Malware is a broad term used to describe a range of software that's intended to either cause harm to your devices or perform some other malicious action without you knowing. Most malwares are designed to have some financial gain for the cybercriminal. Whether they are seeking your financial account information or holding your computer files for various malicious purposes. There are a number of ways that malware can get “on” your computer or mobile device. You might open an attachment from someone you know whose files have already been infected. They can infect systems by being bundled with other programs or attached as macros to files. Others are installed by exploiting a known vulnerability in an operating system (OS), network device, or other software, such as a hole in a browser that only requires users to visit a website to infect their computers.
You might click a link in the body of an email or on a social networking site that automatically downloads a virus. You might even click an ad banner on a website and end up downloading a virus or malware (known as “malvertising”). Malware is also spread by sharing USB drives and other portable media.
Nowadays cyber criminals are targeting Tablets and Mobile devices with their higher adoption and limited security features. Some of the more commonly known types of malware are viruses, worms, Trojans, bots, back doors, spyware, and adware. Each of these terms refers to a slightly different type of infection, and each operates slightly differently - and has different ways of removing them. Let's take a look at each one in a bit more detail.
Trojan horse: It is a harmful piece of software that looks legitimate, but it carries ulterior motives. Trojans can delete data, compromise security, relay spam or porn, and otherwise infect your computer. After it is activated, it can achieve any number of attacks on the host, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses). Trojans are also known to create back doors to give malicious users access to the system.
Virus: Viruses attach themselves to real programs and apps, so will only run when you run the infected program. They normally cannot spread themselves, but only spread by people emailing the files or transferring them via USB drives. Almost all viruses are attached to an executable file, which means the virus may exist on a system but will not be active or able to spread until a user runs or opens the malicious host file or program.
Worms: Worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage. This means that if you get one, it will try and spread to any other computers you connect with or try and send it self to others without you even knowing.
Bots: A malicious bot is self-propagating malware designed to infect a host and connect back to a central server or servers that act as a command and control (C&C) center for an entire network of compromised devices, or "botnet." With a botnet, attackers can launch broad-based, "remote-control," flood-type attacks against their target(s).
Backdoor: Backdoors are much the same as Trojans or worms, except that they open a “backdoor” onto a computer, providing a network connection for hackers or other Malware to enter or for viruses or SPAM to be sent. Some back doors are placed in the software by the original programmer and others are placed on systems through a system compromise, such as a virus or worm.
Keyloggers: Records everything you type on your PC in order to glean your log-in names, passwords, and other sensitive information, and send it on to the source of the keylogging program.
Exploit: Exploits take advantage of weaknesses or “vulnerabilities” in common software, such as Java and Adobe Flash. Malware can use these vulnerabilities to exploit the way the software works and further infect your PC.
With so many different types of malware – and the vast range of malicious software programs within each type – it’s important that every malware item can be unambiguously classified and easily distinguished from other malicious programs. However the above list is partial and just touches the tip of iceberg.
The broadening use of social media, messaging and other, non-work related applications introduces a variety of vectors that can be used to propagate viruses, spyware, worms and other types of malware. All it takes is a combination of robust security software and a commitment to following basic safety rules to safeguard our systems and devices. Few of the widely used industry techniques and devices are mentioned below.
- An antivirus engine to detects and blocks viruses, spyware phone home, spyware download, known Bots, as well as worms and Trojans.
- Continuous update of signatures from Vendor database of various malwares from around the world.
- Inline or off-line scanning of compressed, encrypted or embedded Email files and web content for malware assessment
- End point Protection
- Source IP address and File assessment basis on reputation technique.
- Network IPS & Sandboxing devices can also be used for advance protection.
- Selected solution must be ready for cloud applications and users