machine itself will become inaccessible until a ransom is paid.  Once the ransom is paid, in an ideal world access will once again be granted, but often this is not the case.

Impacts of Malware

No one is immune from malware attacks; individuals, small businesses, or global enterprises. One of the most recent attacks was the CovidLock ransomware attack in 2020. It targeted Android users concerned by Covid-19 by using malicious files with ‘more information about the virus’. Once it was downloaded data access was denied unless $100 US was paid.

One of the biggest attacks in the UK was in 2017 when the NHS was brought to a standstill with the WannaCry ransomware cryptoworm. It ended up costing the UK £92million and was spread by attacking a known Microsoft vulnerability on unpatched Windows 7, which the NHS had been using. It ended up infecting computers in 150 countries.

Recent research[1]has shown that 48% of businesses have been the victim of ransomware in the UK and more than 50% paid the ransom in the last 12 months. More worryingly is that 25% of those who did pay the ransom did not actually recover their data.  

How to protect yourself

Although it is inevitable that at some point every individual will become the victim of some form of malware, it is still vital that you do all you can to limit the likelihood. There are four main things you can do.

·      Anti-malware software – Every computer device you use should have the best anti-virus, anti-malware and anti-ransomware software you can afford. The more types of malware you are protected against the better.

·      Updated software -  Installing the software is only the first step, as it is important to apply the regular updates on all software(not just the anti-virus and anti-malware) as there will be patches for vulnerabilities and without the fixes, these will be targeted by cybercriminals.

·      Regular backups – Should your machine be infected with malware, if there are regular backups it will be possible to access a back-up from a time pre-infection meaning that business can continue as normal, and only data collected between the back-up date and the retrieval date is lost. The longer the time between backups the more data will be lost.

·      Check before you click – Always be aware of what links you are clicking on in emails, text messages and social media messages. Do the senders look legitimate or are PayPal or HMRC sending you an email from an address that looks like this slkdlkliufkjckhjlk@paypa1.com? If in doubt login the way you would normally – not through the link.

What next?

If you are worried that you are not well protected from cyberthreats in general and malware in particular give the team at SupportWise a call and see how we can help you out. It is never too early to secure your systems and you can never be too prepared.

[1] https://bmmagazine.co.uk/news/quarter-of-uk-businesses-have-paid-a-ransom-in-the-last-12-months-study-finds/