Malware, also known as Malicious Software is one of the oldest forms of cybercrime on the internet. Thought to have first appeared in the 1970s it remains one of the most common (and effective) threats to your cyber security. Why? Because it's quick and easy for cybercriminals to create and spread.
But what exactly is it, how bad is it for business and how do you prevent it?
As part of our series of cybercrime informational blogs, we are going to take a closer look at malware threats today.
What is a Malware cyber attack?
Malicious software is commonly designed to be automatically distributed through email networks, with the purpose of gaining access to data, systems and sometimes entire networks of PCs, laptops, phones and tablets. It can also be used to gain access to your systems through your web browser.
More frequent examples are known as viruses, worms, Trojanware, spyware, adware and ransomware each relies heavily on human error, in the form of clicking a link or opening an infected file.
Worms infect your computer's memory and transfer themselves through network failures, consuming and overloading servers.
Viruses are codes uploaded to your computer through files or programs and spread themselves via your contact list.
Bots & Botnet
Bots are programs designed to automate tasks on infected computers and are often used in DDoS attacks to bring down websites.
Embedding themselves into your computer as a legitimate program, Trojans open back doors to allow access to sensitive data.
Software that restricts or denies access to files and networks through encryption, demanding payment through bitcoin as a ransom.
Designed to harvest personal data through a user's internet activity. This includes login and credit cards.
Appearing as legitimate adverts on websites, this software targets site visitors and redirects them to malicious sites.
Fake emails or text messages posing as legitimate companies with the aim of gaining personal and financial details.
How damaging is Malware?
Typically Malware cyber criminals are either mining for data or looking to cause extensive losses and disruption in business network data. Increasingly though, malware has also been used for financial gain, whether that’s through targeting access to funds or ransoming control of your device for a return fee.
Whilst some attacks, if caught early, can mean a minimal loss in money or business productivity for the length of time the malware is active, other attacks can be catastrophic for business owners.
Emotet, a Trojan malware caused $2 million USD of damage to the Chilean bank Consorcio in 2018, but this wasn’t the biggest attack recorded. The WannaCry ransomware attack of 2017 infected approximately 200,000 computers in 150 countries, in just a few hours, with damages reportedly in the billions. Then of course there was the ILOVEYOU attack of 2009 which caused over $10 billion USD in damage, infecting more than 45 million people.
How common is Malware?
According to DataProt, it’s thought that there are 1 billion malicious software in operation today, with over 500,000 being detected daily by network defences. Sadly, in 2020, with the rise of remote and hybrid working, plus those on furlough using the internet at a higher than average daily rate, malware attacks rose by 62%.
Their form has changed too, becoming more sophisticated and being specifically written to work on multiple devices. Phones and tablets, not just laptops and PCs are now highly prized targets.
When we say that malware has become more sophisticated, it doesn’t always mean complex. For example, the ILOVEYOU malware attack was spread by an email entitled ILOVEYOU with a file attachment. On opening the attachment a software download started that changed desktop and network files on-mass to the title ILOVEYOU in quick succession until it crashed the entire system. The worm was written to replicate itself at an alarming speed, increasing pace in each incarnation. Using mailing lists as its target it spread throughout its original location quickly, infecting and replicating as it moved through each new contact list it infected. A simple removal of a location tag in the software programming allowed the worm to wreak havoc internationally, in just a few days.
How to prevent a Malware cyber attack
Windows 10 and 11 now include Windows Security with its build-int programme Microsoft Defender Antivirus, which provides the latest in antivirus protection. This means from the moment you run your new PC you are being defended with real-time updates. PC Mag rated Windows Defender their top-performing free antivirus software in August 2021.
Having free coverage, might not be enough.
As a business owner, you can do more than this. You can set up malware scanning protocols within your systems, which can either be managed in-house or by providers like us, here at IT Soho.
You can also educate your staff on best practices when it comes to safe email, intranet and internet use. This might be a one-off training session at the beginning of their contract as part of an onboarding process, or it could include Adhoc workshops depending on the complexities of your data requirements, or employment models (remote, hybrid, or office based).
Need help protecting your business against Malware?
It can be difficult to understand what level of protection you need in order to adhere to your business or governance data policy. To make sure you feel confident in that choice we are on hand to provide you with advice, here on the blog on how to better understand your position.
If you are in the central London area contact us today and let us handle all your IT support needs!