Malware is one of the most common cyber security threats that organizations and individuals face. Whenever someone talks about their computer being infected, encountering bots or even falling victim to a scam email, malware is normally involved.
It’s why anti-malware software is usually considered a top priority for staying safe online. However, those tools are not flawless. For example, they can only spot known types of malware, and according to the AV-Test Institutealmost half a million new types of malware are detected each day.
But how exactly does malware work? In this blog, we explain everything you need to know about it, including our top 8 tips for preventing malware attacks.
What is malware?
Malware, or malicious software, is a broad term that refers to any type of code that intends to harm a computer.
It can do this in a number of ways, such as:
- Stealing, encrypting or deleting sensitive information;
- Hijacking or altering core system functions;
- Monitoring user activity; and
- Spamming the device with adverts.
Types of malware
There are many different types of malware, but there are seven types that are extremely common:
- Adware displays ads on your computer – typically in the form of popups and windows that can’t be closed.
- Spyware monitors Internet activity and gathers information, which can either be sold to a third party or used to target you with adware.
- Bots run automatic and often repetitive tasks over the Internet. This might not necessarily be for criminal purposes (think, for example, of Twitterbots, which tweet and follow other accounts), but bots can be used to harness multiple computers in a botnet and create a more powerful threat.
- Ransomware spreads through a target’s systems, encrypting files as it goes. The criminal behind the attack then demands a payment in exchange for the decryption key.
- Trojan horses are malicious programs that masquerade as something useful in an attempt to trick people into downloading it.
- Viruses copy themselves and spread, undetected, to other victims. It can do this by attaching itself to programs, script files, documents and cross-site scripting vulnerabilities in web apps.
- Worms are self-contained and self-propagating viruses. They usually show up via email and instant messages, and spread over networks by exploiting operating system vulnerabilities.
How is malware distributed?
Malware is delivered in one of several ways, but the most common method by far is phishing. This is a type of fraud in which bogus messages appear as though they have come from a genuine source and encourage the user to follow a link or download an attachment.
For instance, an email might look as though it is from Amazon with an order confirmation for a product the individual hasn’t made. Or perhaps the email contains an invoice attached and is sent to an employee’s work address.
Whatever form the message takes, it’s almost always designed to create a sense of urgency and pressure the recipient into acting immediately.
If the email contains an attachment, there will be malware hidden within it – often contained in a macro on a Word file – which is unleashed as soon as the user opens the file or approves the macro.
By contrast, phishing emails that direct users to another website are typically designed to capture login credentials, but the bogus website might also use another method of malware delivery: drive-by downloads.
Compromised websites can be laced with malware, which infect users’ devices after they inadvertently click a pop-up window that gives the site permission to download an attachment. The windows usually mask as something genuine, such as an error message that looks as though it’s part of the computer’s operating system.
A subset of this is social network spam. Cyber criminals include bogus links on these platforms that direct visitors to a compromised website. For example, a video link might ask you to install a bogus video player plugin, which contains malware.
How to prevent malware attacks in 2023
As we’ve explained, malware can attack you in many different ways, so there’s no one way to prevent infections. However, there are certain measures you can take to protect yourself from an array of threats.
Here are eight things you can do to get started:
- Install antivirus and anti-malware software: These tools help protect your computer from viruses and other types of malicious software. Make sure to choose reputable software and keep it updated.
- Update software and operating systems: Keeping software and operating systems updated is important because updates often include security patches and bug fixes that help protect against vulnerabilities.
- Disable macro scripts in Microsoft Office files: Macro scripts can be used to execute malicious code, so it’s a good idea to disable them in Microsoft Office files unless you know that they are safe.
- Back up important data: Backing up important data is important in case of a data breach or other type of cyber attack. Make sure to keep backups in a secure location.
- Use a VPN: Using a VPN can help protect your online privacy by encrypting your internet traffic and masking your IP address.
- Provide staff awareness training: Educating employees about cyber security best practices is important to help prevent cyber attacks. Make sure to provide training and resources to help employees understand the risks and how to protect themselves.
- Implement access controls: These ensure that only authorized personnel can view sensitive information, and can protect data if an employee’s account is compromised.
- Use email filters: These can identify known malware hidden within emails and block those messages from employees’ inboxes.
Covering the essentials
If you want more advice on preventing malware attacks, we recommend Cyber Essentials. It’s a UK government-backed scheme that outlines the basic measures that organizations can take to secure their systems.
It contains five controls, one of which focuses on malware protection, and when they’re implemented correctly they can prevent 80% of common cyber attacks.
IT Governance offers a range of solutions to help you understand and implement the framework. We’re one of the founding Cyber Essentials certification bodies and remain one of the largest in the UK.
We also offer a free guide that provides more detail on Cyber Essentials and the way it helps organizations.
Cyber Essentials: A guide to the scheme is a perfect introduction to the framework, explaining the five controls and the ways they work to keep organizations safe.
The guide also explains how to obtain certification and the things you should know before getting started.
