Know Your Enemy: A Quick Guide to Malware Attacks
Today, the field of opportunity for cybercriminals has never looked greener. As teams scrambled to maintain continuity while working from home, some opted to shortcut security — so it’s no surprise that cybercrime skyrocketed.
Cybercrime can come in many forms; one of the most common being malware. Short for "malicious software",malware is any type of software (including mobile apps) designed to harm, disrupt, or exploit a device or network. Malware is often used to steal confidential information or damage important files or systems. It can even be used to take devices "hostage."
If that doesn’t scare you, the financial risk will. With an average total cost of $4.52 million in expenses and lost business, destructive malware breaches can deal a lethal blow for many organizations.
So what can you do to prevent it? In addition to having strong security and malware protection built into your most vital systems, it’s also important to understand the types of malware threats that are out there and how they happen, so that you can be better prepared to prevent them.
How Malware Attacks Happen
There are numerous ways that bad actors can infiltrate your system, gain access to confidential information, and wreak havoc. But when it comes to malicious software, the email inbox is the primary battlefield where 94% of malware gets delivered.
To help you better understand and avoid malware attacks, we’ll show you some of the most common ways that cybercriminals target users and systems.
The unfortunate truth is that protecting your systems isn’t always enough. That’s because the system isn’t usually the weak spot in your defense — it’s the users. Why would a hacker waste time and energy trying to break down the door when all they have to do is get someone inside to unlock it?
Social engineering is how cybercriminals trick people into handing over the keys to the castle (i.e. confidential information or login credentials). Once they’re able to get past an organization’s security defenses, they can launch a crippling malware attack.
One common form of social engineering is called phishing. Phishing attacks are designed to lure users to reveal sensitive information via email or a malicious website. These attacks can also happen over the phone (voice phishing or “vishing”) or through SMS messaging (“smishing”).
With a phishing attack, the perpetrator will often pose as a reputable or authoritative organization. For example, if you’ve ever received a suspicious call from “the IRS” requesting information about your financial accounts, or if a Nigerian prince needs your help safeguarding a massive fortune… Congratulations, you’ve been a phishing target.
But even email users who won’t fall for the more obvious scams can easily get tricked into opening a file or clicking a link that contains dangerous malware and gives cybercriminals access to confidential data.
Of course, there are many other ways that a malicious actor can gain access to your device or network. One of these is to find and exploit vulnerabilities in your system. Even organizations with the most advanced security posture are not totally immune to cyber threats. That’s because the security landscape is constantly changing as new technologies and new threats emerge.
Cyber criminals will always be looking for security gaps and system flaws — any weak point that they can exploit, such as:
- Network misconfigurations
- Weak data encryption
- Unpatched or outdated software
- Poor password hygiene
And once a bad actor is inside your system, they can be difficult to stop.
11 Types of Malware You Should Know About
In addition to understanding how malware ends up on your computer or device, it’s important to recognize the different types of malware and what they do. This may help you find the right solutions faster if you’re ever the victim of a malware attack.
In Homer’s epic poem The Odyssey, a band of Greek warriors are able to infiltrate and overtake the city of Troy by hiding inside a large wooden horse.
Like those warriors, “Trojan Horse” malware disguises itself as an innocuous file or program. But once a user opens the file, a malicious program is released onto their device or system. Trojans can allow hackers to access devices and networks remotely and capture or destroy your data.
Spyware is another variety of malware that looks trustworthy. In fact, it’s often packaged as a free game, music/video file, or other application.
But while it may seem benign on the surface, behind the scenes it’s definitely not. Once downloaded, spyware begins monitoring your online activity, capturing confidential or personal information, and sharing it with other entities — maybe just advertisers, but maybe criminals.
If you’ve ever been victimized by a barrage of unwelcome popups, you’ve probably experienced adware. Generally speaking, adware is somewhat less malicious than other forms of malware. Its primary goal is to send targeted advertisements that entice users to click.
That said, adware can still be plenty harmful as it tends to take over a device’s processing power, slow down its internet connection, and cause programs to freeze or crash.
Rootkits function like an invisibility cloak by giving people and programs privileged (i.e. administrator-level) access to a device, while hiding their existence. This makes them incredibly difficult to detect.
Although rootkits aren’t inherently dangerous by themselves, cybercriminals can use rootkits to clandestinely place malware on your computer — or worse.
As you might have guessed, the defining feature of ransomware is the word “ransom.” With this type of malware, a criminal takes control of a device or network, locks the victims out, and demands a ransom (often to be paid in cryptocurrency).
The criminal may hold the entire system hostage until they receive payment, or they may threaten to release or destroy important information if the victim doesn’t pay the ransom by a certain deadline.
If you think you’re an unlikely target for ransomware, think again: research indicates that as many as 70% of malware payloads contain ransomware.
Like other forms of malware, worms can damage files, steal data, give hackers access to your device, and more.
But what makes worms particularly pernicious is that they can replicate themselves without any extra help from humans. Worms start by attacking one device, but they can quickly spread across entire computer networks — other users don’t have to click, open, or download the malicious program to be infected. “Opening a can of worms” indeed.
Keyloggers are a specific type of spyware that capture one type of information: your keystrokes.
While it might seem like a bunch of garbled data to you, hackers can easily pull out usernames, passwords, credit card numbers, and other personal identifiable information (PII) which they can later use to steal your identity or commit fraud.
8. Fileless Malware
Most forms of malware rely on custom files to operate, which can help anti-malware or antivirus products identify and block them. But fileless malware uses trusted, legitimate tools to attack your system — often those that are pre-installed on your device by default and used frequently.
Because they’re so difficult to detect, fileless malware attacks are a particularly dangerous threat.
9. Mobile Malware
Mobile malware is a catch-all term for malicious software that targets mobile devices like smartphones and tablets. However, mobile malware can take the form of spyware, madware (mobile adware), viruses, trojans, and more.
10. Bots and Botnets
The internet is filled with bots — that is, “robotic” programs that perform repetitive tasks automatically. Good bots can help with everything from improving search engine results to speeding up customer service interactions.
But bots can also be used for malicious purposes. Like worms, bad web bots (also called crawlers or spiders) can be used to self-propagate and spread malware across multiple devices and networks.
Attackers can use bots to remotely take control of devices, log keystrokes, access webcams and microphones, launch DDoS attacks, mine cryptocurrency… and of course, spread more bots. When a hacker uses bots to create and control multiple “zombie computers”, it’s called a botnet.
11. Logic Bombs
Most malware gets straight to work the moment it infects your device. But logic bombs are patient. These attacks lay dormant until certain conditions are met, and only then will they unleash their wrath — corrupting files, wiping hard drives, and the like.
The attack trigger could be just about anything: a meaningful date/time, or an event such as an employee termination. (In fact, the “disgruntled employee” is a profile that’s often associated with logic bombs.)
How NetDocuments Can Help
As the leading cloud-based document management system (DMS), we work hard to provide best-in-class security for our customers, and that means keeping you safe from malware attacks. We make it a priority to stay on top of emerging threats, rapidly deploying automatic updates and security patches when needed.
We also recognize that external parties aren’t the only security threat to your firm or organization. That’s why our platform is designed to prevent unauthorized user access and actions to your most important documents and data — regardless of whether they’re unintentional or malicious.