Malware is perhaps the most widely known out of all IT security threats. Since 1986, malware has become a significant concern for enterprise users, with recent examples including the Colonial Pipeline attack, Kaseya ransomware attack, and the SolarWinds Dark Halo breach.
However, these attacks are just the tip of the iceberg, with many businesses falling victim to malware and ransomware attacks on a daily basis. According to the AV Test Institute, there are over 1 billion malware programs installed worldwide, with 560,000 new pieces detected each day.
At the same time, malware-driven ransomware attacks are also skyrocketing in frequency and severity. The average total cost of a ransomware breach is $4.62 million to fully recover.
This article will examine the reality of modern malware threats, breaking down some of the top examples of malware attacks and the steps you can take to protect your employees from unscrupulous attackers.
What is Malware Exactly?
Malware is a term used to refer to any software that has a malicious purpose once deployed to a computer, mobile device, or network. Typically, malware programs are challenging to detect as attackers will use obfuscation to disguise the compromised file as an image or PDF.
It’s important to note that while all computer viruses are considered malware, not all malware strains are computer viruses. To be a virus, the malware needs to have the ability to replicate itself and infect other machines. Likewise, ransomware it’s also considered malware due to its adversarial nature.
Types of Malware: Method of Infection
Almost all types of malware fall into one of two categories: method of infection and purpose once active. Some of the top examples of malware methods of infection are listed below:
Method of Infection
Different types of malware use different delivery methods to sidestep users’ defenses, with the infection generally occurring when a user opens a malicious executable file on their device.
- Phishing Phishing messages are the most common tactic attackers use to deliver malware to a victim’s device. Typically an attacker will send an email with a malicious malware attachment or a URL that directs the user to download a compromised file from an online storage service.
- USB Cyber criminals often leave USB drives filled with files with enticing names in public places to trick whoever finds the device into plugging it into their device and infecting it.
- Websites Hackers often use social networking sites and compromise sites to deliver malware to unsuspecting visitors who are often unaware they’ve been exposed to a threat.
- Infected Files Legitimate files and software may be infected with a virus so that once they’re opened, they’ll operate as expected and install malware on the device without the user’s knowledge.
- Network Some malware can spread to other devices in a network and look for other devices to infect once installed to a system.
Types of Malware Purpose Once Active
Different types of malware have different purposes and goals to achieve once they infect the target system.
- Steal Information This type of malware will record the keystrokes on a system to gather sensitive information such as the user’s credit card details or login credentials and send them to the attacker.
- Disruption and destruction Any malware that takes control of a device encrypts it and the files it contains until the user pays a ransom (usually in cryptocurrency). Attackers often use this type to disrupt the operations of organizations or government agencies.
- Command and Control Malicious software that hijacks a computer’s resources to conduct other illegal activities like performing cyber attacks on other targets, selling illegal goods, hosting illegal files, or even mining cryptocurrency without a user noticing.
3 Top Examples of Malware: Clop, DarkSide, and Emotet
In addition to the core types of malware listed above, there are some well-known examples of malware threats that you should be aware of in 2022:
1. Clop Ransomware
A variant of CryptoMix ransomware that’s delivered with a tool called SDBot, which is initially installed via a phishing campaign via a macro-enabled document. Once the system is compromised, the attackers search the network for connected systems to infect and then deploy the ransomware.
2. DarkSide Ransomware
In the Colonial Pipeline attack, cyber criminals used DarkSide ransomware to encrypt the organization’s data in a ransomware-as-a-service attack as part of a subscription-based model. This tactic enabled the third party to fund a pre-established ransomware framework and execute the attack.
3. Emotet
A dangerous piece of malware first detected in 2014 but stopped in 2021 that’s delivered as a Windows update that instructs users to install it. Attackers used phase emails with macro-enabled file attachments to spread it.
How to Detect and Remove Malware
Malware isn’t always easy to detect because attackers will use techniques to hide their presence for as long as possible. Many symptoms like long loading times, slow internet connections, disappearing files, and non-browser ad-pops can easily be missed by users.
The simplest way to detect and remove malware is to install antimalware software to all endpoints and devices throughout your network. It’s also a good idea to reach out to the cyber security community for advice and best practices on how to remove specific malware is one of the best ways to prepare yourself to combat modern threats.
You can also contact your antivirus solution provider to see if they have additional tools or services to help you recover from malware infection.
How to Prevent Malware Infection
While knowing how to detect and remove malware is useful, prevention is much better than a cure. Ideally, you need to aim to prevent malware through software solutions and implement comprehensive security guidelines for your users to prevent malware infections and reduce their impact.
Steps you can take include:
1. Reduce administrative privileges
Users shouldn’t have administrative privileges for their workstations to prevent them from accidentally disabling security controls or installing unwanted software.
2. Backup electronic data
Protect against ransomware threats by backing up your data so that if an attacker encrypts your files, you’ll still be able to access them,
3. File sharing
Limit the locations and services users can use to download files because free and public file sharing services are often used to spread malware disguised as other files.
4. Send regular campaigns about security awareness
Deliver security awareness training to employees regularly to teach them how to prevent malware infections and keep cyber threats top of mind across the organization.
Recap
Even though malware is something that every organization knows about, it can easily slip through the net and wreak havoc. The good news is that it’s easy to defend against if you take some simple steps to raise security awareness and proactively protect your devices with antimalware.
Cyber Security Hub: Access Exclusive Cyber Security Content
For additional resources, download the phishing Kit in the Cyber Security Hub.