Business owners and lay people have heard the term “malware” for the past 20+ years. We know that it’s a bad thing to have on your computer, but most people don’t know everything it encompasses. For example, ransomware is a type of malware. Hackers and those who perpetuate everything bad about the internet use malware for a variety of reasons, ranging from stealing your identity to extortion. Today, we’re going to get into the nitty gritty of what malware is.
Malware can be anything from a virus to a worm. It can be a trojan or adware, it can send emails or steal compute or be used for cryptomining. There are a lot of ways that malware can hurt you, from spamming you with ads to trashing your entire system.
The most traditional form of malware is a virus. A virus is essentially code that is run on your computer that you don’t want run and is usually used for nefarious purposes. Malware worms generally self-replicate and pass itself on to other systems. A trojan is basically a virus that is disguised as something else that is good, it typically lays dormant for awhile. Trojan’s can be something you believe is safe that you let in the front door and then it does something bad like take over your whole system. Adware blasts your computer with ads and can use your computer to send spam.
The range of malware and the damage it does is wide and far-reaching. From things mentioned above to stealing all of your money, stealing your identity, using your computer and your power to attack governments large infrastructure facilities. It can be designed to do so many things, which is why you have to really pay attention to what you click on.
The two most common malware attacks today are modernized versions of classic attacks. First, it used to be that nefarious evil doers would pass an image or send a link, you would click on it or open it and your computer would become infected. This practice has morphed into highly adept social engineering. It typically comes in the form of an email that looks, smells and passes almost all tests that we have been taught to identify malicious emails. If you click on the link or image in that email, it may even take you to a site that looks like a legitimate mirror image of whatever brand they are posing to be. You think it’s the real deal and end up downloading a file that is part of a bundle that has a nefarious package in it, and that nefarious package will infect your computer. Often, that package will lay dormant for some period of time until a master server out on the internet, via a back door that was left open by the malware package, sweeps in and activates the malware to do something. Unbeknownst to you, you have downloaded a Trojan that has sat there dormant until it very much isn’t one day.
The second vector in existence today is a self-imposed vector. When we first started on the internet, we downloaded a lot of things. For example, music. Remember Napster? Then there was the advent of bit torrents to download files. It was “safer” because the files were constructed from a variety of sources and in order for a virus to get passed through them, every source would have to have the virus. Bit torrents weren’t just used for music, but other files as well.
Today we have cell phones and tablets. Our need to solve every problem we have as quickly as possible is in our hands, so is our desire to be part of the new fad or to entertain ourselves or keep our fingers busy (there are apps for this…we know). Whatever the reason, when we use phones and tables, we are willing to download almost anything. But here’s the kicker: Cell phones and tablets generally do not have anti-malware software.
People assume that because they’re downloading something from the vendor (iTunes, Google Play, etc.) store and not from a website, that the app has been screened and scanned. The truth is, those apps may have been screened and scanned for things, but what no one has told you is that many of those programs, especially ones from random 3rd party sources, are scanned for nefarious KNOWN viruses, worms, malware, etc. They are not scanning for that developer, or group of developers, putting in a back door or misusing their access, which becomes the front door to your data and your information. Whatever you’re doing on your phone is exposed and it gives them the ability to manipulate things on your phone. In many cases, your phone is more valuable than your desktop because it is access to your entire world.
We must remain vigilant in what we download, no matter what device we are using. We have become “too busy” as a society and feel that we don’t have time to dig deeper than what we see. But we have to make time, because malware is more than “just” a virus. It encompasses a lot of nasty things that can really trash your system and render it useless. In today’s world of technology where our lives basically run on code, the last thing you need is malware destroying your devices when it could have been prevented!