March 20, 2017
This week we will take a deeper dive into malware – the short name for malicious software that attempts to install itself on your computer or mobile device.
One of the most prevalent tools used by today’s hackers, malware can be designed to extract your personal information and passwords, steal money from your bank and Paypal accounts or even prevent you from accessing your device until a ransom is paid – more widely known as ransomware!
Some malware is purely designed to irritate the end user by limiting or preventing access to a device or application – generally these types of malware can be relatively easily removed – we will look at removal later. Let’s take a look at malware in the context of our three key concepts, as described in our previous article – threats, vulnerabilities and impacts.
Malware threats and their related impacts come in a variety of differing forms including: adware, a malicious software that creates potentially harmful, and extremely irritating, pop-up advertisements on your device; browser hijackers that change your browser settings, often redirecting your searches to different websites or changing your homepage or search engine without your permission; keyloggers which secretly log your keystrokes as you type, stealing your personal information, bank account details and passwords etc. – the personal impact of this type of malware can be quite severe; rootkits are programmes designed to provide hackers with administrative access to your computer without your knowledge; ransomware restricts access to your computer system and demands that a ransom is paid to remove the restriction; spyware collects surfing habits and internet browsing history, or personal information such as credit card numbers; a Trojan horse is a type of virus that pretends to be something useful, helpful, or fun while actually causing harm or stealing data, often attached to free games; and worms which are self-replicating programs that spread through networks of machines consuming your device resources and slowing down your networks.
So how do we fall susceptible to malware? Well, I hate to say this, but the greatest vulnerability is you, the end user, and your unprotected devices. End user education is the key to keeping your information safe and this is one area within cyber security where just a little knowledge goes a long way. If you know about the threat, the potential for impact and your potential vulnerabilities then you can easily protect yourself and your devices from such vulnerabilities – thereby mitigating the threat from malware.
Good ‘house-keeping’ will mitigate most general threats from malware and viruses – keeping your device software, applications, operating systems and firmware up to date; downloading security patches and updates from your trusted software and hardware providers as and when prompted. Malware has taken hold because we as consumers are lazy when it comes to updating our devices – a staggering 40 per cent of consumers have NEVER updated their device firmware leaving them open to the various back doors and loop holes that Malware developers bank on exploiting – and it’s big business, and not just for the criminals.
The anti malware industry is predicted to more than double from $8 billion in 2016 to $17 billion by 2021 – again it is the consumer and enterprise that are footing the bill. According to Malwarebytes 2016 report, ransomware is the fastest growing malware problem with a staggering 267 per cent increase in 2016 alone.
Mitigating the vast majority of these risks and vulnerabilities is simple and free – DO keep your systems up to date when prompted e.g. Windows and Android/IOS updates, and install a reputable antivirus software – there are plenty of free anti-virus programs available including Avast, TotalAV and BitDefender. DON’T click on unknown links within emails and whilst browsing the web; be sure and aware of what you are clicking on! DO check your devices – if your device is running slow for no apparent reason and lacks resources it is likely you already have some malware running. If you think you already have malware, download Malwarebytes free scanning tool, the full version is free for 14 days and then reverts to a lesser free version thereafter, but it will conduct a full initial scan, removing any detected malware for free and is updated to detect the latest malware threats on a daily basis. So, just a couple of minutes on device housekeeping every so often could save you from an awful big headache in the future – stay safe and secure!
Next time: Phishing and Spear Phishing.
Disclaimer: The views expressed above are the author’s own