What is malware? Malware in short stands for malicious software. When we look at malware as a whole, we find that it can be broken up into many different types of malicious software, which include computer viruses, ransomware, worms and Trojan horses to name but a few.
Where does malware come from and how does it work?
Malware, or malicious software, is often incorporated into other legitimate software or embedded onto a website or email. Once the user downloads and opens the seemingly safe software or opens an email riddled with malware, the malware installs itself on the 'victim's' computer.
The problem with malware is that the user may not even know the software is installed on the device until it is too late.
Malware's primary goal is to cause damage to the user. Once the malware is installed, it then has the ability to allow another party to remotely access your computer or it has the ability to execute tasks and wreak havoc on one's personal or company computer. Moreover, malware damage may include the following types of actions:
Rendering it impossible to open some or all files
Accessing your financial details and remembering key strokes, thus revealing your pin code
Ability to spread from computer to computer, corrupting a whole network of computers.
Wiping out hard drives, rendering your company or business unable to continue operating
As professionals in the computer security industry, we have seen some serious new cases of malware.
2013 saw the rise of what we now term "ransomware".
One of the biggest cases of ransomware to date was the CryptoLocker scam. This is undoubtedly one of the most devastating pieces of malware we have seen to date. CryptoLocker is malware that is contained in a zipped file attached to an email message.
Here's how it works: an email message arrives in your inbox, appearing to have been sent from a legitimate company; perhaps your bank or financial software vendor. In reality, however, the sender is anything but legitimate. Unsuspecting recipients open the zip file and then run the executable file found therein.
The Malware executable runs in the background and encrypts all of your data files, including data files on any computer on your network where you have shared permissions. Within a few hours, a message will suddenly pop up on your monitor advising that all of your data files have been locked and encrypted.
The scary part of this kind of malware is trying to get your information back. Your data is held hostage and at the mercy of the malware programmers. As with all American crime movies, someone always gets hurt. In this case, there can be one of two outcomes. Either you can pay the ransom, which is payable in Bitcoins. Alternatively, you lose your data forever.
Unfortunately, in our experience, users who have no form of backup in place lose their data forever as there is no way to decrypt this kind of malware.
Thus, the question should not be 'what is malware?' The question should be 'what is the cost of malware?'
Studies show that the cost of malware to businesses in 2013 was estimated at around 114 Billion US dollars.
When it comes to your business, can you afford downtime? Will you be able to operate if your cash flow is affected? What if your company's sensitive information has been accessed or compromised? Will you have a backup record of accounting information such as debtors who owe you money? Will deliveries or deadlines be met?
You may think malware only effects businesses. But can you afford to have your bank account cleared out or your credit card maxed out?
How does one protect themselves or their business from malware?
- Never open unexpected email attachments even if they seem to be from a legitimate company. Legitimate emails almost never contain executable files.
- Make sure that your PC is updated. Make sure you are running the latest version or update of your operating system and software packages.
- Make sure you scan flash drives and other storage devices with a good, up to date virus software. There are many great cloud based options out there.
- Be extremely cautious when installing software from the internet. Before installing the software, do some online research on the product or vendor.
- Ensure that you have an effective malware protection tool in place and that you're using the most recently updated 'malware pattern detection' version. Cloud hosted office protection solutions are the most effective tools in this regard.
- Ensure that you have an effective backup routine in place. The most effective way to ensure that this is possible is by using an online, off-site backup solution that retains a catalogue of incremental backup files. This will ensure that you'll always be able to restore data to a point before it was infected.