In an era where electronic technology has a major role in each of our day-to-day tasks it is safe to say that we depend on various computing devices to perform our daily activities. If they were to stop functioning for just some hours there would be millions if not billions worth of loss and damage. People in hospitals or with implanted medical devices such as computer controlled respirators, computer controlled infusion pumps, computer-controlled defibrillators etc. will be largely affected by this and many may lose their lives. Likewise, many other sectors of our daily lives would be greatly hampered. The aftermath would be devastating and we as a society are not prepared for such an event.
Although the likelihood that all the electronic technology around the world would stop working at the same time may sound like something out of a Hollywood movie, people are not aware that malicious software could attack and cripple networks of computer systems worldwide in such a way as to mimic an all-out electronic device failure depending on the malware’s power and capacity. But this is just one of the many concerns brought about by such malicious software. Furthermore, it can lock your device or data and steal/leak your private & personal data/information, it can damage or corrupt files, it can slow down the performance of your device and the list goes on and on.
So, you may be asking yourself, what defines a malicious software (malware)?
Any computer software which is intentionally designed to bring harm to programmable electronic devices, systems and services are called malware or malicious software. The word malware comes from the Latin root word mal which means bad or evil and ware which refers to the software. Malicious software can be of many types such as worm malware, ransomware, rootkits, spyware, botnets, adware malware, keyloggers and trojan malware. Although some are more harmful than others, they all have the ability to cause damage and disturbance. Let us discuss briefly about the different types of malwares.
Types of malwares:
Viruses are usually self-executing codes which require a host device to carry out their malicious tasks. They are usually executable (.exe) files which are not active until triggered by a user by either opening a virus infected file via email or by downloading it on to the system. Once the virus has launched itself on to a system it can then replicate itself and spread through the system and network infecting other files and devices. They can also take control of applications, steal data and information, launch ransomware and DDoS attacks onto the infected systems etc. Examples of malware viruses are ILOVEYOU virus – 2000, Mydoom, Code Red.
A trojan malware or trojan horse virus is a deceiving piece of software which seems legitimate but once installed on to the system it beings carrying out its malicious activities. The name trojan malware come from the Ancient Greek story of the trojan horse as they both work on the same deceptive ideology and technique of intrusion. They can spread in methods similar to those of malware viruses and also require users to activate them via some action. Unlike malware viruses trojan malwares do not need a host. They are capable of deleting, modifying and stealing data, launching ransomware and DDoS attacks, spying on users, taking control of the infected device etc. Examples of trojan malwares are Proton Remote Access Trojan (RAT) – 2017, ZeuS – 2011, Rakhni Trojan – 2013, R2D2.
Worm malware is a self-replicating software which does not need any host or any user action to be triggered. They can be transferred through methods similar to viruses and trojan malwares. Once the worm has been installed on to a system it starts its malicious activities infecting the machine along with other machines on the network without the user even knowing. They are capable of launching ransomware and DDoS attacks, deleting and modifying files on a system, stealing data and information, installing backdoors for hackers to gain access to the system in the future etc. Examples of worm malwares are SQL Slammer – 2003, Stuxnet, Toxbot.
Spyware is a type of malware that observes and collects data and information about a user without them knowing. They are used to spy on a user, steal data, keep logs about their activities, collect personal data such as passwords, credit card information, banking information and other sensitive information. Examples of spywares are Dark Hotel – 2014, Zlob, Gator.
Ransomwares as the name suggests infect any system, encrypt its important files and data and demand a certain ransom in exchange for decrypting the encrypted system, files and data. The ransom is to be paid in cryptocurrency to the cybercriminals as this form of payment cannot be traced easily. Ransomwares can be transmitted through other viruses which may contain some piece of code embedded within them that is capable of holding the system for ransom. This type of malware can hold devices and systems, files, data as hostages, encrypt and damage data, steal data, create a backdoor for hackers etc. Examples of ransomwares are WannaCry – 2017, CryptoLocker – 2013, Jigsaw – 2016.
Rootkit is a type of malware which is used to gain root or privileged access over any system. Once installed into the system without the user knowing it gives the attacker remote administration level access over the victim’s system. This type of malware can stay hidden in your system for a long-time causing damage and can hijack your system. They are spread form different means similar to that of viruses and through phishing attacks. They are also used to steal data and information and also to spy on the victim. Examples of rootkits are Zacinlo – 2012, Rovnix, Stoned Bootkit.
Bots / Botnets:
Bots or botnets are malicious code which look for security loopholes to gain remote access to a device or to perform other types of hacks and malicious activities. They can be used to create an army of bots, spread viruses, launch massive DDoS attacks on one target from different devices at the same time etc. Examples of botnets are Mirai – 2016, Conficker, Waledac.
Now that we know about malwares and their different types you may be wondering how do I know I if I have been a victim of such type of malicious software? Well, here are some ways to know if your system has been affected by malware.
If your system has been affected by malware you might see some of the following signs:
1. Your computer is slow.
2. You get random pop-up messages and inappropriate ads.
3. Your computer crashes or show error messages.
4. Unfamiliar files, suspicious folders and desktop icons appear out of nowhere.
5. Your peers receive strange messages and emails from you.
6. You cannot access various files and folders on your computer.
7. You get scary messages, threats and ransom demands.
8. Your system tools don’t work.
9. You cannot access your system security.
10. You cannot perform certain tasks such as removing software, shutting down or restarting your computer.
These are just some signs you may see if your computer has been a target of malware attacks. So, what should you do if you have fallen victim to malicious software?
You should immediately disconnect the infected system from your network to stop the spread onto other devices. Then determine the files, folders and data affected by the malware. You should also discontinue the use of online services that use your personal and sensitive information until the malware has been cleared. You should try to identify the type of malware that has infected your system and looks for ways to get rid of it. After eliminating the malware, you should run a full scan on your computer to check if there is any other malicious software left over in your system. Then you should check if you have any security software on your device and if you don’t you should get it immediately. Furthermore, you should make sure all your software is updated to the latest patch to avoid any further security vulnerability breaches. After following these steps, you can then backup any lost or damaged data from your backups and report the infection to the proper authority in case of serious damage or breach. If the above steps do not work you should try recovering your operating system or reinstalling your operating system. If you are still not able to get rid of the malware you should look for professional help or contact the manufacturer of the device.
1. Avoid opening attachments that look suspicious.
2. Avoid giving out personal information.
3. Think twice before clicking.
4. Patch and keep your software up to date.
5. Do not use unfamiliar media devices.
6. Only download from sites you trust.
7. Keep Windows Firewall turned on at all times with proper configuration settings.
8. Monitor your network for suspicious activities with frequent scans.
9. Use the show file extension feature to detect any unwanted files.
10. In offices educate employees about cyber security and social engineering.
11. Perform frequent backups for important data and information.
12. Make use of security tools and anti-virus software.When it comes to malware the best counter weapon against it is knowledge and awareness. Just by being educated on the topic and knowing what to do and what not to do can reduce the chances of you being a target of malware attacks. Preventive measures should be taught and used before any malicious software takes any system as hostage. Keep all software and security patches updated which might help prevent the attacks. Frequently back up all your important data and information. Be on the lookout for any suspicious activity and remember to always think twice before you click!