Malware—the term seems to be at the center of the news every day, with each headline telling of a new way the cyber threat has inserted itself into our lives. From an entire attack campaign on banks worldwide, to a strain residing within medical devices, to a variant that has learned to self-heal, the list of malware-based attacks goes on. And as they do, it’s becoming more and more clear that today’s malware has not only become adaptive, but has learned how to spread its wings further than before, to devices beyond laptops and phones, and in a way that creates a longevity behind each cyberattack it spearheads.
However, though it is important to understand the many forms that malware, or malicious software, takes, it’s crucial to first and foremost grasp what it is.
What is Malware?
The abbreviated term for malicious software, “malware,” is a generic term used to describe any type of software or code specifically designed to exploit a computer/mobile device or the data it contains, without consent. Most malware is designed to have some financial gain for the cybercriminal, as crooks typically use it to extract data that they can leverage over victims. That information can range anywhere from financial data, to healthcare records, to personal emails and passwords—the possibilities of what sort of information can be compromised have become endless.
How Malware Spreads
So how exactly can these cybercriminals get their hands on so much data? Since its birth over 30 years ago, malware has found a variety of vessels to help it enact attacks. This includes email attachments, malicious advertisements on popular sites (malvertising), fake software installations, USB drives, infected apps, phishing emails, and even text messages.
Types of Malware
Now, these are just a few of the ways malicious software can be delivered–but there are also different kinds of malware itself. To name a few:
- Viruses. Almost always attached in a file, this malware variant usually comes as a document in an email that holds a virus payload (the part of malware that performs the malicious action). Once the victim opens the file, boom—infected.
- Worms. This malware strain doesn’t require user interaction or even a file to attack. Instead, worms have the ability to copy themselves from machine to machine, usually by exploiting some sort of security weakness in a software or operating system.
- Trojans. This type of malware is the most commonly leveraged by cybercriminals, as of late. Trojans masquerade as harmless applications (for example, those you’d use on your phone), tricking users into downloading and using them. Once up and running, they then can steal personal data, crash a device, spy on the someone’s activities, or even launch a DDoS attack.
- Ransomware. One of the most profitable, and therefore one of the most popular, of malware types amongst cybercriminals is ransomware. This variant simply installs itself onto a victim’s machine, encrypts their files, and then turns around and demands a ransom (usually in Bitcoin) to return that data to the user.
How You Can Fight Back
Now that you know what malware is, how it can be delivered, and the many forms it takes, it’s time to learn how you can protect yourself against it:
- Keep your operating system and applications updated. Cybercriminals look for vulnerabilities in old or outdated software to capitalize on, so make sure you install updates as soon as they become available, since they can close security holes that may have been exposed.
- Avoid clicking on unknown links. Whether it comes via email, a social networking site, or a text message, if a link seems unfamiliar, keep away from it. This especially goes for links that come from someone you don’t know.
- Be selective about which sites you visit. Do your best to only use known and trusted sites, as well as using a safe search plug-in like McAfee SiteAdvisor, to avoid any sites that may in fact be malicious without your knowing.
- Same goes for what apps you download. When looking for your next favorite app, make sure you only download something that checks out. Read app reviews, utilize only official app stores, and if something comes off as remotely fishy, steer clear.
- Be alert. Cybercriminals depend on laziness and inattentiveness–so prove them wrong. Don’t believe manipulative emails, don’t leave your computer unattended, and most importantly, stay educated on the kinds of malware that could come your way.