What Is Malware and How Can We Prevent It?
As technology evolves so does crime, unfortunately. And “malware” is a bogeyman term that’s wormed its way into our computers and consciousness in recent years. But what is it, exactly? And how can we avoid falling prey to it?
The definition of malware gets simpler when you understand that it’s essentially a combination of the words “malicious” and “software”.
It’s a relatively broad term, that includes viruses, ransomware, and spyware (we’ll get to those later on).
Malware is relatively new to our collective knowledge, but the first malware attacks date back to the 1970s. However, as hacking becomes cheaper, easier and even automated, malware attacks have grown exponentially in recent years.
What malware does
Malware takes up space where it doesn’t belong. Its code created to either cause damage to a system or manipulate it (to access files or control it from the attacker’s end, for example).
It is often activated by the victim themselves – either by clicking on a link or downloading a file. This is why spam email often contains a link that the hacker wants you to click on.
Purposes of malware
There are several possible intentions and purposes for malware, none of which are going to exactly improve your life.
Typically, malware can be used to:
- Steal personal data
- Use the infected machine to send spam to others
- Spy on the infected user’s network
- Override an infected machine and control it remotely
Who makes malware?
Like most crime, online and off, the chief motive for creating malware is money. These cybercrimes might be created by one person, a localised team, or an international syndicate.
The beauty of the internet is that you can communicate and do business with anyone in the world. Sadly, this principle applies to hacking too, as criminals from anywhere can target victims in any location.
Here’s who might be developing malware and their motives:
Accessing financial details (of people and businesses) is a common form of malware attack.
Some hackers are hobbyists, bringing trolling to a new level by carrying out malware attacks for fun. Unfortunately, they can cause just as much damage as career criminals.
Another financial motive, blackmailers often contact hacking victims holding their private data or computer’s information to ransom. In some cases, the threats are false (they may not have the information they claim to), but either way, it is not recommended to pay them!
Some hackers just want to use your operating system’s resources without stealing from you. This might be to process cryptocurrencies (more on this below). This can lead to slowing down or damaging your operating system.
Computer hacking is also used for espionage, either between businesses or governments. Hackers of this type can access secret information and even – in some extreme cases – infrastructure control.
Hacking has been used in some activism cases, as activists have breached governments’ operating systems to vandalise or make a statement.
How malware spreads
A malware attack can initiate from clicking on a link, by being manually filed using an existing hard drive, being downloaded, or sent via an email or downloadable file. Once it takes hold, some attacks (discussed below) can spread right across operating systems and networks.
Types of malware
Different kinds of malware have different functions and effects. Here’s a rundown of what you might encounter if you’re unlucky enough to experience a cyberattack…
Viruses and malware are often mentioned interchangeably, but a virus is a form of malware.
Probably the best-known form of malware attack, an electronic virus works much the same way as a biological one; attacking the host’s system from within. A virus spreads throughout this system, potentially locking the device and/or corrupting files. In the worst-case scenario, a virus can corrupt or erase an entire hard drive.
One of the most famous viruses, and the biggest in history at the time, was the “ILOVEYOU” virus. It was spread via emails with declarations of love in the subject line in the year 2000, eventually corrupting millions of files and causing roughly $15 billion worth of damage.
Like many digital creations, worms are easy to understand if you look at how they get their name (cookies, for instance, get their names from fortune cookies). Earthworms, as you probably know, can multiply when split in half. And a computer virus worm works in this way too – multiplying, burrowing and spreading across network-connected devices.
In 2004, a worm called “MyDoom” infected several high-profile companies, including tech firms like Microsoft and Google. Because it went undetected for so long, eventually MyDoom became arguably the most widely spread worm of all time.
These can go undetected at first, until the worms multiply to a level where they’re using noticeable network bandwidth or server resources.
Trojans / Trojan Horses
A Trojan horse presents itself as an innocuous piece of software (often as security software, ironically), before breaching your devices’ backdoors and allowing access for other malware. In other words, it worked just like that famous giant horse that the Greeks “gifted” to their enemies in Troy.
Trojans can sit dormant in a computer system, undetected and awaiting activation. Sneaky.
A rootkit is a program that provides deep (“root”) level access for your operating system.
Remote Administration Tools (RATS)
Programs like this were originally created to aid IT support . Indeed, you might have had tech support take over your system remotely and temporarily to solve a problem for you. But this tech also gets used for malicious purposes, when hackers use RATS to take over administrative actions. These often escape early detection, as their actions can be mistaken for legitimate IT work.
Another word-meld: botnets are robot networks. They work from multiple infected computers which are controlled remotely from a single attacker. Botnets can communicate via infected computers and even use redundant or dormant servers.
Ransomware can hold an entire system hostage, shutting down a network while extorting money from a victim and may even include compromised files or data (like financial, personal or medical records, for instance). Or they may be as simple as blocking access to a computer (screen locking malware). Ransomware is also sometimes referred to as “scareware”.
Often disguised as legitimate advertisements, this approach tries to direct you to malign online ads, which in turn link to malicious sites.
This form of malware essentially snoops on your operating system. Hackers can use spyware to gain information like keyword tracking and thus passwords and login details, which would give them access to your network or personal data.
Fileless malware exploits systems and programs that are already present. They use the tools in existing, benign programs to implement their attacks. These attacks might include spying or delivering of a “payload” (such as a virus).
Probably the newest form of malware on the list, cryptojacking (or crypto-jacking, with a hyphen), involves hijacking your computer and using it for crypto-currency work. Cryptocurrency (the most famous of which is Bitcoin) is a virtual currency that needs programming systems to operate. This means verifying, adding encryptions, and so on. Some cryptominers hijack existing operating systems to process (or “mine”) the digital currency.
While it’s not as immediately devastating as some hacks on the list, crypto-jacking uses up processing power and actual power – your Mac’s fan can start whirring as your computer starts overheating. One instance of crypto-jacking often leads another.
These are among the most dangerous of malware attacks. Real bad guys. A hybrid combines two or more forms of malware, so that it might have the hidden threat of a Trojan combined with the contagion of a worm. In other cases, a hacker might use one form of attack to breach defences, before unleashing additional outbreaks.
This is malware that can change or mutate. It might have characteristics of one virus initially, before morphing into another kind of threat
How to avoid malware
Thankfully, there are actions you can take to minimize your risk of a cyberattack. Here are five of them…
1. Download and install reputable, up to date antivirus software
There are effective antivirus software products available (including ours, of course!). And it’s important to maintain reputable, modern software to stave off malicious attacks. But, you should note – antivirus software alone can’t keep you safe.
2. Keep your operating system up-to-date
On that note, don’t put off installing updates on your system when it comes to software security. Updates often include security patches and built in reactions to new forms of attack.
3. Watch out for suspicious emails and links
This is sometimes referred to as “social engineering” – hackers using our day-to-day habits and expectations to contact us and convince us to click on links. A good rule of thumb is to be suspicious of unexpected or unsolicited contact, even if they claim to be from reputable agencies (banks, government etc).
4. Browse online safely
This means using strong passwords, not using unsafe networks, and logging off from websites when you’re done (especially if you’re on a shared and/or public computer). Also, while free Wi-Fi is tempting, we would advise against browsing on free, unsecured Wi-Fi networks.
5. Run regular scans with your antivirus software
This should be a routine task, ideally every week or two. If you don’t want to miss out on using your computer while antivirus software is running, just run it at night.
Signs of a malware attack
There are some telltale or suspicious signs that your device or network is the subject of a malware attack. Things to look out for include:
- A frozen screen
- A proliferation of pop-ups
- Suspicious, ransom-related communications
- Internet speed slow downs
- Unusual sounds from your computer
Checking your system for malware
As mentioned, some sneaky viruses lay dormant or are left undetected initially. Here’s how you can scan for these unwelcome guests on your operating system…
1. Delete all temporary files on your computer. This will speed up the subsequent scan and might even catch some unwanted viruses at the same time.
2. Use security systems to run a scan for malware.
3. Follow the security app’s instructions for ridding your operating system of any malware.
Do Macs get malware?
Yes. Macs get malware. While Macs are less susceptible than PCs, there are still ways for hackers to breach your device’s defences.
Macs were relatively protected for much of their existence, but the past ten years have seen new, Mac-targeting viruses squirm their way online.
How to check for malware on your Mac
The warning signs for malware on your Mac are very similar to those for other devices, namely:
- Suspicious pop-ups
- Slower internet or processing power
- Computer freezing or frozen
It’s recommended that you install and regularly use up to date security software for your Mac. Don’t forget to carry out regular scans for unwanted malware.
Can my iPhone get malware?
Yes. The short answer, unfortunately, is yes. Smartphones are essentially pocket-sized PCs and Macs, constantly connected to the internet and thus vulnerable to the same threats. In fact, with the advent of 4G and Wi-Fi hotspots, there’s a whole separate strand of malware attacks you might now be vulnerable to.
How to check iPhone and android for virus or malware
1. Look out for pop-up ads in Safari. And never click on suspicious ones.
2. Pay attention to crashing apps.
3. Beware of unfamiliar apps. If an app is unfamiliar to you, delete it.
4. Keep an eye on your data: Unexpected extra data charges might be the result of malware running in the background.
How to protect smartphones from malware
1. Update the phone and its apps whenever prompted. Not only does this make your device run more smoothly, but security updates are a common feature too.
2. Run regular scans with appropriate security software.
3. Don’t join Wi-Fi hotspots unless you know and trust them.
Can you recover from a malware attack?
If you have been subject to a malware attack, don’t panic: you can take steps to mitigate the damage, and the sooner you act the better.
Here’s what you should do as soon as you become aware of a breach:
Firstly, disconnect all networks and connections to the internet to prevent further data leakage and to stop continued access to your operating system. If using a computer, switch off the internet immediately. If it’s a mobile device, switch to airplane mode.
2. Contact the IT department (if at work)
If a malware attack takes place at work, tell your IT department immediately so they’ll be able to take action. As outlined above, some attacks can spread beyond your device to a whole network.
3. Scan your device
Using anti-malware software (which you should hopefully have installed), scan your device for viruses and attacks to ensure that the breach can’t continue.
4. Close all online accounts
If you’re running any social media accounts in the background, log out of them immediately. For hackers, social media accounts can be a treasure trove of information that can be used to access passwords, access additional private information and even create a fake online identity using your details and pictures. And, naturally, any work or financial accounts should be logged out of immediately too.
5. Back up important files and documents
There’s never a bad time to back-up your data so ideally, this should’ve been done before any attack. For especially sensitive data, there’s a 3-2-1 backup rule: have three copies; two of which are on external media (such as external hard drives) with one offsite.
6. Change passwords
You should be changing passwords and sensitive information regularly, but this is especially important after a cyberattack. Even if you’ve had your computer repaired and were lucky enough not to lose work or sensitive information, remember there might still be someone out there with your password.
7. Reinstall your operating system
This may or may not be necessary, depending on the severity of the attack. But, you should be able to reinstall systems relatively easily – many of them are available online and some are provided on disks or drives when you purchase your computer.
Clario – leading the charge against malware
Malware is an unwelcome price to pay for living in the digital age. But with the right precautions – and the right antivirus security – you should be able to browse, work and network with peace of mind.
We’d like to stay in touch.
We’ve got something special to share! Enter your contact details below to be among the first to find out about the exciting changes we’ve got in the works as well as to receive special promotions.
Thanks for your subscription!
You’ll be the first to know about our updates. Please keep an eye on your mailbox.