Protecting against a broad range of malware, including computer viruses, worms, spyware, botnet software, and ransomware, will help keep your computer, your privacy, and your important documents safe.
Malware definition: What is malware?
Malware, short for ‘malicious software,’ is any malicious code designed to cause damage or unwanted behavior on a device, system, or network.
Malware can be used to collect private data, steal passwords, or take control of a device. It is often spread through phishing attacks, or by visiting malicious websites.
Types of malware
Adware is unwanted software, often bundled with other free software, designed to generate revenue for the software developer.
A keylogger records the keystrokes that a user types into their computer. This information can be used to track what a person is doing on their computer and can be used to steal sensitive information like passwords.
Ransomware is a type of malware that encrypts a user’s files and demands a ransom be paid to decrypt them.
Rootkits are designed to gain administrative control over a computer system without the user’s knowledge or consent.
Spyware can collect personal information, such as Internet browsing habits and email addresses, and send it to third parties without the user’s permission.
A Trojan is a piece of malware that masquerades as a legitimate program. Attackers usually use Trojans to gain access to a victim’s computer.
Like viruses, worms copy themselves to spread to other computers. However, a worm can spread itself without any user interaction, whereas a virus requires execution by the user.
Why is malware protection important?
Malware can be delivered physically to a system, such as through a USB drive, or via the Internet through, for example, drive-by downloads, which download malware to users’ systems without their knowledge.
Malicious websites and phishing – scam messages pretending to be legitimate, but actually containing malicious links or attachments – are two common delivery methods. More sophisticated malware attacks can, for example, feature the use of a command-and-control server that allows attackers to communicate with the infected systems, exfiltrate sensitive data, and remotely control the compromised device or server.
An attack can be incredibly damaging, so it is important to protect your system, your privacy, and your sensitive information from malware.
To minimize the risk of malware, your organization should adopt at least one of the following approaches:
- Keep software up to date, with signature files updated at least daily.
- Configure software to scan files automatically upon access. This includes when files are downloaded and opened, and when they are accessed from a network folder.
- Ensure software scans web pages automatically when they are accessed through a web browser.
- Ensure software prevents connections to malicious websites.
Only allow approved applications to be executed on devices. Ensure that your organization actively approves such applications before deploying them to devices, and maintain an up-to-date list of approved applications.
Ensure that all code of unknown origin is run within a ‘sandbox’ that prevents access to other resources unless the user explicitly grants permission.