Malware: Malware is any malicious software that aims to cause harm to a computer, system, client or computer network. Some examples are viruses, worms, Trojans, ransomware and spyware.
The ways in which a system infected with malware is affected can vary greatly. They range from harmless disruptions and attempted threats to large-scale attacks that infiltrate, paralyse or take control of entire systems on their own. All crimes committed with the help of malware are considered cybercrime. The motives behind the attacks also vary: from theft, destructiveness and extortion to surveillance and espionage. In addition, intimidation of the victims is a desired side effect - especially in the case of targeted personal attacks.
What can the malware do?
The malware can:
- steal, encrypt, modify, damage or delete sensitive data;
- Restrict access to files & information;
- Change or hijack core functions of the computer;
- monitor users' computer activity & browsing history;
- infect other systems and spread through the network;
- pave the way for the installation of further malware.
A computer virus is a type of malware designed to replicate itself and spread from device to device on the network. It usually requires a host programme. It works by attaching itself to the program and modifying it by inserting its own code. When the programme is executed, the virus code is also executed. This leads to infection and damage, and allows data and passwords to be spied on, files to be corrupted, and many other malicious activities. Perpetrators can spread viruses via email attachments, file downloads as well as via fraudulent links.
A computer worm is a type of malware that replicates itself and spreads to other computers. It uses security flaws and / or software vulnerabilities on the target computer to access it. It then uses it as a host to infect other inadequately secured computers on the network. A worm can reproduce itself without human intervention and does not need to connect to a software program to cause damage. Its main goal is to replicate and spread across the network by infecting as many computers as possible. However, perpetrators also use worms to steal data, modify and delete files, install a backdoor to allow hackers to take control of a system.
A Trojan horse or Trojan is a type of malware disguised as legitimate software. Its goal is to get the user to download it and run it on their computer. Once introduced, a Trojan aims to disrupt, damage, steal, spy on data or the network, provide backdoor access or perform some other malicious action. There are many different types of Trojans, including: Backdoor Trojans, Downloader Trojans, Exploit Trojans, Infostealer Trojans and Ransom Trojans.
Backdoor programmes allow unauthorised users to surreptitiously bypass normal security measures and authentication procedures and gain high-level user access to a computer system, software application or network. They can use malware, exploit software vulnerabilities and directly install a backdoor to gain privileged access to the device. Perpetrators use them to steal data and passwords, install additional malware, launch DDos attacks and hijack devices or servers.
Keyloggers are software programmes for monitoring activity. The software is installed on a computer and records everything the user types on the keyboard, usually without their knowledge or consent. The person operating the programme can then retrieve the recorded data. Perpetrators use keyloggers to steal passwords and/or personal and financial information, which they can then sell for profit. A keylogger can also be a hardware device.
Adware (advertising supported software) is software that generates revenue by displaying unwanted advertisements on the computer. It can implement advertising in various ways, for example as a static box ad, a banner ad, a full screen ad, a video ad or a pop-up ad. It can change the homepage of the browser and even act as spyware by collecting and reporting data about the user to sell or use for targeted advertising or user profiling.
The perpetrators use spyware to collect information and monitor the online behaviour of a person or organisation without their knowledge or permission. It then forwards this information to other parties in a way that harms the user. It can record information such as usernames and passwords, credit card numbers and browsing history.
Ransomware is a type of malware that encrypts the victim's information, making it inaccessible. The perpetrators then demand a ransom to allow access. Ransomware is often designed to spread across a network and target databases and file servers, quickly crippling an entire organisation. It is a growing threat that generates billions of euros in payments to cybercriminals and inflicts significant damage and costs on businesses and government organisations.
Best practices against malware
To successfully combat malware, companies need to make cyber security awareness, prevention and safety part of their culture.
It is very important to implement the following safety practices:
- Email security: Blocking malicious websites, emails and attachments through a multi-layered security approach and a company-approved file sharing programme;
- Regular software updates: Updates close security gaps contained in older versions;
- Regular scans and monitoring: Set up automatic scans every few days;
- Data backups and testing of recovery procedures: Backup processes are crucial to protect against data loss;
- Educate users about threat sources: According to Cybint , 95% of cyber security breaches are caused by human error. Training employees about cyber threats and how to detect them should be one of the organisation's top priorities.
Some figures on malware (Germany):
According to a 2021 study by the digital association Bitkom, for which more than 1,000 companies from all industries in Germany were surveyed, cyber attacks cause total annual damage of 223 billion euros. This sum is more than twice as high as in 2018 and 2019, when it amounted to 103 billion euros p.a..
- 88% of the companies surveyed were affected by cyberattacks in 2020 and 2021;
- 9% of companies see their business existence threatened by cyber attacks;
- Malware caused damage in 31% of companies;
- Damage caused by ransomware attacks more than quadrupled (+358%) in 2020 and 2021 compared to 2018 and 2019.
If you have not yet analysed your security level with our free application, register here!