Malware - a primer: What is it and what can you do to prevent it?
Malware - a primer: What is it and what can you do to prevent it?

There are various terminologies associated in web security for programs written with malevolent intentions. You might have heard of terms like virus, worm, keylogger, Trojan, spyware, adware, and ransomware. These are all forms of malware, and – although there is a level of distinction between all categories of such programs – it might not be apparent to the common, non-tech user. This is especially true for those who do not know the difference between malware and ransomware.

Malware is an acronym for “Malicious Software”. It is a generic term used to refer to all kinds of malicious programs, whereas ransomware is one of those malicious software programs with specific modulus operandi. So malware can be considered a super-set of ransomware.

What is ransomware?

Ransomware is a program written with only one intention – to extort money out of the victims. It works by first infecting the system and then asking the user to pay money via one of the payment options. The infection may result in temporary or permanent loss of data. Most ransomwares encrypt the files on a user's system, which then block the user out of his or her computer. The encryption generally starts as soon as the computer is infected, and sometimes it takes weeks to completely encrypt the system as it silently works in the background. After that, a notice appears to pay a fixed amount of money in order to decrypt the files.

Unfortunately, paying the demanded sum does not always result with the decryption of your files. And, with the advantages of anonymous crypto-currencies, such as Bitcoin, it's quite common for hackers to retain the files. This common occurrence happened with a recent ransomware, PETYA, where many businesses and organisations lost important files even after paying.

A similar variation of ransomware is where instead of encrypting files, the program imitates law enforcement and asks for payment as a fine. This type of ransomware achieves the same goal, only it looks as if it's from a government agency.

With 638 million ransomware attacks in 2016, it is inevitable that the number of ransomware attacks will only increase, especially those targeting big corporations, hospitals, and government organisations.

What are other types of malware?

Other known malwares like a virus, keylogger, or worm also infect a computer's system but in a different way and for different purpose. A keylogger is a program which records each and every keystroke on the system, including passwords and credit card details. It sends periodic logs to a remote computer owned by the attacker who gains access to all the information. This information can then be studied and stored for a future use. There are legitimate uses of keyloggers, too, but when used without the permission and knowledge of system owner, it is mostly illegal.

Trojan is more advanced than a keylogger and can do much more damage. Once a Trojan is implanted, it can remotely control your computer or network, making it vulnerable for a planned DDoS attack. (A Denial-of-Service Attack is when exorbitant amounts of traffic flood a system causing it to crash.)

Adware is another common malware attack that forces ads into the system, so the hacker gains a monetary benefit from advertisers. Although it is typically less dangerous in terms of damage, it is certainly more annoying.  

What are ways to prevent malware attacks?

1.       Use a good antivirus. There are many adequate antiviruses available these day, some of which are free. Antivirus companies regularly update their database with known malwares and employ advanced heuristic techniques to protect your computer and network. Antivirus software is highly recommended as one of the top preventions against malware.

2.       Use a VPNEspecially if you're on a public WiFi network, hackers can easily intercept whatever data you send, making you can easy target for malware. A VPN, which can be used anywhere and on almost any device, encrypts data making it significantly harder for hackers to intercept it.

3.       Open email attachments carefully. The majority of malware attacks occur with phishing emails. These emails are designed to look legitimate, but – when opened – cause damage. Be wary of opening attachments from unknown sources.

4.       Update your software and OS regularly. Software updates often include security fixes and plug the hole they created in the first place. It is very important to regularly update your operating system and any other software you use.

5.       Frequently backup your files. Follow the 3-2-1 backup rule and have at least 3 copies of your data with 2 of them being in different media and 1 of them offsite. People who take regular backups have at least one less thing to worry about in case of a malware attack because they have their data stored in other places.

6.       Surf the internet carefully. Do not casually click on links or visit questionable websites, and be careful of the information you provide to online sites.  

Although the number of malware and ransomware attacks increase daily, there are many ways to limit them. Educating yourself on malware attacks and taking the necessary precautions to prevent them will ensure your data stays intact and safe.

Contributed by Harsh Maurya, technical writer, the author of How Not to Get Hacked, and vpnMentor 

*Note: The views expressed in this blog are those of the author and do not necessarily reflect the views of SC Media or Haymarket Media.