What is Malware?

4 Dec 2024

At LoughTec, we often get asked questions about Malware, which is named so due to the fact that it is MALicious softWARE hence the combined and shortened name from malicious software to Malware.

Malware comes in various forms, each with its own unique characteristics, attack vectors and potential impacts. Here are 12 main types of malwares, including how they operate, their potential effects and some mitigation strategies.

Viruses

• Description - A virus attaches itself to legitimate programs or files and spreads when users unknowingly execute the infected file.
• How It Works - When executed, a virus replicates itself, spreading to other files or systems and often causing corruption, deletion or unauthorised data access.
• Impact - Data loss, system slowdown or total system failure.
• Mitigation - Regular software updates, antivirus software and cautious handling of email attachments, links and downloads.

Worms

• Description - Self-replicating malware that spreads through networks without user intervention.
• How It Works - Exploits network vulnerabilities, rapidly spreading across connected devices.
• Impact - Network congestion, performance degradation and widespread infection across systems.
• Mitigation - Network firewalls, regular software patching and monitoring for unusual network traffic.

Trojans

• Description - Disguises itself as legitimate software, tricking users into installing it.
• How It Works - Once installed, it can give attackers remote access, enabling data theft, spying or further malware installation.
• Impact - Data breaches, unauthorised access and financial losses.
• Mitigation - Avoid downloads from untrusted sources, use reputable antivirus software and educate users on phishing.

Ransomware

• Description - Encrypts files or locks systems, demanding a ransom to restore access.
• How It Works - Often delivered via phishing emails, ransomware encrypts data, leaving it inaccessible until payment is made.
• Impact - Loss of critical data, financial costs and business disruption.
• Mitigation - Regular backups, ransomware-specific security software and cautious email handling.

Spyware

• Description - Covertly monitors user activities, collecting sensitive data.
• How It Works - Collects keystrokes, browsing habits, and personal data to transmit back to the attacker.
• Impact - Privacy invasion, identity theft and unauthorised financial transactions.
• Mitigation - Use anti-spyware tools, regularly update software and educate users on avoiding suspicious downloads.

Adware

• Description - Displays unwanted ads, often slowing down systems and exposing users to more malware.
• How It Works - Tracks browsing behaviour to show ads, sometimes redirecting users to malicious sites.
• Impact - System slowdowns, excessive data usage and exposure to additional malware.
• Mitigation - Use ad-blocking software, avoid suspicious downloads and regularly clean the browser.

Rootkits

• Description - Provides attackers with administrator-level access while concealing itself.
• How It Works - Installs itself deep in the system to avoid detection, allowing long-term unauthorised access.
• Impact - Full system compromise, data theft and further malware deployment.
• Mitigation - System hardening, intrusion detection software and avoiding downloads from untrusted sources.

Bots and Botnets

• Description - Turns devices into “bots” controlled by attackers, often used collectively in botnets for large-scale attacks.
• How It Works - Bots wait for commands from an attacker, which can include launching Distributed Denial of Service (DDoS) attacks.
• Impact - Network disruptions, potential data breaches and blacklisting by other networks.
• Mitigation - Firewalls, botnet detection software and ensuring system patches and updates.

Keyloggers

• Description - Records keystrokes to capture sensitive data, like passwords and credit card numbers.
• How It Works - Runs in the background, logging keystrokes and sending data to attackers.
• Impact - Stolen credentials, identity theft and unauthorised financial transactions.
• Mitigation - Anti-keylogger software, using virtual keyboards for sensitive input and monitoring for suspicious activities.

Fileless Malware

• Description - Operates in memory without leaving traces in the file system.
• How It Works - Exploits legitimate applications and resides in memory, making it difficult to detect.
• Impact - Stealthy data breaches, unauthorised access and system compromise.
• Mitigation - Advanced threat detection, regular monitoring of memory processes and timely application updates.

Scareware

• Description - Tricks users into thinking their system is infected, prompting them to install fake security software.
• How It Works - Displays alarming messages to scare users into paying for “protection.”
• Impact - Financial loss, system slowdowns and exposure to further malware.
• Mitigation - Educate users on scareware tactics, avoid suspicious pop-ups and use reputable security software.

Cryptojacking

• Description - Uses system resources to mine cryptocurrency without permission.
• How It Works - Often runs in the background, draining resources like CPU and power.
• Impact - System slowdowns, increased energy costs and reduced device lifespan.
• Mitigation - Use cryptojacking protection software, monitor for resource spikes and apply software patches.

General Best Practices for Malware Prevention

• Update Systems Regularly - Apply patches and updates to fix vulnerabilities.
• Use Security Software - Employ antivirus, anti-malware and firewall protection.
• Educate Users - Train employees to recognise phishing and social engineering attempts.
• Regular Backups - Ensure backups are frequent, secure and offline where possible.
• Access Controls - Limit user permissions to reduce potential damage from infections.

Understanding the risks and implementing these above practices can help provide a robust defence against the diverse types of malware whilst minimising potential impacts.

LoughTec are cyber security experts, if you want to find out more on how LoughTec can help protect your business, see some options below.

• Click the hyperlink to find out more about how much a cyber attack could potentially cost your business.
• Click the hyperlink to find out more about Staff Cyber Security Awareness Training.
• Click the hyperlink to find out more about Ransomware Protection.
• Click the hyperlink to find out more about Security Operations Centre SOC 24-7-365 protection.