The experts at Cyber Threat Be Gone believe the foundation of a strong cyber security program is rooted in knowledge. That’s why we have developed a six-part series on the ABC’s of cyber-security. In this series, we will review the fundamentals of Malware and how it can harm your business.
Malware is any software with malicious intent.
When experts talk about the evolution of cyber-crime, they are in essence referring to the sophistication of Malware and distribution of Malware onto devices to execute some sort of “payload” or task. In this post, we will address infiltration methods hackers use to get into computers, and the types of attacks hackers execute once they’ve hacked a computer.
1. How do hackers get Malware on your computer?
a. Phishing – Phishing is an attempt to steal user data or install malware onto devices by disguising itself as a trustworthy form of electronic communication. Often times, phishing scams are performed via email. The best defense of phishing attacks is through Training. The better you can identify these types of attacks, the better you can avoid them.
b. Social Engineering – Refers to a situation when hackers assume a false identity to obtain information. The most common form of social engineering occurs when bogus phone calls are made to withdraw personal information from individuals.
c. 3rd Party – Refers to a data breach that occurs as a result of an outside party. One example is the recent Target hack when millions of machines were infected and used to steal customers’ credit card information. Hackers were able to infiltrate Target by hacking their HVAC contractors.
d. Portable Media – Refers to items such as USB sticks. Some of the most sophisticated portable media devices will bypass standard security protocols and embed malware onto devices by simply plugging them into a computer.
2. How does Malware affect me once it’s on my computer?
a. Ransomware – Encrypts users’ files and renders them unusable unless infected user pays a designated amount of money. Ransomware is one of the greatest threats affecting company’s today. Over 60% of companies with less than 100 employees close their doors after facing a cyber-attack, a significant portion of them being ransomware.
b. Bots – Software programs created to automatically perform specific operations. Bots typically work as part of a larger network called “botnets,” which infects multiple computers to execute more powerful attacks.
c. Spyware – Malware that is used to spy on individuals. This can be surveillance of keystrokes, screen monitoring, or device camera. Hackers will use this information to steal bank passwords or other personal information.
d. Distributed Denial of Services – aka “DDOS” attack, is responsible for the largest cyber-attack to ever hit the world (learn how to stop this here). These attacks are executed by directing “bot” infected computers to flood a network. To put simply, imagine every car in every city in America was directed to drive on one very specific highway. Because no highway in America was designed to support that many cars at once, the designated highway would essentially be unable to serve its purpose.