According to Verizon’s 2019 Data Breach Report, 28% of data breaches involve malware. This dangerous software threatens every organization and is becoming more common every day. Companies must work hard to prevent malware infections in order to:
- Protect sensitive information and critical business workflows
- Maintain the trust of customers, partners, and shareholders
- Prevent huge monetary losses due to damage or ransom payments
Here, we’ll cover the basics of malware, the different types of malware, and tips for securing your network against it:
Malware is software that infects computer systems to damage, disable or exploit the computer or network to:
- Steal, encrypt or delete sensitive information
- Hijack or alter core system functions
- Monitor user activity without permission
- Extort money
- Introduce spam or forced advertising
How is malware distributed?
Malware is typically distributed via:
- Email attachments
- Fake internet ads
- Infected applications or websites
Often, users are tricked into downloading malware with links or pop-ups that seem legitimate such as:
- Flashing messages like, “Your computer has been infected! Click here to run a scan!”
- Unknown applications that purport to convert files, unzip files or find discounts
- “Gifts” or “prizes” offered for clicking a button
Clicking the link or button directs the user to a website that automatically installs malware onto their computer.
How do you know you have malware?
A device that has been infected often has symptoms such as:
- Unusually slow or frozen system functionality
- Spam and pop-up ads
- Frequent system crashes
- Unknown icons on the desktop
- Redirection from a popular website to an unknown one
- New files or folders created without your permission
There are several major types of malware to keep an eye out for:
- Adware — Adware automatically delivers advertisements to generate revenue for its creator or a third party. It is often used in conjunction with spyware.
- Backdoor (trapdoor) — A backdoor allows cybercriminals to access a computer without the user’s knowledge. Backdoors are meant for future use and can remain in a system for years without being noticed.
- Rogueware — Rogueware misleads users into believing their device is infected so they will click on a fake warning, which promptly installs malware.
- Ransomware — Ransomware restricts users from accessing a system or its data, and often threatens to publish or delete data, until ransom is paid. Locker ransomware restricts access to the infected device, while crypto ransomware restricts access to stored data and files.
- Spyware — Spyware is designed to gather information about a user or business. Once installed, it can log keystrokes and extract sensitive information. Spyware can also enable hackers to watch and listen through cameras and microphones.
- Trojan horse — A Trojan horse imitates legitimate software to deceive users into installing other malware.
- Virus — The oldest type of malware, viruses alters the way a computer operates. A virus can replicate itself and spread to other devices, but it must be attached to another program or executed by a user action.
- Worm — Worms are the most common type of malware and one of the most dangerous, because they can replicate themselves without being attached to a program or run by a user.
There are no ways to prevent malware attacks but there are reliable ways to detect and block attacks, thus protecting your systems from being infected by malicious software.
1. Install anti-virus and anti-spyware software.
Anti-virus and anti-spyware programs scan computer files to identify and remove malware. Be sure to:
- Keep your security tools updated.
- Immediately remove detected malware.
- Audit your files for missing data, errors, and unauthorized additions.
2. Use secure authentication methods.
The following best practices help keep accounts safe:
- Require strong passwords with at least eight characters, including an uppercase letter, a lowercase letter, a number and a symbol in each password.
- Enable multi-factor authentication, such as a PIN or security questions in addition to a password.
- Use biometric tools like fingerprints, voiceprints, facial recognition and iris scans.
- Never save passwords on a computer or network. Use a secure password manager if needed.
3. Use administrator accounts only when absolutely necessary.
Malware often has the same privileges as the active user. Non-administrator accounts are usually blocked from accessing the most sensitive parts of a computer or network system. Therefore:
- Avoid using administrative privileges to browse the web or check email.
- Log in as an administrator only to perform administrative tasks, such as to make configuration changes.
- Install software using administrator credentials only after you have validated that the software is legitimate and secure.
4. Keep software updated.
No software package is completely safe against malware. However, software vendors regularly provide patches and updates to close whatever new vulnerabilities show up. As a best practice, validate and install all new software patches:
- Regularly update your operating systems, software tools, browsers and plug-ins.
- Implement routine maintenance to ensure all software is current and check for signs of malware in log reports.
5. Control access to systems.
There are multiple ways to regulate your networks to protect against data breaches:
- Install or implement a firewall, intrusion detection system (IDS) and intrusion prevention system (IPS).
- Never use unfamiliar remote drives or media that was used on a publicly accessible device.
- Close unused ports and disable unused protocols.
- Remove inactive user accounts.
- Carefully read all licensing agreements before installing software.
6. Adhere to the least-privilege model.
Adopt and enforce the principle of least-privilege: Grant users in your organization the minimum access to system capabilities, services and data they need to complete their work.
7. Limit application privileges.
A hacker only needs an open door to infiltrate your business. Limit the number of possible entryways by restricting application privileges on your devices. Allow only the application features and functions that are absolutely necessary to get work done.
8. Implement email security and spam protection.
Email is an essential business communication tool, but it’s also a common malware channel. To reduce the risk of infection:
- Scan all incoming email messages, including attachments, for malware.
- Set spam filters to reduce unwanted emails.
- Limit user access to only company-approved links, messages and email addresses.
9. Monitor for suspicious activity.
Monitor all user accounts for suspicious activity. This includes:
- Logging all incoming and outgoing traffic
- Baselining normal user activity and proactively looking for aberrations
- Investigating unusual actions promptly
10. Educate your users.
At the end of the day, people are the best line of defense. By continually educating users, you can help reduce the risk that they will be tricked by phishing or other tactics and accidentally introduce malware into your network. In particular:
- Build awareness of common malware attacks.
- Keep users up to date on basic cybersecurity trends and best practices.
- Teach users how to recognize credible sites and what to do if they stumble onto a suspicious one.
- Encourage users to report unusual system behavior.
- Advise users to only join secure networks and to use VPNs when working outside the office.
Malware infections can be devastating for organizations. By interrupting critical workflows and stealing or encrypting crucial data, malware can cause serious financial and reputation damage. Use the 10 tips detailed here to protect yourself and your business from a malware infection. Also, perform regular backups to offline storage to make sure you can restore your data from a backup if malware hits your environment.