Types of malware in the workplace
Don't let your business get caught out by an avoidable cyber threat.
Malware, or malicious software, is an umbrella term for all harmful computer programs. Being aware of the different types of malware and how they can compromise your organisation’s security is an important first step to preventing malware in the workplace.
There are many forms of malware out there. This blog post will focus on the most common types of malware which can threaten your organisation and how to prevent them.
A computer virus is a piece of code which inserts itself within the code of another standalone program, known as the host program. It then forces the host program to take malicious action and spreads itself.
Computer viruses are often attached to an executable file or word document. They can be spread through email attachment downloads, shared files and infected websites. A common way hackers target organisations and prompt employees to download their virus is through phishing scams. You can read more phishing and other online scams here.
They are the only type of malware which “infects” other files, making them hard to clean up. Trojans are a common type of computer virus. We discuss them in more detail below.
A Trojan Horse virus is a popular choice for hackers. The virus, as the name implies, disguises itself as a legitimate program, but contains malicious instructions.
A common example of a trojan virus is a fake antivirus program. The program claims your computer is infected and prompts you to run the program to clean it.
As the above example shows, trojan viruses are hard to defend against because they are designed to trick users (which a firewall or other security defences cannot stop). They are also easy to write.
On activation, this type of computer virus can allow hackers to spy on your organisation, steal any sensitive data, and gain backdoor access into your system. This access gives hackers remote control over the infected computer – meaning they can do anything they want with it. As well as disrupting the performance of your computers or computer network, the virus also enables hackers to delete, block, modify and copy data.
Unlike computer viruses, which need an active host program or an infected and active operating system to run, worms are standalone malicious programs which can infect computer networks without human help. A distinctive trait of worms is that they are self-replicating. This makes it easy to spread from computer to computer.
Worms can make their way onto your organisation’s system through a network connection or as a downloaded file, making multiple copies of itself and infecting poorly protected computers and servers.
Computer worms commonly arrive as attachments in spam emails and instant messages. As well as modifying and deleting files, they can inject malicious software into a computer and give hackers remote access. Some worms are designed with the sole purpose of replicating itself. This can deplete system resources (e.g. hard drive space or bandwidth) and overload a shared network.
Ransomware is a type of malicious software which encrypts data. The hacker holds the data hostage until the victim pays a fee for a decryption key to be able to access the data again. It is commonly used to attack organisations. This is because organisations are more likely to pay a larger fee and more quickly as they need immediate access to files.
This kind of malware can take many forms, but is often delivered as a phishing scam. After the recipient opens the email, unsuspectingly downloads and runs the malware, hackers can encrypt all or some of the files stored on the computer.
Hackers may offer discounts for a fast response to pressure targeted organisations. Most law enforcement agencies urge against paying ransomware hackers on the basis that it encourages them to develop more. Even if payment is made, there is also no guarantee that your organisation’s files will be unlocked.
This type of malware is designed to remain hidden and unnoticed on a computer.
As well as giving hackers the ability to remotely control an infected computer, rootkits contain a range of other tools which compromises your organisation’s security. These include hijacking or subverting security software, stealing passwords and bank information.
In addition to the malware discussed above, other malicious software can take the form of spyware, adware, botnet, and much more. As technology and the way we use it changes, there will be more types of malware out there. Cybercriminals will become more savvy, so it is essential that you have the resources in place to keep your organisation’s IT systems safe.
One of the most important ways to protect your organisation against malware is to install a reliable antivirus on your computers and encourage your staff to run regular scans. Antivirus software scans computers to detect and clean the malware.
As an extra barrier against malware, installing a firewall can also be effective. A firewall prevents malicious attacks by blocking all unauthorised access to or from a private computer network.
Other ways to prevent malware
Keeping operating systems up to date is another important way of preventing malware. Outdated systems are vulnerable to attacks. You should also have a good, offline backup of all critical files (a full data back-up is included within Business Continuity). This offers protection against ransomware as you will still be able to retrieve these files in the event of an infection.
Some malware relies on social engineering. In other words, tricking people into installing and running the malware. This can make malware removal difficult as antivirus software and firewalls cannot protect against human error. Training your staff to recognise phishing, as well as having an experienced team managing your IT functions is vital.