Executive Summary
- In this Plain English guide, we’ll explore what malware is, how it can impact UK businesses, and how you can protect your own business. We’ll also give you the low-down on the most common types of malware attacks.
- Along with the basics of malware, we’ll also define and explore viruses, worms, trojan horses, ransomware, spyware, and more. We’ll also see how these attacks can be ‘daisy-chained’ to pose significant cyber-risks to businesses.
Introduction
Running a business is often about taking risks.
Sometimes, those risks are worth taking – like taking a brand-new product or service to market. But other times, risks are simply too great, and could result in complete disaster.
Malware falls into the latter of these two categories.
Perhaps most commonly known by the shorthand ‘computer virus’, (and that’s really just one type of malware), such attacks are becoming more frequent – with a reported 65,000 cyberattack attempts taking place every day in the UK.
As the saying goes, the best defence is a good offence, and that begins with understanding the risks.
So, let’s take a deep-dive into the world of malware and discover exactly why it poses such a danger to modern businesses.
What is malware?
Perhaps the best way to understand malware is to know what the word really means.
It’s a portmanteau for the phrase “malicious software” – and that tells a lot of the story in itself. Malware is specifically designed and coded to cause damage, steal data, or otherwise compromise computers, servers, or even full networks.
Malware often works surreptitiously, without the knowledge of the computer owner, leading to serious long-term damage which can be devastating for a business – and its customers. This damage can come in the form of lost sensitive data, stolen financial information, or even digital ransoms.
Types of malware
Not all malware is created equal. While the goal of malware is always malicious, the means by which it inflicts this damage differs depending on the type of attack.
Here’s a high-level introduction of the most common types of malware:
- Viruses are the most well-known form of malware. They are a type of program which take advantage of vulnerabilities in existing software to modify code and inserting malicious code. In this way, viruses can replicate themselves on vulnerable systems. Importantly, they must be executed to ‘infect’ a computer.
- Worms differ to viruses in that they do not need a piece of host software in order to replicate. Computer worms can spread quickly across a network, but, unlike viruses, do not corrupt or damage files directly.
- Trojan horses are a type of malware which carry out an attack by misleading users into unknowingly executed malicious code – similarly to the attack’s namesake, the trojan horse. Trojans ‘trick’ users into opening attachments or clicking links by disguising them as genuine.
- Ransomware is a more sophisticated type of malware, and is becoming more common these days, especially among business users. Once present on a computer, ransomware carries out ‘cryptoviral extortion’, which means it encrypts a user’s files to make them unusable. A pop-up will appear demanding payment to decrypt the files, often in bitcoin or other cryptocurrencies.
- Spyware is another insidious form of malware which sits quietly on a user’s computer without causing any visible problems. What spyware does commonly do is monitor a user’s activity, potentially storing sensitive information like bank details using a ‘keylogger’.
- Rootkits are a type of malware designed to grant an attacker access to the most sensitive areas of a computer. Similarly to the trojan horse, a rootkit is generally used as vanguard for another type of attack – giving the attacker access to customer details, bank information, or other protected data.
- Botnets are another sophisticated type of malware which essentially hijacks multiple computers to form a new, compromised network. Once a botnet has been created, it can be used as a “digital army” to launch Distributed Denial of Service (DDoS) attacks, which occur when so many users try to access a website simultaneously that it brings the server down. On top of this, the attacker also has full access to each individual machine – making botnets a big risk for businesses.
Why malware is such a problem for businesses
While malware can impact practically any computer system, it’s particularly important for businesses to understand how dangerous it can be.
One of the biggest reasons for this caution is that malware often doesn’t operate independently as a one-off attack. Instead, malware can be daisy-chained together in such a way that one attack opens the door and another does the damage.
Here’s an example: an attacker may code a virus which, once present on a computer, spreads through the network and effectively builds a botnet which sits undetected siphoning business-critical data, customer payment details, or even just emails travelling around the business. The most common form of payload delivery for malware is the trojan horse attack, as discussed above.
While attacks like ransomware can cause significant immediate damage to a business, especially financially, it’s often these more insidious malware attacks which do larger damage in the long run.
How to detect (and deal with) malware
It should be clear at this point that malware detection and prevention should be top of the list for any business’s cybersecurity strategy.
As a starting point for detecting malware, be on the lookout for changes such as:
- New or unexpected browser behaviours, like being redirected to a website you didn’t request or having your homepage updated without your knowledge.
- Pop-up windows appearing, even when you’re not using your web browser.
- Unexplained computer activity, such as the Task Manager showing your processor doing work even when the computer is idle.
These are all good ways to identify malware yourself, but the best option is to have cybersecurity software deployed across your network.
The conventional choice has always been anti-virus software, which can be effective – however, it’s retro-active by design. That means you won’t be able to detect malware until it’s already on your system. The better option today is Endpoint Detection and Response (EDR) – and this is what we recommend at Get Support.
To find out more about protecting your business with EDR, check out our dedicated guide to EDR.
How well-protected is your business against malware?
In a world dominated by digital, malware poses one of the biggest threats to modern businesses of all sizes. Even the smallest one-person companies are vulnerable to cyberattacks, so it’s essential you have defensive measures in place.
At Get Support, we can help you choose the right cyberattack prevention and protection solutions – and give you the IT support you need to keep them working their best for your business.
Learn more about how we could help keep your business cyber-safe by filling in the form below or calling our team now on 01865 59 4000.