Cybersecurity threats have shifted over the past few years. Where once viruses were our biggest concern, now malware has taken its place, and businesses are struggling to keep up with the ever-evolving best practices for recognising, avoiding, and dealing with malware attacks.
What Is Malware?
First things first, let’s answer the question of ‘what is malware?’ The definition of malware may be ‘malicious software’, but that covers such a wide range of evils, that it makes it just about impossible to protect against all of them without having a deeper understanding of the different types of malware out there, and how and why cyber attackers are using them. Different types of malware attacks often have very different targets, after all, and knowing which pose the biggest threats to your business will help you to effectively protect against them.
What Are The Various Types Of Malware
While this list is hardly exhaustive, there are five main types of malware that companies should be aware of. And do bear in mind that each of these malware types can make use of different techniques (like phishing mails, viruses, worm malware, and Trojan malware) as well.
• Spyware
Keyloggers, activity monitors, and Man-in-the-Middle attacks are just some examples of Spyware, a type of malware where attackers spy on and intercept data. From there, they can gain access to systems using stolen logging credentials, hold data ransom or leak it online, or simply stay hidden gathering increasing amounts of information until they’re ready to launch a wider and stronger attack.
• Scareware
Because so many people have a minimal understanding of types of malware in cyber security, they can become especially vulnerable to them. Take Scareware for example. It is a malware tactic which involves an attacker displaying warnings to potential victims, making them think that their device is already infected with a virus, and offering them software to clear it from their system.
Most people don’t understand how malware viruses work, so often they’ll see these warnings, believe them, and download the software being advertised, thinking that they’re protecting themselves when in fact it’s the software that they’re now downloading that contains malware, putting their devices and data at risk.
• Ransomware
Ransomware has been one of the biggest threats facing businesses over the past few years. Attackers gain access to business data and either encrypt it or migrate it, making it inaccessible until a ransom demand has been paid. And even one payment has been transferred, there is no guarantee that the attacker will return the information. The result is a standstill for business operations, expensive recovery fees if your company is unprepared, and the potential for major damage to your reputation. And that’s not even mentioning the fines that may apply under the POPI or GDPR Acts if personal data becomes compromised.
• Malvertising
It’s impossible to get away from advertising on the web – adverts literally follow you from page to page. But while most ads are annoying but harmless, it is not uncommon for attackers to use legitimate advertising platforms to redirect users to illicit websites where malware gets downloaded.
This is known as Malvertising, and it is a particularly dangerous cyberthreat because the platforms being used are legitimate. You don’t expect Facebook or Google ads to be unreliable or malicious, but these are exactly the kinds of tactics that attackers use to trick their victims.
• Adware
You download an app or program – one that is meant to help you work more effectively, entertain, or provide a service. It’s perfectly legitimate, but once it’s installed you start to notice your machine is not running as well as it should be. And where exactly is the data that it collects about you going?
Adware is software that often gets added to downloadable apps with the aim of marketing similar products and services. And it’s often perfectly harmless, but it can also easily be exploited by attackers who can display illicit ads that seem legit but instead install malware, or by taking advantage of vulnerabilities and software that you didn’t even know you had installed.
How Does Malware Spread?
With there being so many different types of malware in computer maintenance, there are also various different ways that it can spread within a business. Sometimes it’s through phishing emails and social engineering attacks, other times it move laterally from one infected device to another insecure one. In the case of Spyware, an attacker will often hide within a system unknown, just gathering as much data as they can before mounting a devastating attack. And then there are those vulnerabilities that exist in legitimate pieces of software that attackers take advantage of, infecting devices before software can be patched or updated.
How Can I Avoid Malware Attacks?
Now that you understand more about malware and its types, you may have an understanding of why protecting your business against such a wide range of attacks is no easy feat. But there are a few steps that you can take to keep your business and your data secure.
• Have A Backup Plan
Ensure that you’re prepared for the worst. Backing up your data regularly and having a plan in place for recovery of that data may not stop a malware attack from occurring, but it will significantly lessen the impact of one on your operations and your finances. Backing up your data will make you less susceptible to Ransomware attacks, for example, since an attacker can’t leverage data successfully when you’re able to simply switch to an alternate system or restore illicitly encrypted information from a recent backup.
• Implement Anti-Lateral Movement
One of the biggest problems that businesses experience when it comes to malware is that once an attacker gains access to one user’s credentials they’re able to access your systems and move laterally, so to speak, infecting multiple devices, servers, and platforms, and eventually bringing down your entire network. This is where using a platform like Microsoft Defender for Endpoints, and configuring effective firewalls can be a huge asset to your business. They can help you to proactively detect unusual behaviour, prevent attacks, and protect your users against malware spreading between devices.
• Effective Identity & Access Management
Another area that your business can focus on to protect your data is effectively managing your users, their devices, and the information they have access to. So many companies that move their data to the cloud and start embracing remote work take a stance of providing equal access to every one of their employees. That may be the easiest way to ensure that your teams have the data that they need to work effectively, but it certainly isn’t the most secure way to operate. Identity and Access Management, or IAM, tools like Azure AD help you to manage your data and device permission, reducing the access that a potential attacker can gain if they were to infect a single device or uncover one user’s login credentials.
• Use A Cloud Access Security Broker
There are plenty of benefits to using cloud apps and services across your business, but there is also a certain amount of risk involved, particularly when your humans start using various different cloud apps for processing data, without your IT team being aware of them. This ‘Shadow IT’ as it’s referred to, makes it more difficult for your IT team or partner to manage your data and ensure effective updates and patches across the applications that access that data. This in turn means that each unsupervised app has the potential to become a vulnerability for your business.
Thankfully, there are tools that can help you to manage cloud apps that are accessing your data. These Cloud Access Security Brokers help you to limit the negative effects of Shadow IT, manage data transfers and grants greater visibility into the apps that your team members are using and the access that they require. And best of all, Defender for Endpoints and Defender for Microsoft 365 can even act as a Cloud Access Security Broker, meaning that your existing email security and cyber security tool helps you to tackle multiple security challenges at once.
How Can You Tell If You’ve Fallen Victim To A Malware Attack?
While some types of malware may be difficult to detect, there are a few signs that you can look out for if you think that you may have fallen victim to a malware attack:
- Your machine is running slowly.
- When you open up your Task Manager, there are a lot of unfamiliar background processes running that don’t seem to be attached to a program.
- You struggle to turn your device on and off.
- You keep seeing ads popping up in new windows when you visit websites.
- Your colleagues and friends keep asking you about emails and social media messages that you don’t remember sending.
How Can Solid Systems Help?
At Solid Systems, we understand the havoc that malware and other cyberattacks can wreak for a business, and we’re here to help you protect your users, your endpoints, your emails, and ultimately your company as a whole. We believe in proactive protection, allowing you to detect and prevent attacks before they have the chance to impact your operations, and we put the best technologies in place to help you do just that. From Microsoft Defender for Endpoints and Azure Active Directory, to strategic technology planning and Disaster Recovery solutions, get in touch with Solid Systems today to secure your business against different types of malware and cyber threats.
Frequently Asked Questions (FAQs)
Because malware can infect various different areas of a device, the best practice when you think you might have fallen victim to a malware attack is to contact your IT team, or an outsourced IT partner like Solid Systems, to investigate the attack and how far the malware might have infiltrated your systems, or what data might have been compromised by it.
There are a wide range of technologies that can help you to detect and protect against all types of malware attacks. Microsoft Defender for Endpoints and Defender for Microsoft 365 are the next level of anti-virus, so to speak, using Artificial Intelligence to pinpoint unusual behaviours within your systems. These can even be set up as Cloud Access Security Brokers in order to manage the cloud apps and services that your teams are using. There are also tools like Azure Active Directory which can help you to manage your users and privileges, ensuring that the access an attacker can gain through installing malware is significantly limited.
There are so many different types of malware, and they work in such different ways that asking where malware can usually be found is a more loaded question than most people expect. It could be hidden within browser extensions, could be installed as part of adware, or an attacker could gain access to your systems via another software’s vulnerability and install malware on your device.
While you may come across a single file of malware which you are able to delete, this is unlikely to be the root cause of the malware infection within your device, and it is difficult to tell whether it would have spread laterally to other devices across your network. This is why simply deleting one file will almost never get rid of the malware across your device or your systems, and is why best practice for dealing with malware attacks, particularly if you are not an IT or technology company, is to have a partner run a System Review or assessment to determine the extent of the damage that may have been caused, and to eradicate the malware entirely.