All About Malware

Uploaded on 2021-01-28 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The Coronvirus virus has made far more employees work from home and on mobile devices and cyber criminal have connected to them often using malware weekend attacks. 
 
This has led attackers to shift their tactics and take advantage of the chaos caused by remote work, according to a new report published by cloud security firm Wandera say in their Cloud Security Report 2021.
 
Compared with pre-pandemic times, Wandera found that employees were twice as likely to connect to inappropriate content during work hours and more likely to continue accessing email after being compromised with mobile malware,  As a result, attackers shifted attacks to the weekends, and 41% more organisations experienced a malware infection on an employee's remote device.
 
Malware, short for malicious software, is the collective name for a number of malicious software variants, including viruses, ransomware and spyware and usually consists of code developed by cyber-attackers, designed to cause extensive damage to data and systems or to gain unauthorised access to a network. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware.
 
Malware is sometimes used broadly against government or corporate websites to gather guarded information, or to disrupt their operation in general. However, malware can be used against individuals to gain information such as personal identification numbers or details, bank or credit card numbers, and passwords. 
 
Over 50% of organisations have experienced a malware incident on a remote device, up from 37% a year ago.
 
The Morris worm or Internet worm of November 2, 1988, was one of the first computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It also resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. In fact, malware has actually been a threat to individuals and organisations since the early 1970s when the Creeper virus first appeared. This was first created in 1971 by Bob Thomas of BBN. Creeper was actually designed as a security test to see if a self-replicating program was possible.
 
The introduction of reliable, speedy broadband networks early in the 21st century changed the way malware was transmitted. No longer confined to floppy disks or company networks, malware was now able to spread very quickly via email, via popular websites or even directly over the Internet. As a result, modern malware began to take shape.
 
The threat landscape became a mixed environment shared by viruses, worms and Trojans, hence the name "malware" as an umbrella term for malicious software. One of the most serious epidemics of this new era was the LoveLetter, which was first identified in 2000. Since then, the world has been under attack from hundreds of thousands of different malware variants, all with the intent of causing the most disruption and damage as possible. 
 
There are three subtly different known ways in which malware can infect target computers:-
 
  • Worm - is a standalone piece of malicious software that reproduces itself and spreads from computer to computer.
  • Virus - is a piece of computer code that inserts itself within the code of another standalone program, then forces that program to take malicious action and spread itself.
  • Trojan - is a program that cannot reproduce itself but masquerades as something the user wants and tricks them into activating it so it can do its damage and spread.

Malware can also be installed on a computer "manually" by the attackers themselves, either by gaining physical access to the computer or using privilege escalation to gain remote administrator access. The best-known types of malware, viruses and worms, are known for the manner in which they spread, rather than any specific types of behavior. 

A computer virus is software that embeds itself in some other executable  software (including the operating system itself) on the target system without the user's knowledge and consent and when it is run, the virus is spread to other executables. On the other hand, a worm is a stand-alone malware software that actively transmits itself over a network to infect other computers.
 
These definitions lead to the observation that a virus requires the user to run an infected software or operating system for the virus to spread, whereas a worm spreads itself. 
 
Wandera:     Kaspersky:        CSO Online:    Dark Reading:     Forcepoint
 
You Might Also Read: 
 
Most Large Financial Firms Have Been Attacked In The Past Year:
 
« Biden Selects His Cyber Team
NSA Appoints New Cyber Director »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

BakerHostetler

BakerHostetler

BakerHostetler is one of the largest law firms in the USA We have five core practice groups including a specialty practice team in Privacy and Data Protection.

edgescan

edgescan

edgescan is a cloud-based continuous vulnerability management and penetration testing solution.

SGCyberSecurity

SGCyberSecurity

SGCyberSecurity is Singapore's No.1 Cyber Security portal. From this platform, you will be able to find useful articles, resources and connect with the security companies for your business needs.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

Vortiv

Vortiv

Vortiv Ltd (formerly known as Transaction Solutions International Ltd) is a technology based company focused on the cybersecurity and the cloud services sector.

Delfigo Security

Delfigo Security

Delfigo Security, a pioneer in intelligent authentication, provides a strong, multi-factor authentication solution to prevent identity theft and reduce fraud.

Anthony Timbers LLC

Anthony Timbers LLC

Anthony Timbers is a cybersecurity consulting and penetration testing firm providing services to the Federal and Commercial sectors nationwide.

Dasera

Dasera

Dasera’s Radar and Interceptor products deliver visibility, governance, and protection solutions for data-agile companies.

Open Quantum Safe (OQS)

Open Quantum Safe (OQS)

The Open Quantum Safe (OQS) project is an open-source project that aims to support the development and prototyping of quantum-resistant cryptography.

Cyber Crucible

Cyber Crucible

Cyber Crucible is a cybersecurity Software as a Service company definitively removing the risk of data extortion from customer environments.

KingsGuard Solutions

KingsGuard Solutions

KingsGuard Solutions is a San Diego Cybersecurity company that specializes in complex and innovative security solutions for companies throughout Southern California.

SecurityLoophole

SecurityLoophole

SecurityLoophole is an independent cyber security news platform with global coverage. Latest updates, reports, news and events related to cyber security.

PingSafe

PingSafe

PingSafe is creating the next-generation cloud security platform powered by attackers' intelligence, providing coverage for vulnerabilities that traditional security solutions would otherwise overlook

Ionize

Ionize

Ionize offers solutions to help you uplift your capability across the full-spectrum of cyber security - assessment, remediation, monitoring, governance and ongoing education.

SydeLabs

SydeLabs

At SydeLabs, our mission is to ensure the comprehensive security of your AI systems.

CeTu

CeTu

CeTu - Data Orchestration for the Modern SOC. Strengthen security and optimize costs with the world's first AI-native platform for scaling and future-proofing your data stack.