Once installed, malware can carry out a variety of harmful actions, such as stealing sensitive information (usually personal data, credit card numbers, or login credentials), encrypting files to demand a ransom, deleting files or data, and using the infected device to carry out further attacks on other devices or networks.
The creators and users of malware are always up to no good, and they target businesses and individuals alike. With the cyber-attack industry growing each year, hackers can purchase malware on the dark web for less than US$100.
Another ransomware-as-a-service group, REvil, give hackers malicious code and then receive a ‘cut’ of the extortion fee, usually between 20% and 30%. IBM Security X-Force states that REvil targets wholesale, manufacturing, and professional services industries.
The reality is that anyone can be a target, mainly because there are many reasons why hackers send malware attacks. These include:
- Financial gain: Once in a system, malware can steal financial information, such as credit card numbers, bank account information, and other sensitive data that can be used to commit fraud or identity theft.
- Disruption: Malware like ransomware locks businesses out of their systems and encrypts their data, disrupting the normal operation of systems and networks. This can be used to cause chaos or to extort a ransom.
- Espionage: Trade secrets, intellectual property, and other confidential data are at the root of many hacks carried out by governments, businesses, or criminal organisations.
- Large-scale attacks: Essentially a network of infected devices, botnets can be used to carry out large-scale attacks, such as distributed denial-of-service (DDoS) attacks, or to send spam emails.
- Revenge or political motives: Hacktivist groups may use malware attacks to target organizations that they believe are engaged in unethical practices, or, at a more micro level, a disgruntled ex-employee could leave malware in a system when they are fired.
How malware infects systems
Malware attacks can be initiated through a variety of methods, such as email attachments, downloads from malicious websites, infected software, or by exploiting vulnerabilities in any software on the device or through the operating system itself.
Malware attacks can occur at any time, and anyone can be targeted. However, there are certain situations where you may be more likely to get a malware attack. Here are some examples:
- Visiting malicious websites: these are websites designed to lure you in so that they can infect your device with malware.
- Downloading software or files: just like visiting malicious websites, clicking on a suspicious link and downloading files or software can install malware on your device.
- Opening email attachments: malware is often distributed via email attachments, so it’s important to be cautious when opening attachments from unknown or suspicious senders.
- Exploiting vulnerabilities: every day hackers find new vulnerabilities in software and code, which is why application and software developers distribute so many updates to counter new malware.
- Social engineering: malware attacks are often initiated through social engineering tactics, which include phishing emails, where attackers trick users into providing personal information or downloading malicious software.
It’s important to remember that malware attacks can affect any device that is connected to the internet, including personal computers, laptops, smartphones, tablets, and other internet-connected devices such as smart TVs, smart thermostats, and even some types of cars.
What to do if you are hit by malware
Unfortunately, getting hit by malware is often a case of when rather than ‘if’. It’s, therefore, critical to know what to do if malware infects your device or your company’s network. If you believe you have been hit by malware, there are several steps you should take:
- Disconnect from the Internet: As soon as you suspect a malware infection, disconnect from the Internet to prevent the malware from spreading to other devices or servers.
- Run antivirus software: If you have antivirus software installed, run a scan to detect and remove the malware. Make sure your antivirus software is up to date with the latest virus definitions.
- Remove any suspicious software: If you notice any suspicious software on your computer that you did not install, remove it immediately.
- Change your passwords: If you think your passwords may have been compromised, change them immediately, especially for any sensitive accounts like banking or email.
- Backup your data: If possible, backup your important data to an external hard drive or cloud service.
- Seek professional help: If you are not sure how to remove the malware or if the infection is particularly severe, seek professional help from a reputable cybersecurity firm.
- Take steps to prevent future infections: Once the malware has been removed, take steps to prevent future infections, such as keeping your software up to date, using strong passwords, and being cautious of suspicious emails and links.
It’s important to act quickly if you or an employee suspects a malware infection to minimise the damage and prevent further infections. This is another reason why training employees is so important. Reactions should be instant. By being proactive about your cybersecurity, you can reduce the risk of falling victim to a malware attack.