Malware represents one of the biggest threats to Information Security and is on the rise. Chief Information Security Officer (CISO) of Datagraphic, Mike Green, explains what malware is and what we can do to protect ourselves from it.
Understanding malware
Malware stands for malicious code and is developed by cyber-criminals to infect PCs, networks and mobile devices for the purpose of gaining access to and extracting sensitive data, typically for financial gain. Every day, more than 200,000 new malware threats are created. Malware makes up 70% of all data breaches.
The days of malware being created and released by hackers for fun and gaining notoriety are long gone. Today, malware fuels a multi-billion pound cyber-crime economy.
You are their number 1 target. Whether you are using a PC at home or at work, you are simply a tool for cyber-criminals to gain access to the data they want to steal or the systems they want to hijack. To be able to defend your data, it’s important to understand that malware writers are becoming very skillful; creating threats that evade detection by traditional security solutions. You may think your PC is defended through the installation of antivirus, firewall and email security, however this shouldn’t mean you let your guard down completely. One wrong click on a malicious link and your PC could be infected with your data at risk.
Types of malware
Viruses and trojans are tools for breaking into your PC, while others like worms, spyware and key loggers are all about snooping through a PC or network looking for particular systems to compromise and data to steal. Many data breaches involve multiple kinds of malware in a staged attack that progresses over time. One infected PC may seem like a small problem, but it can lead to big trouble for the organisation.
Other types, like bots or bot nets are all about hijacking PCs to steal computing resources to launch other cyber-attacks. Instead of paying for IT infrastructure and equipment to start a spam campaign, scammers often secretly use a network of infected PCs around the world to distribute malicious email without users even knowing.
Tip: Don’t underestimate how clever cyber-criminals have become. Their tricks are extremely effective at luring users to open infected files, click on malicious links, unwillingly share malware with colleagues, and to freely divulge sensitive data. Knowing the types of tricks and traps they use is the first step to defending yourself and the organisation from malware.