What is Malware?

Malware is an umbrella term for malicious software that is designed to harm, damage or steal information from your computer, mobile device, service or network without your knowledge or consent.

Malware can wreak havoc on your computer or device and can infect your computer like a disease, and just like a disease, it can be difficult to detect and eradicate.

Just think about it: you work hard to keep your device safe and secure, but then some twisted individual creates a piece of code that can infiltrate your system and wreak havoc. Malware can steal your personal information, such as passwords, credit card numbers and banking details, and use it for criminal purposes. It can encrypt your files and demand a ransom to unlock them, leaving you helpless and vulnerable. It can also slow down your computer, crash your system and even render it useless.

Malware comes in many different forms, and it can be disguised as innocent-looking files or programs. You might unknowingly download it from a sketchy website or receive it in an email attachment from a seemingly trustworthy source. Once it’s on your system, it can quietly and quickly spread throughout your files and folders, infecting everything in its path. You can be hit by malware through email attachments, malicious advertising on popular sites — called malvertising, — through fake software installations, infected USB drives, infected apps, text messages and most commonly, phishing emails.

Malware is constantly evolving and becoming more sophisticated. Hackers and cybercriminals are always looking for new ways to exploit vulnerabilities in computer systems and software. Even with antivirus software installed on your computer, you must be vigilant and cautious when downloading files and opening emails and if you deal with sensitive or personal data, antivirus software is not enough.

When did malware start being used?

The history of modern viruses begins in 1982 with a program called Elk Cloner, which started infecting Apple II systems. It was spread by infected floppy disks which spread to all disks attached to a system.

Viruses developed as they began to be specifically written for Microsoft’s Windows Operating System in the 90s, particularly through infectious code written in the micro language of Microsoft Word. The viruses infected documents rather than actual applications.

Worms began to develop and spread across popular instant messaging networks in the early 2000s, such as through MSN Messenger and Yahoo Messenger and they used social engineering along with a link to a malicious download for people to click. These would then infect your system and send the malicious link to everyone on your contact list.

In the late 2000s, adware attacks grew through unwanted pop-ups that could not be closed, sometimes exploiting legitimate software to spread. Around 2008, software publishers began suing adware companies for fraud and shut most of them down. Tech support scams these days employ similar tactics to these old adware attacks. After this, malware scammers began turning to social networking sites like Myspace to send fake advertisements, links to phishing pages and malicious applications. Scammers now do the same with Facebook and Twitter.

Between 2013 and 2014, a form of ransomware called CryptoLocker began targeting Windows computers, forcing victims to pay to regain access to their systems. This gave rise to the current era of ransomware attacks.

Trojans, exploits — malware that takes advantage of bugs and vulnerabilities in systems — and malvertising became popular forms of ransomware with huge outbreaks in 2017, such as the worldwide cyberattack now known as the WannaCry ransomware attack.

Crypojacking, or using someone’s device to mine cryptocurrency with the victim’s resources, became prominent in 2017, with ransomware making a comeback in 2018 when criminals began targeting large businesses.

What are the different types of malware?

There are a lot, but here are some of the most common types:

• Viruses: Often comes in an attachment through an email or attached to an online download that holds the part of the malware that performs the malicious action. Once the file is opened, the device is infected.
• Ransomware: Installs itself onto a machine, encrypts files or locks the entire device and then demands a ransom to return the data to the user. This is a particularly nefarious tactic, as it preys on people’s fear of losing their valuable files and data.
• Scareware: When messages pop up while you’re browsing the web, such as, ‘Warning: your computer is infected with a virus,’ which then scares you into clicking the link or into purchasing a fake application.
• Worms: Can copy themselves from machine to machine through weak security in software or the operating system.
• Spyware: A program installed on your device without your knowledge that collects personal information, browsing habits and details of the user. Spyware is used by government agencies, law enforcement and IT security organisations but is also available to consumers to spy on their partners, children and employees.
• Trojans: These pretend to be harmless or legitimate applications that trick users into downloading and using them which then steal personal data, crash devices, spy on the user or launch attacks.
• Adware: Unwanted and annoying advertisements that flash on the screen or come through as a new pop-up window.
• Fileless Malware: These use legitimate programs to infect devices and are difficult to detect and remove as they don’t rely on files and leave no footprint.

There are a range of signs to inform you that your computer has been compromised. Read here to learn what these are.

How to protect yourself from Malware?

Even though there is a magnitude of different types of intricate malware being used by cybercriminals, there are also an array of ways to protect yourself from them.

These can be as simple as protecting your devices by keeping your operating systems and applications updated, never clicking links in pop-ups, limiting the number of apps on devices, being selective about which sites you visit, being wary of emails asking for personal information, not opening email attachments from unknown sources and checking your bank accounts regularly.

Contrary to popular belief, Macs also get malware, although not as often as Windows operating systems. Mac’s built-in protection doesn’t block all adware, spyware, trojans and keyloggers —where malware records all the user’s keystrokes on the keyboard. Mobile devices are also targets for cybercriminals, from adware, Trojans, spyware, worms and ransomware all able to be used, especially as most people don’t protect their phones as diligently as they do their computers. These days, phishing attacks through clicking on links, and scam calls are common phone cyber threats.

For businesses, protection can become a bit more complicated as your entire team is generally using and reliant on technology, so there are many avenues for human error. Protecting yourself at a business level means using strategies like two-factor authentication, application control and performing daily backups as an infiltration can be incredibly detrimental, costing large sums of money, possibly breaching The Privacy Act and losing customer trust.

For this reason, the Australian Government has highly recommended that businesses implement Essential Eight, a Cyber Security framework that businesses can measure their Cyber Security maturity against. Click here to read more about the framework and how your business can implement it.

Implementing Cyber Security measures can be costly and, at times, inconvenient, but when the integrity and longevity of your business are at risk, businesses must improve their security measures.

Malware is a serious threat to your computer and personal information. It’s important to take steps to protect yourself against malware by using antivirus software, being cautious when downloading files and opening emails and seeking help if you suspect that your computer has been infected. Don’t let malware destroy your digital life — stay vigilant and take action to keep your computer safe and secure.