This month, we shift our focus from phishing to malware, exploring its various types, purposes, and, most importantly, prevention tips. Remember, awareness is your first line of defense. Educate yourself, colleagues, family, and friends about these threats. Practice good security hygiene and stay vigilant, as cybercriminals use malware to infiltrate networks and execute malicious actions. Let’s work together to stay informed and protected
Types of malware:
Viruses are probably the most known subgroup of malware. When the infected file is executed, the virus spreads to other files. Once downloaded, the virus will lie dormant until the file is opened and in use. They are often hidden inside an executable file. Viruses attach themselves to legitimate files or programs and requires user interaction.
Worms unlike viruses do not require human interaction and can rapidly replicate and spread to any device within the network. The I Love you worm that emerged in May 2020 infected millions of computers globally, leading to an estimated $5.5 billion in damages.
Trojans masquerade as legitimate software. Users unknowingly install them when downloading free or cracked software
(Software not requiring a licence). Trojans have the ability to access, modify and delete sensitive information Trojan virus can gain access to sensitive data and then modify, block, or delete the data. Unlike viruses they are not designed to replicate.
Ransomware encrypts files on a computer or network and demands a ransom for decryption. Ransomware is commonly part of a phishing scam. Sophos’ Report (2023) on the state of ransomware in South Africa reveals that 78% of South African organizations experienced a ransomware attack in the past year. Ransomware attacks are becoming more prevalent, targeted and sophisticated.
A Keylogger (short for “keystroke logger”) is a type of malicious software that records every keystroke you make on your
computer. There are two types, with the most common been the Software Keylogger that sniffs all inputs from the
keyboard, making it ideal for stealing credentials. The introduction of WIFI and Bluetooth has made the Hardware Keylogger less suitable, however these can be embedded in PC hardware or secretly inserted between the keyboard and computer.
Fileless malware is malware that resides in memory and not on the physical hard drive, thus making it more difficult to detect. There are no files downloaded onto your hard drive, hence the term “fileless”. The injection of malware happens in memory using legitimate processes already running on the system.
The basic tactic of scareware, as the name implies is to scare, frighten or shock you into believing your system is vulnerable to attack or has been compromised. Some examples include Fake Ads, Pop Up Ads and Browser Changes. Another common scareware/scam is Tech Support Requests which can be received via a phone call, sms or email by making people believe their devices are damaged, malfunctioning or compromised.
Remember that tech support scammers can be persistent and convincing, so it’s crucial to stay vigilant and take preventive measures to avoid falling for such scams. Always verify the legitimacy of tech support calls or messages and never give out personal or financial information to unsolicited callers or online contacts.
What is the intent of Malware?
Fortinet describes the intent of malware as follows: “The motives behind the perpetrators of malware are many but they
have one thing in common, malware is intended to reward the perpetrator at the victim’s expense.”
No matter the reason sabotage, financial gain, data theft, disruption to systems, the ultimate objective of the attacker is
malicious.
Prevention of Malware
- Be vigilant/cautious with Emails
- Ensure your Antivirus is updated
- Be careful with downloads (Avoid downloads from untrusted sources) and avoid clicking on links)
- Regularly update your Operating System and other Applications.
- Backup your data to another location (Offline)
- Stay informed and Educate Employers
- Create Strong and Unique Passwords
- Enable Firewall protection