Malware comes in all shapes and forms from worms to up-close-and-personal tactics in social engineering while most threats being imposed through trap-doors and unknowns in the third party world. In this article, we’ll discuss what malware is, the main types of malware found today, and some of the best practices on how to prevent malware altogether.
What is Malware?
Considered one of the most significant categories of cyber threats to computer hardware, malware is defined as type of software programs that are inserted into a computer system covertly with intents of compromising the CIA triangle (Confidentiality, Integrity, and Availability) of the hardware user’s data, legit applications, and the core system functions within the operating system.
The art of Malware itself is not just to cause compromise data; but, it can also be used for more serious examples such as spreading throughout a local user’s computer and other computers to causing payload issues to simply drive down system performance.
5 Common Types of Malware
For many that are not familiar with malware, malware is only a general cyber-threat term which means that there are many types of malware found on the Web.
In this decade, there are 5 common types of malware that make up for a majority of the cyber attacks still occurring today.
These threats include Adware, Spam, Spyware, Worms, and Rootkits that are used in both reconnaissance and propagation of the LAN and the typical Windows 10 operating system.
Adware
Ever wonder why an annoying pop-up advertisement is now appearing on your computer screen or even see those fake ads that promote scare-ware that describes that you’re computer is infected with virus when it really isn’t.
This describes adware at its best where the goal behind this malware type is to potentially trick the user in not only clicking on the ad; but, to draw the user in downloading malicious software from the malicious website hosting the software.
Adware itself is mostly implemented as integration into software and other ways the advertising itself would redirect the web browser to a website potentially a spoofed website that would attempt to lift credential and account information.
Spam E-Mail
Making up nearly 90% of all e-mail sent from one e-mail client to another, spam is the unsolicited bulk of e-mail that would potentially include some form of malware usually in the form of advertisements like from stock scams and explicit content (kinky websites…)
Most spam seen today over most e-mail clients (Yahoo!, GMail, Outlook, etc.) are used in phishing attacks typically directing the user to a fake website that resembles a legitimate service like PayPal, Apple, etc. to attempt in logging a user’s login information or gaining this information from a form in order to allow the attacker to impersonate the user in an identity theft scandal.
In other cases, spam can also be a carrier for malware as well since some emails may have attached documents, if when opened by the user, would exploit a software vulnerability to installing malware on the user’s computer and network.
Some malware used in spam may consists of Trojan horse programs that not always require user intervention to be installed, instead it would install the program automatically (although Trojans don’t propagate like worms)
Spyware
The next type of malware can be considered the “James Bond” type of malware in terms of spying on other’s data and remaining stealthy like a Splinter Cell game to avoid detection. This is the art of spyware.
Spyware is the type of software in collecting or scanning information found on one computer and transmitting the information over to another via keystroke and network traffic monitoring.
Over the years, many cyber-attackers have developed much more sophisticated spyware to monitor in a broader range which includes spying on browser history (even the Government and ISP are already doing this and selling your information to the highest bidder)
However, spyware gives the idea of using web browser content differently by redirecting web page requests to fake sites controlled by the spyware attacker and then modifying that web page data exchanged between the web browser and browsing interests.
Computer Worms
Considered one of the most dangerous malware types in this list, computer worms are described as a program that can run independently and spread a complete working version of itself onto other computer hosts on the network while exploiting software vulnerabilities on the original computer host.
Besides spreading from one host to another, worms can also spread via shared media like through USB thumb drives and CD/DVD disks that may contain a script code found in infected files.
The typical function of a computer worm is that it will search for other systems to infect by using a scanning function to find more hosts to scan through a topological standpoint
In other ways, computer worms can be configured to have a “hit-list” of scanning vulnerable hosts with the infected hosts on the list given a portion of other hosts to scan which makes computer worms hard to track and get rid of.
Rootkits
The last type of malware is another covert type of malware known as rootkits that hide behind the scenes of a typical operating system where it attacks the “root” of the OS.
Rootkits are defined as a set of defined programs installed on a computer host to maintain access with administrator or root privileges.
As part of it’s standard malicious functions, rootkits can add/change programs and files, send/receive network traffic, and monitor every process while maintaining a backdoor through the local user’s computer.
The overall reason rootkits are another stealthy-type of malware is that is subverts the mechanisms that monitor and report within the operating system such as the processes and registries.
In today’s generation of rootkits, the rootkits have moved to a layer called the kernel of the operating system where critical sections of the OS are accessed from the main memory regions that make
How to Prevent Malware? Step-by-Step Guide
From incorporating policies and awareness to vulnerability and threat mitigation strategies, all of my recommendations are standard procedures that most Fortune 500 companies take to safeguarding corporate data all the way down to average work-from-home employee working remotely.
Listed below are 5 steps to take to ensure you know how to prevent malware infections and to avoid having that one bad day for yourself and for your computer:
1. Use Anti-Malware Software to perform Real-Time Monitoring
Every Windows computer includes Windows Defender as the default Anti-virus solution; but, there is one problem…it does not include anti-malware within its security suite for security protection.
A solution to this would be to use a standalone anti-malware software like MalwareBytes to run alongside a standalone anti-virus software that won’t interfere with scanning (just don’t run two anti-virus or anti-malware programs together, that would affect performance).
2. Block ads with an Advertising Blocker Plugin
Banner advertising is one of the most annoying aspects especially when there is too many advertisements running on one website or when there are weird native ads that may appear like there is malware behind the words.
For preventing ads to appear on your computer screen again, usage of an ad blocker plugin like Adblock Plus for Google Chrome would disable online and browser history tracking done through most ad agencies and most importantly prevent domains that have been common to spreading malware from being presented to you.
3. Don’t Open any E-Mail Attachments!
Everybody should know this by now even your boss would tell you to do this…and that is don’t open any email attachments from someone not recognized especially from e-mails that have weird or out of place characters in the e-mail address (always look at the email address to make sure)
If getting too many e-mails in the spam folder, a separate web-based spam filtering software would help prevent excessive spam if Yahoo or Gmail’s algorithm for spam detection is not strict enough to meet satisfaction.
4. Go Advanced with an Intrusion Detection System
While not particularly beginner friendly for a non tech-savvy individual, a network-based intrusion detection system (IDS) is a handy cyber-security tool that can look deep within Windows 10 for code signatures of most rootkits and other malware within the incoming network traffic.
An IDS commonly implemented within the corporate world can also discover interception of system calls or key-logging software interacting with the keyboard driver.
However, intrusion detection systems do have the one downside and that is they are prone to identifying excessive false positives versus the real malware risks coming through the system that can be a headache to differentiate.
To resolve this issue, I would recommend SolarWinds Security Event Manager since it automates the detection and prevention system as well as integrates all data analysis into a report for an organization/individual to view while maintaining all the integrity of the operating system being used.
5. Always Keep the Operating System Updated
The final step in how to prevent malware is another awareness strategy which is to simply keep your Windows PC up to date with the latest Cumulative updates to patch up any security vulnerabilities/loopholes found or in other cases definition updates that would address Windows Defender as far as updating the firewall and anti-virus (the Defender updates only appear as long as you’re not running a separate anti-virus program like Avast on the computer).
For organizations, certain Windows updates could only be configured and installed through the Windows Server Update Services (WSUS) tool to mass distribute the updates to the number of computers residing over a site’s network…just do one thing, don’t ignore the important updates that will improve security!