What is Malware?

Malware is short for ‘malicious software’ – it is a type of software designed to compromise computers and other devices for malicious purposes.

There are many different kinds of malware. Some forms of malware damage or destroy computer systems, while others allow hackers to gain access to computer systems and exfiltrate sensitive information or financial details.

Malware may infect a single device, or it may be designed to penetrate a network and infect as many devices as possible. The end results of a malware infection can range from minor inconvenience to disastrous consequences – for individuals and organizations alike.

Defend Against Malware

Types of malware

There are many types of malware that are a threat to network security. Here are some of the most common ones.

Trojan horses

A trojan horse is malware that disguises itself as something legitimate. Once the user downloads and installs trojan horse malware, the device is compromised. At this point, the device is vulnerable to attack from hackers who can spy on the device, steal data, and gain access to the network in order to launch a cyberattack.

Viruses

Viruses are usually malware-infected executable files, or similar. This type of malware is often sent as email attachments. Once activated, the virus can spread. For example, it can use applications to send out infected files to user contacts.

Ransomware

Once ransomware is installed, it restricts access to the computer and its files through encryption, demanding a payment in order to unlock them. This type of malware is one of the most profitable, increasing its popularity, especially when it comes to launching a cyberattack against bigger organizations that have enough funds to pay a large ransom.

Worms

Worms are malware designed to install themselves on a device, then move quickly to infect the entire device, and sometimes a whole network. Worms may modify or delete important files, inject other types of malware, steal data, or compromise a device so that cybercriminals can gain access.

Adware

This form of malware, also known as malvertising, presents users with unwanted advertisements, sometimes as a pop-up window, or injected into a compromised website. Adware may collect user data. This type of malware is one of the least dangerous, but it can definitely be a nuisance for end-users.

Spyware

This type of malware monitors computer use, without consent, violating online privacy – it can collect information about browsing habits, or other personal details. By monitoring online activity and constant keylogging, spyware can allow hackers to perform identity theft. It may also be used by individuals and organizations wishing to spy on other people.

How does malware infect a device?

Malware can come from a variety of different sources.

Phishing and spam emails

Spam emails and phishing attempts are one of the most common ways through which malware is able to infect a device.

Spam emails may be easy to identify – they may feature poor spelling and grammar, or unlikely stories, and they may ask directly for money or to open a suspicious attachment.

A more sophisticated phishing attempt may be far harder to detect. Persuasive phishing emails will use social engineering to encourage a user to click on a malicious link, leading to the downloading of a piece of malware. The email may look legitimate or pretend to come from an individual or organization known to the recipient.

Malware-infected USB flash drives

Malware such as worms often spread by infecting USB flash drives, or external hard drives. When the device is plugged into a computer, the malware is installed right away. This is easy to prevent – by avoiding the use of a USB flash drive that is not yours – such as one that was found, or thrown away.

Compromised websites

When a user visits a website that has been hacked, or compromised, they may inadvertently download malware to their computer. Malware often uses browser vulnerabilities in order to infect a computer.

Fake mobile applications

When a user chooses to download an untrusted application to their mobile device, they are risking malware infection.

Bundled software

When someone downloads and installs a program, there may be other, unwanted types of software bundled with it. To avoid this, users should pay careful attention during the install process and uncheck any boxes relating to the inclusion of bundles software, such as browser toolbars or the like.

File sharing applications

Malware can be spread through file transfer protocol programs (FTP) and online file sharing applications. There is an increased risk of malware infection through peer-to-peer networks, which may be used for both legal and illegal purposes.

What increases risk of malware infection?

Suspicious Internet activity

If users click on suspicious links, on compromised or malicious sites, malware may be installed on their device. To avoid this, organizations should monitor online activity on company devices, and also provide training to users in order to raise awareness of malware threats on the web.
Nowadays, with many users using their own devices to connect to the network, malicious links may even be sent through text messages, and this is something all users should be made aware of.

Using weak passwords

It’s important to implement a policy for passwords. Easily guessable passwords create an easy target for cybercriminals. Strong passwords should be used for every application and device. Security experts advise that multifactor authentication should be used wherever possible.

Using public wi-fi

Using a public wi-fi network presents a significant security risk when compared to a secured home network, as anyone can connect at any time, with no password needed. Hackers can position themselves between an unsecured end-user device and the wi-fi connection point, allowing access to all information being sent through the network, and giving the opportunity to distribute malware.

If a public network needs to be used, users should ensure their firewall is active, and avoid activities that could expose sensitive personal data, such as logging into an online bank account. If possible, a VPN should be used.

Using vulnerable software

If users are downloading software from a non-legitimate source, the software could be infected with malware, or have vulnerabilities which present a security risk. Any software that users download and install should be from a legitimate site.

Granting excessive privileges to users and apps

If an organization gives access privileges beyond what is required, it increases the chance of cyber threats, including the spread of malware. In line with the concept of zero trust, organizations should block access to all applications and resources unless they are explicitly required by a specific user or named group of users, to reduce the available attack surface.

Using the same operating system

If all users use the same operating systems, malware can spread faster. For example, a Windows device infected by a worm or trojan horse can easily spread the infection across all Windows devices. If a piece of malware exploits a vulnerability in a popular operating system, such as Windows, it then has the potential to infect a very large number of systems.

Instead, if there are different devices using a different operating system, the risk of widespread infection is reduced.

What are signs a device has been infected by malware?

Malware infections can manifest in various ways. Here are some common signs that your computer may be infected:

• Slow Performance: If your computer suddenly becomes significantly slower than usual, it could be a sign of malware.
• Unwanted Pop-Up Ads: Frequent pop-up ads, especially those that appear even when you’re not browsing the internet, may indicate malware.
• Changes in Homepage or Search Engine: Malware can alter your browser settings, changing your homepage or default search engine without your consent.
• Unexpected Software Installs: If you notice new programs or software on your computer that you didn’t install, it might be due to malware.
• High Network Activity: Unusual spikes in network activity, especially when your computer is idle, could be a sign of malware communicating with a remote server.
• Random Crashes: Frequent system crashes or unexpected reboots may be caused by malware interfering with your operating system.
• Missing or Altered Files: Malware can delete or modify files on your computer without your knowledge.

If you suspect your computer may be infected with malware, it’s essential to take immediate action to remove the threat and protect your data.

Is antivirus software enough?

Organizations may assume that traditional security software, such as anti virus and anti malware – is enough to combat malicious software, or at least prevent a computer virus from infecting a computer. However, advanced and zero day threat can often bypass antivirus software, so additional solutions are needed.

Does a secure VPN protect against malware attacks?

Even the most secure virtual private network (VPN) system won’t actually stop an end-user from downloading malware onto their computer. Nor will a VPN protect users from opening links in a phishing email.

That being said, there are still security benefits to using a VPN. When using a VPN, internet traffic is routed through an encrypted VPN tunnel. This encrypted tunnel hides the end-user’s IP address and shields online activity. It can also be used to mask a user’s location, so they can visit websites that are only available to users in other countries.

As all data sent through a VPN client is encrypted, it cannot be seen by others, which prevents cyber criminals from being able to steal data directly. Some VPN providers even include a kill switch, which disconnects a device from the internet if the VPN connection drops out, preventing sensitive data from becoming visible.

Ericom’s ZTNA: A Reliable Malware Protection Solution

Ericom’s ZTNA is the secure alternative to a VPN. Isolation-powered web and email security stops the types of advanced cyber threats that traditional detection solutions miss. Discover how Ericom can protect your network today!

ZTNA is the Secure Alternative to VPN

Internet Service Provider malware protection

A user’s internet service provider (ISP) may provide subscriptions to security software solutions that can help keep data secure and protect against malware. This may include antivirus software, and/or a firewall. An ISP may also implement security solutions at the ISP level, ensuring that potentially malicious internet traffic is stopped before it reaches the end-user.
 
 
This page was last updated in October 2023