What is malware & how does it enter my company

Wontok Team

Published:24 Sep, 2020
what_is_malware

Today, there are many kinds of online cyber threats that can affect businesses and give cybercriminals access to important data and personal information. However, out of all the threats to data that exist, malware attacks are one of the most common – having been a threat to individuals and organisations since as early as the early 1970s when the Creeper virus first appeared. Since then, businesses have been under attack from hundreds of thousands of different malware variants all with the intent of causing disruption and damage to businesses.

Cyberattacks that use malware are a serious threat to small businesses and large corporations alike, with the average global cost of a malware attack on a company standing at US$2.6 million (Accenture, 2019).

What is malware?

The term malware is the collective name for a variety of malicious software variants. Put simply, malware typically consists of code developed by hackers with the intent of damaging devices, stealing data, and causing harm to businesses.

Malware is often created by teams of hackers that are usually looking to make money by either spreading the malware themselves or selling it to the highest bidder on the dark web. However, there can be other reasons for the creation of malware – it can be used as a tool for protest, a way to test security, or even as a weapon of war between governments.

What does malware do?

Malware covers a broad category of cyber threats and what it does varies from file to file. However, the most common types of malware include:

  • Viruses – like their biological namesakes, viruses attach themselves to clean files and infect other clean files. They can spread uncontrollably, damaging a system’s core functionality, and deleting or corrupting files.
  • Trojans – this kind of malware disguises itself as legitimate software or is hidden in legitimate software that has been tampered with. It tends to act discreetly and create backdoors in security to let other malware in.
  • Spyware – this is designed to spy on you. It hides in the background and takes notes on what you and your employees do online, including passwords, surfing habits, financials, and more.
  • A Worm – these can infect an entire network, either local or across the internet. It uses each consecutively infected device to infect other devices.
  • Ransomware – This kind of malware typically locks down devices and files and threatens to erase everything unless a ransom is paid.
  • Adware – though not always malicious in nature, aggressive advertising software can undermine your security just to serve you ads – which can give other malware an easy way in.

How can malware get into my business?

There are several ways that malware can infect businesses and in the main, all start with employees being connected to the internet:

Human Error: You or your employees might click on a malicious website link, download a suspicious email attachment, or click on an ad that looks legitimate. Human error also occurs simply by users ignoring security software warnings about links, attachments, files, programs etc. and clicking anyway.

Web Attacks: Cybercriminals carry out these attakcs on websites and databases associated with these sites for malicious reasons.

Apps or Software: FREE to download applications or software can include malware, especially Spyware. This type of malware distribution is extremely popular as users are tempted by the ability to access free apps, files, or programs.

How do I know if my business has malware?

Unlike the old days, when malware like viruses often announced themselves by displaying messages or by giving computers the “blue screen”, many types of malware today can hide without producing any tell-tale symptoms of an infection. Just as different types of software perform different functions, so different types of malware can perform different types of harm.

Malware that you might not realise is on your devices could be capturing data as you and your employees log into online accounts, finding, storing and using valuable information to harm your business.

While many types of malware try to remain unseen, there are some red flags that might indicate an infection:

  • Your connected devices run slow or are experiencing glitches.
  • Pop-up windows are appearing as you and your employees are browsing the internet.
  • Colleagues have brought to your attention that suspicious emails from employees are being sent which they haven’t sent themselves.
  • Smart devices are receiving suspicious messages whilst their battery life drains quickly.
  • Overall data usage within your business has spiked significantly.
  • Sought after files on networks have been deleted or replaced.

The only sure-fire way to detect all malware before it infects your devices is to implement a cybersecurity solution that incorporates detection tools and scans that can identify and block malware before the infection takes place.

How can I protect my business from malware threats?

In today’s ever-changing threat landscape, it is vitally important for businesses to have protection against malware and other malicious software.

Wontok One for business gives organisations real-time cyber protection against online threats. In the event of a malware attack, there are 3 key steps that our security experts follow as part of our response plan.

  1. Communicate and coordinate

We believe communication is critical which is why we work with all decision makers towards achieving a successful outcome. Having a response plan allows businesses to see our process clearly laid out.

2. Isolate all devices and backups

As soon as malware is detected, all machines should be disconnected from the network to prevent the infection from spreading by pulling out the network cables and turning of machines. This includes connections to other networks, sites and remote devices.

A recovery needs uninfected backups, so the backup plan should include backups that aren’t online and therefore are safe. Removal drives etc. should also be isolated and recall offsite backup media so they’re ready to use.

3. Confirm, understand and assess

We work with businesses to confirm the infection by analysing the infected device in order to assess if the threat is real and if the data has been encrypted. Our experts will undertake a thorough review of the malware strain to determine the best solution to eradicate the threat.

Assessing the damage allows our experts to understand what has been infected and what may have been infected. We run a quick audit to identify the extent of the infection to see if any devices have not been infected.

Delivered via our easy to use cloud-based platform, Wontok One is cybersecurity at its best – enabling businesses to take control of their cybersecurity needs all from one place, and best of all, without the need for any IT expertise. With Wontok One, anyone can manage a business cyber protection.

Always on, real time protection – Wontok One protects against threats such as viruses and malware and gives businesses the ability to take control of web access to reduce risk.

World class email protection – Email Security protection against cyberthreats, especially ransomware and phishing scams.

Watch & Alert system – Our technology continuously monitors the dark web for a business’ critical data, alerting Administrators if found.

Actionable insights – Wontok One provides valuable insights so action can be quickly taken to reduce risks to data, devices, and emails.

Wontok partnered with communication service providers and other trusted organisations to deliver a suite of cybersecurity solutions that keep small businesses’ data protected. Get to know more here.

Book a Demonstration

To book a demonstration or contact one of our experts on how our solutions can benefit you and your customers, complete the form below and one of our cyber security specialists will be in-touch to discuss your requirements and setup your demonstration.