Most of us reading content like this will have heard about -or are at the very least are familiar with – the dark side of the digital world and the internet. Some of us are hopefully curious about how to be cyber secure on the internet (knowing how to be safe and keep devices safe online), and are looking at educating themselves on the subject of avoiding malware. This means garnering familiarity with terms such as; malware, viruses, worms, trojans, computer bugs, hackers -to name a few. There are very real reasons why such terms have permeated into the deepest layers of technological culture and society, and for a long time time now at that. The general idea of internet safety is called cyber security (variations are cybersecurity or cyber-security), which we will get into later.
The ominous underworld of cyberspace has always been an attractive topic to everyone from cinema goers (think The Matrix or Swordfish), to best-selling authors (Dan Brown) and these are themes that have always attracted the general public. Apart from the attractiveness of the topic in popular culture due to it being romanticized as mysterious and controversial, let’s look at this in a realistic, practical manner. What does malware mean for you as an internet user? What are the real world implications of malware for internet users in general? What is very important to realize is that, never has there been a time quite like this when awareness and knowledge about these things is of such critical importance. Being educated about your personal cybersecurity (or your organization’s for that matter) means avoiding serious problems and potential damage caused by cybercriminals and their malware.
If you have ever used a computer, or a device with an operating system (OS), you have probably been exposed to malware at some point, or know what an anti malware or antivirus program is. Malware is a portmanteau of the word ‘malicious’ and ‘software’. It defines any software (programs, code etc.) that are intrusive in nature and are designed to; disrupt or destroy data as well as steal sensitive information. Examples of malware are basically what we mentioned earlier; any computer or device virus, spyware, adware, ransomware or worm falls under malware. Malware is written (authored or created) by cybercriminals (a.k.a hackers in the general sense). It is either groups of hackers/cybercriminals or individuals that are behind malware, but the end goal is always the same: either ROI or Return on Investment or total destruction/disruption. So, malware is created by cybercriminals in order to steal or disrupt, where the goal is also to profit if possible. There are several flavors of malware, meaning several attack vectors and types of malware, which we will get into below. We will also look at some real-world examples of just how destructive malware can be.
Cyber security is the kryptonite to malware and dangers in the digital world in general. The term is a combination (like malware) of two terms, cyber (meaning online, virtual or digital) and security. Cyber security defines the tools, methods and knowledge that are out there to help combat malware and cybercriminals. To bring more light to this, let’s use some examples. Cyber security pertains to the combination of software such as anti malware or antivirus, VPNs, as well as the knowledge required to stay safe online on a daily basis. Cyber security in an ideal world is there to defend us from the attack vectors (attack methods, essentially) that cybercriminals use to destroy, disrupt or steal sensitive data from both citizens and businesses alike. Malware is just one among a host of attack vectors out there. Besides just malware, other attack vectors include; brute force attacks on computer systems, the exploitation of unpatched software, phishing scams or insider threats in an organization. It is safe to say that vectors like malware and email phishing (social engineering scams) are the two most popular methods used on people in general. These methods are an easy and quick way to conduct cybercrime.
So, gathering from the above info we understand that there are dozens of relevant reasons why your devices need protection from malware. Which devices are we talking about? The most popular device used across the world today is the smartphone, but people today widely use tablets, laptops and desktop computers as well. With that, it would be a very good idea to find out why you should protect your smartphone from attackers. The cybersecurity methods used to protect a smartphone are almost identical to the protection of other devices as well, with some small variations.
Let’s think about some of the worst ways in which malware can affect your device, the types of malware associated with that and then we will follow with some real world examples. Below are some ways in which malware can affect devices;
- System disruption
- Data loss
- Infection of multiple systems on a network
- Spying and monitoring
- Theft of financial information and/or credentials
- Bog down systems with ads and third-party files
- Blackmail for profit purposes
Here are the types of malware out there;
- Trojan viruses
- Advanced fileless malware
Now, let’s look at some real-world examples of just how dangerous malware can be.
- In 2017, the largest ransomware attack in history named WannaCry spread globally. It would continue to spread to 150 countries and infect thousands of computers per hour. It caused severe damage, loss and disruption to the medical industry, governments and universities. Variants of this malware are still around, and have caused billions of dollars of damage to this day
- The recent SolarWinds malware supply chain attack, where cybercriminals gained access to the most secure organizations’ data in the U.S. and exploited weaknesses in organizations’ cybersecurity, is one of the most devastating attacks in history
The above are the benchmark examples that show what malware can do. Some lesser examples that affect all of us are things like phishing emails loaded with malware attachments, unsafe third-party apps that contain spyware or adware, and unsafe applications on App Stores that contain backdoors, for example.
It is important to understand one thing, the presence of malware on a system in most cases is user error and lack of cybersecurity knowledge. It is true that most systems will be exposed to some sort of malware (especially Windows and Android), but it is usually downloading an illegitimate file or browsing the wrong web pages that gets malware on systems and devices. It is important to have the right tools as well as the right knowledge to combat and eradicate malware. Here are some cybersecurity tips and tools to fight malware on a daily basis;
- Always make sure that the websites you visit have HTTPS and the lock icon in the address bar
- Never open emails from suspicious or unknown senders
- Avoid connecting to public Wi-Fi
- Before you download anything to your device, confirm the authenticity of the file
- Use a VPN or Virtual Private Network that will cloak, encrypt and protect you online
- Never trust strangers on social media, and put a limit on how much you share
- Use a premium anti malware software and regularly scan your system
With this overview and these tips in mind, you should be at a satisfactory level of cybersecurity when it comes to protecting your devices from malware and avoiding your precious and sensitive data being misused.