Everyone’s heard of the “classic” computer virus… Clicking on that dodgy link your friend sent you in a funny email—that’s old news by now. With sophisticated new security solutions stopping traditional attacks, cybercriminals have had to turn to different methods to get what they want from your system. You don’t just have to watch out for viruses anymore; attackers have developed lots of different threats to penetrate your defenses. Whether through technology or through tricking your users, the black hats are still finding a way in.
We often hear of these new or zero-day attacks targeting large enterprises but, in reality, everyone is at risk. In fact, research has shown small business to be a common target during cyber-attacks. In 2019, malware attacks were responsible on average for $200,000 of damage for businesses, with 60% of small businesses folding within six months as a consequence.
The threat is compounded by small businesses not having the right defenses in place to protect against malware. A recent study found that only a fifth of organizations provide ongoing education when it comes to cybersecurity awareness. Combining this the continuing evolution of attack methods, having the right defenses in place is vital when protecting your organization against all types of cybercrime. In this article, we’re going to take a look at the most common types of malware, how to spot them, and the ways which you can defend your system against them.
What Is Malware?
Malware, short for malicious software, is designed to infect a user’s endpoint and cause damage, which can lead to loss and theft of private or sensitive data. It’s a blanket term that covers a huge number of different forms and varieties, such as viruses, trojans, spyware, ransomware, adware, scareware, rootkits, cryptominers and logic bombs. Malware can be responsible for killing your computer’s productivity, stealing sensitive data, and even spying on what you’re doing!
Because of this, malware can be hugely devastating for small businesses, who may not have the architecture in place to effectively prevent their systems from being compromised. Ransomware can be particularly dangerous for SMBs, as it can cost companies millions of dollars in lost time and network damage.
In this section, we’ll have a brief look at the types of malware listed above, how they spread and the damage they can cause.
Viruses
The most common computer infection, viruses hijack your computer’s files, corrupt them, and proceed to spread to other files in your system, both slowing PC performance, and damaging and destroying files. This can lead to complications down the line, like unbootable PCs, but also immediate issues such as the copying of passwords. If they manage to steal a password, an attacker can compromise critical business processes and developments. Just like real world viruses, computer viruses spread like wildfire, replicating themselves over and over as they spread. Catching a virus can be easy as opening an attachment, or even opening an infected email body.
Trojans
Taking its name from the classical Roman horse, Trojans infect your system by impersonating harmless files that, once downloaded, can create back doors for hackers to access your data. The majority of Trojans are spyware, so their aim is to get into your system and capture passwords, credit card information and account details. A lot of Trojans are designed to be delivered via social engineering, which is one their greatest strengths as an attack method. As a lot of standard antivirus software will secure many technical entry problems that Trojan’s can cause, hackers have had to change their approach. Using social engineering tactics, they can bypass your security defenses with the user’s permission, giving the Trojan access to your business’ files.
Social engineering attacks are difficult to spot, but there are some key indicators that you should keep an eye out for, such as a tone of urgency in the email, an unsolicited or unexpected message, and an unknown domain or sender. Flagging that free coffee offer *IF you claim it in FIVE MINUTES* might just save your business.
Ransomware
The No.1 security threat, ransomware takes some of its features from spyware, and can be highly profitable for the attacker. The threat can lock out your businesses’ endpoints or encrypt your files, leaving them unreadable. At this point, the hacker will usually demand a fee in order to grant you access back to your system. Ransomware actors don’t just steal your organization’s data—they can threaten to leak it, too. An example of this occurred in April 2021, when software giant Apple fell victim to a ransomware attack at the hands of criminal group REvil. REvil posted the schematics for a recently designed “Macbook” signed by John Adredis—an Apple designer—just after Apple’s product launch in April. The group claimed to have stolen and encrypted Apple’s local network data, demanding $50 million to return it. In recent times, the average ransom fee has increased from around $5000 in 2018, to $200,000 in 2020.And as companies continue to pay, we expect prices will continue to rise.
Spyware
Spyware is malware that spies on users, extracting their personal and financial data and online behavioral patterns. spyware is different to traditional viruses because it doesn’t self-replicate, but remains in the background and proves difficult to detect. Spyware can record keystrokes, slow your system and, in some cases, take control of your computer!
Adware
Adware is unique in that it’s an obvious, irritating flooding of pop-up advertising. Attackers both make money from clicks and can spy on your activity through it. If the attacker has access to your browsing history, they can use it to generate more targeted ads and even sell this data to third parties. Once manifested in the system, this can be a time-consuming problem that can damage your business processes.
Scareware
Scareware is very similar to phishing in that it utilizes social engineering methods to trick users into downloading infected content. Usually, the approach revolves around scaring the recipient by claiming their system is infected and needs specific antivirus software to fix it. Once clicked, the malware can force pop-ups to appear, install new applications without your permission, and render existing ones inaccessible—which can be hugely time-consuming and costly to remediate.
Rootkits
Rootkits hide in the deeper regions of the operating system and can grant someone legitimate or illegitimate access to your system. Unlike other malware, the rootkit will act like a remote desktop connection, whilst remaining hidden to the original user. As a result, hackers can gain full, unrestricted access to your system and files and, if they remain undetected, can return again and again. The latest major example of a rootkit incident came in the form of Scranos. According to Bitdefender, Scranos is malware that can steal data and password information that’s stored in your browser, leaving your business exposed to account theft and more.
Cryptomining/Cryptojacking
Cryptominers need a lot of processing power to mine currency. One way to get around this is by forcing unsuspecting people’s computers to do it for them. This is a unique form of malware as it isn’t stealing your data—rather, it utilizes your system’s processor to make the hacker money through cryptomining. It can severely damage and drain your battery, slow your PC down to a point where its unusable and drastically shorten its lifespan. In 2019, a Cybsafe study showed that around 25% of businesses had been the victims of cryptojacking.
Logic Bombs
These are pieces of code that are planted by an internal attacker—such as a system administrator, who has high-level access—and lie dormant until triggered. Once triggered, depending on what the desired effect is, the bomb can wipe hard drives, corrupt data, share personal and financial data and delete files. Every bomb is unique; they can be tailored to the attacker’s desired outcome, which also means they can be very difficult to spot.
One of the most famous examples of a logic bomb was the attack on Siemens in 2019, where a programmer forced his employers to become dependent on him. David Tinley, 62, was hired to create and manage automated spreadsheets to manage electrical equipment. He planted logic bombs that would cause the system to crash, meaning Siemens had to rehire him in order to fix it. Each time, he would fix the problem, but push the bombs back in order to secure his return. He pleaded guilty to intentionally damaging the company, facing 10 years in prison and a $250,000 fine.
How To Stop Ransomware
In 2020 alone, malware increased by 358% and there was a victim of ransomware every 10 seconds. These statistics show the importance of not only having the security measures in place to protect your business, but also awareness of all the different types of attacks that you could face.
But how do you actually stop malware attacks? With so many bases to cover, spotting and dealing with each individual threat can be a mammoth task if you’re not prepared for it. Luckily, we’re here to help!
Here are our top three recommendations for detecting and mitigating malware attacks:
Implement Endpoint Security
Endpoint security solutions provide total protection of your network against malware and malicious attacks. They aim to protect all endpoints in a system, including phones, computers or even smart fridges. Endpoint security solutions utilize encryption, powerful firewalls, and traditional antivirus software to keep points of access safe.
One key feature of endpoint security is the central management control, which allows admins to monitor and respond to threats from across the network. Admins can also roll out updates and patches, ensuring no devices on your network are running with vulnerabilities that an attacker could exploit. The best endpoint protection solutions use advanced machine learning algorithms to identify threats as soon as they enter a network—and can even detect zero-day threats that haven’t been logged before. They often include reporting and user management features too, to ensure employees keep devices secure and up to date.
You can read more about the best endpoint security solutions in our buyers’ guide.
Email Gateway Security
Email security is a top priority when it comes to defending against malware. Secure email gateways prevent malicious emails and attachments from entering your inbox. They scan all in and outbound emails, looking for suspected malware or phishing threats, and quarantine the threats they find.
Email security solutions can provide comprehensive protection from other attacks too, such as social engineering and denial of service attacks. The security features usually comprise of advanced filtering, AI and machine learning analytics tools, blacklisting and threat alerting.
Check out our recommendations for the top email security solutions here.
Security Awareness Training
Unlike our other two recommendations, security awareness training is not a technical defense—it will not stop your users from facing malware attacks themselves. Rather, what it does do is prepare users for what to do when faced with these attacks—whether via email, endpoint, or files. Security awareness training offers educational modules, testing and, often, phishing simulations to teach users to both identify threats and respond to them.
You can read more about the top security awareness training platforms here.
Summary
Malware poses a huge threat to the security of your business, whatever form it takes. And with the number of attack incidents continuing to rise, it’s important to be able to block them before they reach your systems, and mitigate them if they do bypass your firewalls. According to Mimecast, around 79% of organizations believed that their business had been harmed by lack of cybersecurity preparedness in 2021. Learning about the threats your organization is facing is the first step in preparing to stop them. The next step is implementing a security solution to actively block malware threats.
Now that you’re aware of the dangers out there, you can get to work and man the defenses, ready for the next attack. There are many solutions out there to help you protect your business, but it’s vital that you choose the right solution to suit your business’ needs. To help you get started, we’ve put together a guide to the top malware protection solutions, which you can read here.
