Malware - The Hidden Enemy

  • Published: Wednesday, July 22, 2020

Malware is the collective name for malicious code variants, including viruses, that is meant to deliver as much damage and disruption as possible to your device and/or network. It can be delivered to your device in numerous ways. You may visit an infected website, download a malicious app, or click on a seemingly innocuous link. Most malware likes to embed itself into the software and do its dirty work behind the scenes. Many users won’t even suspect that the criminal activity is active. And malware is getting better at evading detection until it gets a chance to inject its nasty code into your device.

Ransomware, a noteworthy malware due to its ability to render files and hardware unusable, takes a more visible stance. It performs its malicious activity of encryption covertly before notifying the user of the damage and demanding a ransom in order to release the decryption keys.

Other malware may not seem as obvious as ransomware. Systems may become infected with code that will steal credentials and other critical data through the use of keyloggers or fake login pages. The damage is done without the user having a clue of what or when this has happened. 

What use are user credentials to the hacker? These credentials are normally sold on the dark web and used by criminals to access sites that the user may visit such as banking and shopping sites. They can also be used to access sensitive information on servers in order to harvest more personal information such as social security numbers and credit card information.

What can you do to protect yourself? Basic cybersecurity best practices are always your best defense. 

  • Update and patch your device and software
  • Install anti-malware/anti-virus software
  • Educate end users on phishing, Internet safety and how to recognize and report unusual behavior
  • Download and install apps only from vetted agents (Google Play, Apple)
  • Check reviews of apps
  • Perform regular back ups
  • Employ 2-factor authentication