Popular Types of Malware Continuing to Cause Trouble
With more people working from home in 2020 than ever before, the risk presented by cyber-attacks is at an all-time high. This influx of individuals telecommuting without being adequately informed about or properly prepared for lurking cyber threats has created a spike in malicious activity, meaning remote workers need to understand the types of harmful software that can impact them and how they can better defend themselves.
These types of malicious activity are often loosely referred to as “malware,” short for “malicious software.” Because malware can come in many different forms and is used in a myriad of strategies to try to infiltrate a user’s systems, we’re going to look at some of the more popular examples of malware. In doing so, we hope individuals and organizations whose working conditions have been impacted by the pandemic can better understand how to protect themselves from cyber threats.
Types of Malware
The term “virus” is commonly used interchangeably with “malware.” This is partially true as a virus is a type of malware, but not all malware programs are viruses. Norton explains a computer virus is a malicious code or program that alters the way a computer operates and can spread from one computer to another. To succeed, a virus modifies legitimate host files in a way that enables its victims’ files, when executed, also to implement the virus. Another identifier for a virus is that it is the only type of malware that “infects” other files by replicating itself. This makes viruses difficult to clean up, and oftentimes, the most successful way to remove a virus is to delete the originally infected file completely.
A worm is a form of malware that became popular with the rise of email in the ’90s, mainly as an attachment. This impacted businesses particularly hard as a single individual could open a wormed email and soon the entire organization would be infected. CSO Online describes worms as particularly scary because they can spread without end-user action. Unlike viruses, which require a user to start the process before they can infect other files, worm malware succeeds autonomously by exploiting automated parts of an operating system.
Unlike worms, Trojans must be initiated by their victims to begin their attack. Often disguised as a legitimate piece of software, a trojan is typically initiated via some form of social engineering that tricks users into loading and executing it, Kaspersky explains. For example, the most popular Trojan is a fake antivirus program that makes users think they are currently infected, instructing them to run a program to clean their computers. Another popular Trojan is “Zeus Gameover.” This Trojan comes from a well-known family of malware, but it may be the most sinister of them all. This variant of Zeus looks to access sensitive banking details and steal funds. It is particularly hard to handle because it can create independent servers, bypassing centralized servers, to send information. This makes it nearly impossible for anyone to trace the stolen data.
The reason Trojans can be so devastating is because of how they spread. End-users initiating a Trojan isn’t something that can be stopped by a firewall or other traditional cyber defenses.
Ransomware is a growing issue with organizations and shows no signs of slowing down. The CISA defines ransomware as a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious individuals will then demand a ransom in exchange for decrypting the files. This is an unfortunate scenario to be in because you are at the mercy of cybercriminals who could simply decide not to cooperate even after they receive a ransom payment.
An example of a common ransomware tactic is the use of fake windows updates. Many hackers keep things simple and send emails to users instructing them to install critical Windows OS updates. As you might have guessed, these emails are ransomware in disguise. The attacker’s goal is to encrypt all your files and demand a payment to allow you to gain access to them again.
Another tricky issue regarding ransomware is that the U.S. Treasury recently said facilitating ransomware payments to sanctioned hackers may be illegal, even if the facilitators or the victim organization didn’t know that the hackers demanding ransom were subject to U.S sanctions.
To make things worse, “Ransomware as a Service” is an industry that is growing in popularity, especially during the pandemic. Malicious individuals who don’t have the know-how to carry out a sophisticated malware attack of their own can pay to have an attack done for them. This is concerning because it means that these attacks are no longer restricted to being executed by professionals. Just about anyone with intent can attempt an attack.
We don’t often think of ourselves as a line of defense against cyber-attacks, but that couldn’t be further from the truth. Although social engineering isn’t a type of malware per se, cybercriminals have adapted to using human psychology and manipulation to gain access to sensitive information. A common social engineering scenario will see a hacker contact an organization or service provider pretending to be a specific person asking questions regarding their victim’s account. The goal is to trick support teams into handing over sensitive information that can then be exploited to gain access to their victim’s accounts.
It can be a little overwhelming when you try to think of all the ways you and your data are constantly under attack, but there are some common tactics you can look to implement to safeguard yourself from a majority of these threats.
For example, be wary if you receive a suspicious email from what appears to be a high-level employee in your organization asking you to contact them directly. A safe way to check if this is a legitimate inquiry would be to reach out to the individual from a known form of contact, such as a company phone number. Never click on a link, open an attachment, or call a number that you can’t verify.
How TokenEx Negates the Impacts of Cyber-Attacks
This list of malware only scratches the surface of tactics malicious individuals use to try to access the sensitive information organizations are required to protect. TokenEx clients can rest easy knowing that our cloud-tokenization platform can virtually eliminate the risk of data theft by removing sensitive data from their environments and replacing it with nonsensitive placeholders called tokens. This tokenization process simplifies PCI Compliance, PII Compliance, Nacha Compliance, and more, while also giving the peace of mind that, if a breach were to occur, the hackers wouldn’t be able to access the original sensitive data.