Before we look to identify different types of malware, we should first consider the question: what is malware?
Malware is short for malicious software and is defined by McAfee as “a catch-all term for any type of malicious software designed to harm or exploit any programmable device, service or network.”
Often used by cybercriminals to take over network security or operating systems to reap financial gain illegally, malware has been difficult to detect and trace, but as cyber threats are evolving, so too are the ways to combat them.
Here are the main types of malware and how to prevent them from causing harm:
1. Computer Viruses
Computer viruses are usually spread via email attachments containing malicious code written to modify other programs on a device and insert its own code – thereby rendering a computer infected by the virus.
To avoid becoming a victim of a computer virus, be careful online and avoid clicking on any suspicious or unfamiliar links within emails. If an email contains an attachment from an unknown source, check with your information security team before proceeding.
Ransomware attacks have become so popular amongst cybercriminals due to their profitability. This malware installs itself onto a device and encrypts a victim’s data, blocking the use of the device and threatening to publish the user’s data until a ransom is paid.
To identify and expose ransomware attacks, ensure you have strong firewalls and endpoint protection. Keep regular back-ups of your personal and professional data, as once ransomware strikes you can easily impede it by restoring to a recent version before the attack.
3. Fileless Malware
Fileless malware is significantly more difficult to identify and remove than other malicious programs, as it is memory-based rather than file-based. Fileless malware is contained within the computers’ RAM (Random Access Memory) and hides within your operating system, remaining there as long as it’s undetected.
Anti-virus software typically won’t detect fileless malware, as there is no traditional ‘footprint’ of the virus, so the best way to identify and prevent fileless malware is the combination of endpoint detection and response solutions and behavioural techniques mentioned earlier such as; being vigilant with suspicious emails, updating security features on trusted software and showing care when downloading applications.
A computer worm is a specific type of malware attack that replicates itself and spreads to other machines within a computer network, typically exploiting the vulnerabilities or cyber security failures of a particular operating system or software.
Worms are one of the most common types of malware and do not require any user interaction to run. They tend to overload web servers and consume bandwidth, rendering the device ineffective.
A slow or crashing machine is one of the early signs of a computer worm as the bandwidth and processing power is being taken up. Early detection is vital to save the device with most anti-virus software able to remove malware such as computer worms.
5. Trojan Horse
Derived from the Ancient Greek story of the Trojan Horse used by the Greeks to enter the City of Troy, this type of malware deceives the victim by acting as a trusted application or software.
Cybercriminals can replicate trusted websites or applications to mislead victims into downloading files, which once up and running can steal data and infect your devices.
To identify and protect against trojan malware infections, it is best to update operating system software as soon as it’s available as cybercriminals target old and outdated software programs. Anti-malware software can run regular scans on your machine to detect trojan malware.
As cybercriminals become more advanced in developing malware, it becomes more complex to identify and prevent them from infecting devices. Norton believes the best advice to keep your computers, laptops, tablets and mobiles safe from malware is to;
- be careful about what email attachments you open
- be cautious when surfing and stay away from suspicious websites
- install and maintain an updated, quality antivirus program.
To hear the latest information from trusted professionals in the Cyber Security industry, register to attend the 12th annual Cyber Security & Data Protection Summit on 12th November 2021.
Public sector professionals can register for free for a limited time.