Common Types of Cyberattacks: What Is Malware?
With the advent of several sophisticated technologies, such as artificial intelligence, robotics, deep learning, and machine learning, the rate at which cyberattacks occur is unsurprisingly common.
But what is a cyberattack?
According to the International Business Machines Corporation (IBM), a cyberattack is any intentional effort to steal, expose, alter, disable, or destroy data, appliances, or other assets through unauthorised access to a network, computer system, or digital system.
Cyberattacks come in various forms, such as malware, phishing, spoofing, backdoor trojans, ransomware, password attacks, Internet of Things attacks, and crypto-jacking.
From 2021 - 2022, Australia's Cyber Security Centre (ACSC) received over 76,000 cybercrime reports, which translates to one report every 7 minutes.
The importance of cybersecurity education can not be undermined in today's world; from hiring qualified cybersecurity professionals who have completed online Masters in Information Technology and similar courses, to training employees on how to spot suspicious online behaviour, we all need to be aware of different types of cyberattacks.
Malware is the most common type of cyberattack among the various forms mentioned above, and for that reason, this issue will explore everything about malware.
What is malware?
Malware is malicious software developed by hackers to cause havoc and steal information or resources for monetary gain or sheer sabotage intent.
The intent of malware normally falls under either intelligence and intrusion, disruption and extortion, destruction or vandalism, stealing computer resources, or simply for monetary gain.
Types of malware
The growth of malware has been unprecedented. Presently, there are seven types of malware:
Virus
A virus is a type of malware that is attached to a document or file that supports macros to execute its code and spread from host to host.
Upon downloading, the virus is dormant until the file is opened and ready to use.
Viruses are designed to slow the functioning of a computer's operating system, which consequently leads to data loss.
Trojan horse virus
A Trojan horse virus is a type of malware that downloads onto a computer disguised as a legitimate program.
The delivery method typically sees a hacker use social engineering to hide malicious code within legitimate software to try and gain the user's system access with their software.
Unlike viruses, Trojan horse viruses are not designed to self-replicate.
Spyware
Just like the name goes, spyware is malicious software that enters a user's computer, gathers data from the device and user, and sends it to third parties without their consent.
This type of malware collects personal and sensitive information that it sends to advertisers, data collection firms, or malicious actors for profit.
Adware
Adware is malicious software that is used to collect data on your computer's usage and provide appropriate advertisements to you.
Adwares are not particularly harmful; however, they possess the potential to redirect your browser to unsafe sites.
Ransomware
Ransomware gains access to important data within your system, encrypts that information so that the user cannot access it, and then demands a financial payout for the data to be released.
More often than not, ransomware is part of a phishing scam, whereby by clicking a disguised link, the end user downloads the ransomware.
Fileless malware
This is a type of memory-resident malware.
Fileless malware operates from a victim's computer's memory, not from files on the hard drive.
Fileless malware includes code that does several things regular viruses can do, including data exfiltration.
Data exfiltration is a form of security breach that occurs when an individual's or company's data is copied, transferred, or retrieved from a computer or server without authorisation.
How do I detect malware?
Some apparent signs are evident when malware is resident within your system. Such signs include:
- Decline in computer performance.
- A sudden pop-up of new and unexpected network activity.
- Unauthorised and unplanned changes in system configurations.
- Security event alerts.
How do I protect myself from malware?
The effects of malware are detrimental, and as such, preventive measures have to be in place. Such measures include:
- Installing antivirus software such as Microsoft Defender, Norton 360, or McAfee Total Protection.
- Installing firewalls such as Network-Based firewalls, application firewalls, or proxy servers.
- Installing security information and event management (SIEM) platforms makes it easier to spot subtle signs of malware.
- Installing security orchestration, automation, and response (SOAR) platforms, which are important for automated responses to malware in real life.
- Installing endpoint detection and response (EDR) platforms, which can automatically respond to malware.
- Installing extended detection and response (XDR) platforms, which are useful for the automated search and response to malware.
- Installing attack surface management (ASM) tools.
- Installing unified endpoint management (UEM) software.
Conclusion
Malware is undoubtedly a great source of worry for the majority of computer users.
The financial burden attributed to malware is appalling; in November 2020, one cybersecurity company estimated that global cybercrime costs will grow by 15% per year over the next few years, reaching US$10.5 trillion annually by 2025, up from US$3 trillion in 2015.
We must all endeavour to prevent malware from developing its wings and spreading.