Forget about your toughest competitor, fickle customers, or changing market conditions—malware may be the biggest threat to your business. Once a malware attack makes its way into your network, it can wreak havoc for months, causing you to lose data, money, and your hard-earned reputation.
What Is Malware?
For something so dangerous and business-crippling, it's amazing how innocently malware can make its way into your network. Malware is malicious software that is usually found attached to emails, embedded in fraudulent links, hidden in ads, and lying in wait at various sites that your employees might visit on the internet. It is used to harm or exploit computers and networks so that bad actors can then steal data or money. All it takes is one wrong click for the malware to install itself and begin to execute its program.
Malware attacks are on the rise, especially in the wake of the pandemic. Malware increased 358% year over year in 2020 as the attack surface significantly increased with employees working from home. Without the protection of the corporate network—and possibly distracted by family members who also worked and learned from home—employees were far more likely to inadvertently download malware that they might have avoided before.
This comes as hackers grow more sophisticated and professional, turning malware into a major industry. In fact, cybercrime is expected to cost global businesses $10.5 trillion annually by 2025.
All malware can be used to steal data, passwords, financial information, or company trade secrets. Their differences are often in how they're designed or spread. To help you better understand the malware landscape, to follow we’ll explore the eight most common types of malware—and how your IT team can defend your organization against them.
The Most Common Types of Malware Attacks
Adware serves unwanted or malicious advertising. While relatively harmless, it can be irritating as “spammy” ads continually pop up while you work, significantly hampering your computer’s performance. In addition, these ads may lead users to download more harmful types of malware inadvertently.
To defend against adware, make sure you keep your operating system, web browser, and email clients updated so they can block known adware attacks before they are able to download and install.
2) Fileless Malware
Unlike traditional malware, which uses executable files to infect devices, fileless malware doesn't directly impact files or the file system. Instead, this type of malware uses non-file objects like Microsoft Office macros, PowerShell, WMI, and other system tools. A notable example of a fileless malware attack was Operation Cobalt Kitty, in which the OceanLotus Group infiltrated several corporations and conducted nearly six months of stealthy operations before being detected.
Because there's no executable file, it is difficult for antivirus software to protect against fileless malware. To defend against it, make sure that users only have the rights and privileges they need to do their jobs. This will help prevent cybercriminals from leveraging fireless malware to gain employee credentials and access restricted data. In addition, disable Windows programs like PowerShell for users who don't need it.
A virus infects other programs and can spread to other systems, in addition to performing its own maliciousness. The virus is attached to a file and is executed once the file is launched. The virus will then encrypt, corrupt, delete or move your data and files.
To defend against viruses, an enterprise-level antivirus solution can help you protect all your devices from a single location while maintaining central control and visibility. Make sure that you run full scans frequently and keep your antivirus definitions up to date.
Like a virus, a worm can spread itself to other devices or systems. However, a worm does not infect other programs. Worms often go after known exploits. Therefore, to protect yourself against worms you should make sure every device is updated with the latest patches. Firewalls and email filtering will also help you detect suspect files or links that may contain a worm.
A trojan program pretends to be a legitimate one, but it is in fact malicious. A trojan can't spread by itself like a virus or worm, but instead must be executed by its victim. A trojan usually comes into your network through email or is pushed to users as a link on a website. Because trojans rely on social engineering to get users to spread and download, they can be more difficult to combat.
The easiest way to defend against trojans is to never download or install a piece of software from an unknown source. Instead, make sure employees only download software from reputable developers and app stores that you have already authorized.
A bot is a software program that performs an automated task without requiring any interaction. A computer with a bot infection can spread the bot to other devices, creating a botnet. This network of bot-compromised machines can then be controlled and used to launch massive attacks by hackers, often without the device owner being aware of its role in the attack. Bots are capable of massive attacks, such as the distributed denial of service attack (DDoS) in 2018 that brought down the internet for most of the Eastern U.S.
One way to control bots is to use tools that help determine if traffic is coming from a human user or a bot. For example, you can add CAPTCHAs to your forms to prevent bots from overwhelming your site with requests. This can help you identify and separate good traffic from bad.
Ransomware attacks encrypt a device's data and holding it for ransom until the hacker is paid to release it. If the ransom isn't paid by a deadline, the hacker will threaten to delete the data—or possible expose it. Paying up may not help; often, victims lose their data even if they pay the fee. Ransomware attacks are some of the most newsworthy malware types due to their impact on hospitals, telecommunications firms, railway networks, and governmental offices. A prime example is the WannaCry attack that locked up hundreds of thousands of devices across more than 150 countries.
In addition to patching and training employees on cyber hygiene best practices to avoid having them click on malicious links, create regular off-site backups at a secure off-site facility. This will let you restore your systems quickly without paying the ransom.
Cybercriminals use spyware to monitor the activities of users. By logging the keystrokes a user inputs throughout the day, the malware can provide access to user names, passwords, and personal data.
Much like other malware, antivirus software can help you detect and eliminate spyware. You can also use anti-tracking browser extensions to keep spyware from following your users from site to site.
How To Protect Your Enterprise Against Malware
Malware exploits weaknesses in your hardware, your software, and your users. When defending against malware, IT needs to take a multi-pronged approach.
First, you must educate your users about safe technology practices. Many malware infestations are the result of social engineering attacks that get a user to actively click a link, download a file, or run a program. Security awareness training—such as Arctic Wolf Managed Security Awareness®— teaches users to avoid suspicious links and not download suspicious file. It you can go a long way in reducing your exposure to risk.
You also need to leverage the capabilities of technology to constantly search for evidence of threats and compromises, and have processes in place to remove the malware and prevent hackers from getting back in again.
Because malware is a constantly shifting target, this can be difficult to manage for organizations that don't have dedicated security expertise or resources.
Managed detection and response (MDR) services can help. MDR providers have technology for continuous monitoring and threat detection and response, along with a team of security engineers who work as an extension of your team around the clock. With threat detection and response capabilities that are part of holistic security operations offering, you can stay ahead of malware threats and respond more effectively to any malware before it causes widespread mayhem.
For more information and to get started protecting your organization against malware and other cyber threats, check out this demo.