What software program infect damage and disrupts the whole computer system?

Malware, short for malicious software, is designed to damage files or entire computer systems, steal data, or disrupt networks. Malware can be viruses, worms, Trojans, spyware, adware, backdoors, rootkits, and bots. There are numerous inexpensive Antivirus software programs available to protect your IT and OT systems from malware, but first line of protection is knowing how malware spreads so you can avoid it in the first place.

Malware will enter your computer in one of three ways:

• As a download from a web page: If you use the latest version of your web browser, you will be alerted to any download from a web page onto your computer. In other words, you must invite the program into your realm and if that program is malware, in it comes.
• As an email attachment: Malware arriving in the form of an email attachment is the same bad stuff that comes from a web page. The difference is primarily in the way an attachment uses social engineering: The malware is often disguised as a message from a friend, your employer, your bank or your business contact or has another tempting aspect that entices you to open it.
• As a file on infected removable media: Originally the most popular method of malware distribution, inserting a USB-stick or another type of media into your IT or OT storage system is still a way to infect your computer with a virus. Never ever start a PC or computer system with a USB-stick inserted.

The key to getting malware to work is social engineering. In the case of a web page link, the web page may direct you to ignore warnings from Windows or to disable your antivirus software to continue.

Recommendations

• If the website does not look quite right, or if is offering something that cannot possibly be true, it may be best to avoid downloading any of its files or even click a link.
• If a file downloads automatically and you did not request it, do not open the file and delete it at once.
• If a pornographic website downloads a “video viewer,” it is a virus.
• If the email says to disable your antivirus program before opening the attachment, don’t.
• It has recently become more common to be infected with malware through messaging services and chat rooms, like WhatsApp, Messenger, LinkedIn, Facebook and Twitter. Fake user account tries to become friend with you and sends you a web page link to malware, often with an enticing but wrong description of what you find when you click the link. Do not click the link!

Whatever you do, however you’re tempted, do not click a suspicious link or open an untrusted file!

Additional material

Cyber security awareness package (provides links for posters, presentations, case studies and videos)

In 2018, there were 812 million reported malware infections (PurpleSecus Cyber Security Report), and 94% of those malware infections were delivered via email (CSO). No devices were immune to these infections—not even mobile devices.

What is malware? Malicious software, or "malware," is software written with the intent to damage, exploit, or disable devices, systems, and networks. It is used to compromise device functions, steal data, bypass access controls, and cause harm to computers and other devices and the networks they are connected to.

Malware on the Rise

According to a recent Internet Security Threat Report by Symantec, there were 246 million new malware variants discovered in 2018, and the percentage of groups using malware is on the rise, too. Symantec reported that groups using destructive malware increased by 25% in 2018.

With malware usage continuing to rise, it’s important to know what the common malware types are and what you can do to protect your network, users, and critical business data.

Understanding the Six Most Common Types of Malware

The six most common types of malware are viruses, worms, Trojan Horses, spyware, adware, and ransomware. Learn more about these common types of malware and how they spread:

1.   Virus

Viruses are designed to damage the target computer or device by corrupting data, reformatting your hard disk, or completely shutting down your system. They can also be used to steal information, harm computers and networks, create botnets, steal money, render advertisements, and more.

Computer viruses require human action to infect computers and mobile devices and are often spread through email attachments and internet downloads.

[You Might Also Like: "As Cyber Crime Evolves, Are Your Security Tools Keeping Up?"]

2.   Worm

One of the most common types of malware, worms spread over computer networks by exploiting operating system vulnerabilities. A worm is a standalone program that replicates itself to infect other computers, without requiring action from anyone.

Since they can spread fast, worms are often used to execute a payload—a piece of code created to damage a system. Payloads can delete files on a host system, encrypt data for a ransomware attack, steal information, delete files, and create botnets.

3.   Trojan Horse

A Trojan horse, or “Trojan”, enters your system disguised as a normal, harmless file or program designed to trick you into downloading and installing malware. As soon as you install a Trojan, you are giving cyber criminals access to your system. Through the Trojan horse, the cyber criminal can steal data, install more malware, modify files, monitor user activity, destroy data, steal financial information, conduct denial of service (DoS) attacks on targeted web addresses, and more. Trojan malware cannot replicate by itself; however, if combined with a worm, the damage Trojans can have on users and systems is endless.

[You Might Also Like: "What is Layered Security & How Does it Defend Your Network?"]

4.   Spyware

Installed on your computer without your knowledge, spyware is designed to track your browsing habits and internet activity. Spying capabilities can include activity monitoring, collecting keystrokes, and harvesting of account information, logins, financial data, and more. Spyware can spread by exploiting software vulnerabilities, bundling with legitimate software, or in Trojans.

5.   Adware

Adware is often known for being an aggressive advertising software that puts unwanted advertising on your computer screen. Malicious adware can collect data on you, redirect you to advertising sites, and change your internet browser settings, your default browser and search settings, and your homepage. You typically pick up adware through a browser vulnerability. Legitimate adware does exist, but it will ask your permission first before collecting data about you.

6.   Ransomware

According to Cybersecurity Ventures, cybercrime is predicted to cost the world 6 trillion dollars annually by 2021. Because ransomware generates so much money for cybercriminals, it is the type of malware we hear the most about.

Ransomware is a type of malware that holds your data captive and demands payment to release the data back to you. It restricts user access to the computer by either encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the attacker to release the restrictions and regain access to the computer. Once the attacker is paid, your system and data will usually go back to its original state.

How To Protect Your Business from Malware

Propagation of malware and cybercrime will continue to rise, and it’s important to protect yourself and your business from cybercriminals by implementing multiple layers of security, also known as a “layered approach.” These layers may include a firewall, end-user training, anti-malware and anti-virus software, email and web filtering, patch and update management, network monitoring, and managed detection and response services, just to name a few.

A layered approach is important to ensure that all potential entry points are protected. As an example, a firewall may prevent a hacker from getting on the network, but it won’t stop an employee from clicking an infected link in an email.

A good business continuity and disaster recovery solution (BCDR) is a must, too. A BCDR device and plan will not only protect your critical data in the event of a ransomware attack, but also from server failure, fire, or other natural disasters.

Don’t Forget Your End-Users

Though the layered approach described above can significantly reduce the risk of an attack, a business’ biggest vulnerability lies with its end-users.

Remember, 94% of all malware is delivered via email, which means that the security of your business lies in the hands of your end-users. So, when building your cybersecurity layers, don’t forget to educate your end-users and train them to be aware of the threats they may encounter and what to do when an attempted attack inevitably lands in their inbox.

End-user education along with software and hardware solutions are key to creating a more secure business environment. Prosource’s Managed IT Services give customers peace of mind. The monthly service not only includes many of the layers needed to secure your business network, but also other productivity-boosting benefits, like Help Desk support and a virtual Chief Information Officer (vCIO) who can educate and guide you and your employees on best practices to help protect your business.

Editor's Note: This post was originally published as "5 Common Types of Malware" in June 2017 and has been updated for accuracy and comprehensiveness, including an additional common type of malware.

What is a program that can disrupt or damage a system function?

What program will damage my computer?

Is any software used to disrupt computer operations?

What software was designed specifically to damage or disrupt a system such as a virus or a Trojan horse?