7 Things You Should Know about Malware

Industry NewbiesIndustry TrendsRisk MitigationCyber Crime
Written By Kate Esprit

1. It is an abbreviation for malicious software.

Malware is the umbrella term for any type of malicious software purposed to damage or exploit devices, services, or networks. It is widely used amongst hackers because it allows for a range of intrusive activity, including gaining access to user emails and credentials, extracting financial data, sending inappropriate content, or extorting users.

2. Malware comes in many different forms.

Malware can be manifested in numerous ways, which is why it is such a prioritized and complex issue for the cybersecurity community. Understanding the various types of malware is an important way to protecting your own devices and data.

Malware Post Table - English.JPG

To learn more about ransomware, see Phishing for Answers’ previous post, Pandemic Problems: The Rise of Ransomware Gangs.

3. It can spread without hackers having to do anything.

Some types of malware are ideal for the “lazy hacker,” as these exploits rely on user’s actions to spread the malware. Viruses and Trojan horses are dependent on end user intervention, such as opening a file or downloading an application, in order to infect devices. Other malware, such as the worm, are extremely effective given that they can damage systems without any user action.

4. Malware prefers to beacon rather than listen.

unsplash-image-LqKhnDzSF-8.jpg

Beaconing is the practice of sending regular messages from an infected host (such as a bot) to an attacker-controlled host outside of the network to communicate that the malware is ready to infect a system. Beacon communications are often sent to command and control (C2 or C&C) servers outside the network, and these servers allow an attacker to communicate with the compromised systems. This allows cybercriminals to automatically control thousands of infected devices at any given time.

Listening, on the other hand, is the use of an open port on the network that tracks which processes are waiting to service requests. Attackers can use listening ports to create backdoor connections into a targeted device. However, proper network scanning can easily detect malware running on listening ports. By matching listening ports with known services, any unknown services would immediately be flagged as suspicious.

5. How to know if your device has been affected.

According to the US Federal Trade Commission (FTC), the first sign that a device has been affected by malware is the display of unusual behavior. Below are some common manifestations of a device that has been infected by malware:

  • Appearance of inappropriate pop-ups or ads that inhibit the content of a webpage

  • Repeated stalling, crashing, or display of error messages

  • Inability to remove software

  • Device does not shut down or restart

  • Displays new tabs or websites that you did not open, or utilizes a new search engine

  • Emails that you did not write are sent

  • Battery life expires more often than is normal

  • Appearance of ads in unusual places, such as government website

6. It is not 100% bulletproof.

unsplash-image--jCY4oEMA3o.jpg

Although malware can certainly be tricky to detect, there are preventative tools available to individual users and to businesses in order to protect networks.

Identifying malware requires regular network scanning – this is a process that detects active devices on a network. The 3 main objectives of network scanning are: to look for live devices or operating systems (OS) in use, open and closed ports, and system vulnerabilities. Anti-virus software can maintain repositories of known malicious signatures of viruses and worms, so that every file in a device is scanned for these known signatures.

Additionally, enterprise networks should have firewall protection to help control hack attempts from outside the network. Firewalls can also ensure that internal users do not access any harmful websites or send sensitive data outside of the network.

7. You can protect yourself from malware with some simple practices.

Here are some cybersecure practices to help users avoid falling victim to malware:

  • Avoid clicking on pop-up windows or ads that contain warnings about your computer’s performance (this is a common method used by scammers)

  • Do not click on links or download attachments sent via email or text message, instead type the URL directly into your browser.

  • Pay attention to your browser’s security warnings.

  • Avoid installing new software from untrustworthy sources and decline the installation of bundled software.

  • Do not download files on removable external drives like Universal Serial Bus (USB) drives or hard drives.

  • For parents whose children have access to smartphones, tablets and computers, ensure that proper parental control software is installed.

Want to learn more about a specific aspect of cybersecurity? Leave a comment down below to recommend future content on Phishing for Answers!

Kate Esprit
Previous

Crisis in Afghanistan: The Cybersecurity Perspective
Next

Augmented and Virtual Reality: Innovative or Destructive?