So what is malware?
Simply put, malware is one of the most prevalent threats to computers and computer systems. Short for “malicious software,” malware is developed by hackers and covertly installed onto an organization’s digital services and systems. It takes many forms including ransomware, viruses, worms, spyware, adware, and Trojan horses.
Malware can gain entry to your network in many ways. For example, an employee can unknowingly introduce malware into your organization by clicking on a link in a phishing email or downloading content from a suspicious website. Vulnerabilities, such as unpatched systems, are also a common target of malicious programs.
Once malware has penetrated the network, threat actors can use it to steal information, encrypt systems, spy on users, and remove files. Certain malware can also spread laterally through the organization causing widespread business disruption.
Common types of malware
Let’s look at the most common types of malware.
1. Ransomware
Ransomware is the most popular and fastest growing form of malware. According to the 2022 Verizon Data Breach Investigations Report, ransomware breaches increased 13% in a single year – a jump greater than the past five years combined. The dollar amount extorted by cybercriminals is also on the rise. The average ransom has increased by 171% in the last year.
Ransomware occurs when a cybercriminal or nation state uses malware to encrypt a victim’s data until a ransom is paid. Thanks to ransomware-as-a-service tools, these attacks require little technical knowledge and are inexpensive to execute.
Ransomware attack vectors include phishing emails, malicious code hidden in web scripts, ads and pop-ups, messaging apps, text messages, and social engineering tactics.
Some example Ransomware incidents:
2. Virus
A virus is a type of malware (often transmitted via email) that attaches itself to a program that supports macros, such as Microsoft Excel. The virus then lays dormant until that program is opened, at which point the virus code is executed. A virus can be programmed to steal or corrupt data, spam the victim’s email contacts, and automatically infect other systems on a network.
3. Worm
A worm is a piece of software that infects a device via a downloaded file or network connection. Unlike a virus, a worm does not need a host program to propagate. Instead, once a connected device is infected, a worm will scan the network for security holes, replicate itself onto vulnerable machines, and keep spreading ad infinitum.
4. Spyware
As the name suggests, spyware is a form of malware that runs on a computer without the user’s knowledge. Working in the background, it monitors online activity and gathers sensitive data then forwards it to a third-party malicious actor.
Spyware is often used to steal passwords, financial information, or credentials. Spyware is very difficult for users and organizations to detect and can cause significant damage.
5. Adware
Adware is a type of malware that monitors a user’s online activity and serves up targeted advertisements. Individuals encounter adware each time they browse the internet. It is not always harmful. However, when used maliciously it can contain spyware and be used to sell personal data to threat actors.
6. Trojan
A Trojan horse is malware that disguises itself as a useful or interesting software program. Once downloaded, a trojan can install spyware, access sensitive data, steal account information, demand money, and more.
What can you do to protect against malware?
The malware threat is rising, but there are best practices you can follow to minimize the risk to avoid becoming a victim. For instance, remediating vulnerabilities in a timely manner, reducing attack surface exposure, and maintaining a relentless focus on security hygiene can measurably reduce the likelihood of a malware attack.
Because no organization is immune from malware, use Bitsight to continuously monitor your digital environment for vulnerabilities and regularly apply software patches and proper configuration management protocols. Both can contribute to a heightened risk of malware if left unattended. You can also use Bitsight’s data advantage to discover machines that may already be compromised and identify user behavior that could introduce malicious software onto your network.
Finally, since supply chains are emerging as a common avenue for ransomware attacks, take steps to maintain a continuous view of your vendors’ security postures.