All About Malware

Uploaded on 2021-01-28 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

The Coronvirus virus has made far more employees work from home and on mobile devices and cyber criminal have connected to them often using malware weekend attacks. 
 
This has led attackers to shift their tactics and take advantage of the chaos caused by remote work, according to a new report published by cloud security firm Wandera say in their Cloud Security Report 2021.
 
Compared with pre-pandemic times, Wandera found that employees were twice as likely to connect to inappropriate content during work hours and more likely to continue accessing email after being compromised with mobile malware,  As a result, attackers shifted attacks to the weekends, and 41% more organisations experienced a malware infection on an employee's remote device.
 
Malware, short for malicious software, is the collective name for a number of malicious software variants, including viruses, ransomware and spyware and usually consists of code developed by cyber-attackers, designed to cause extensive damage to data and systems or to gain unauthorised access to a network. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware.
 
Malware is sometimes used broadly against government or corporate websites to gather guarded information, or to disrupt their operation in general. However, malware can be used against individuals to gain information such as personal identification numbers or details, bank or credit card numbers, and passwords. 
 
Over 50% of organisations have experienced a malware incident on a remote device, up from 37% a year ago.
 
The Morris worm or Internet worm of November 2, 1988, was one of the first computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It also resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. In fact, malware has actually been a threat to individuals and organisations since the early 1970s when the Creeper virus first appeared. This was first created in 1971 by Bob Thomas of BBN. Creeper was actually designed as a security test to see if a self-replicating program was possible.
 
The introduction of reliable, speedy broadband networks early in the 21st century changed the way malware was transmitted. No longer confined to floppy disks or company networks, malware was now able to spread very quickly via email, via popular websites or even directly over the Internet. As a result, modern malware began to take shape.
 
The threat landscape became a mixed environment shared by viruses, worms and Trojans, hence the name "malware" as an umbrella term for malicious software. One of the most serious epidemics of this new era was the LoveLetter, which was first identified in 2000. Since then, the world has been under attack from hundreds of thousands of different malware variants, all with the intent of causing the most disruption and damage as possible. 
 
There are three subtly different known ways in which malware can infect target computers:-
 
  • Worm - is a standalone piece of malicious software that reproduces itself and spreads from computer to computer.
  • Virus - is a piece of computer code that inserts itself within the code of another standalone program, then forces that program to take malicious action and spread itself.
  • Trojan - is a program that cannot reproduce itself but masquerades as something the user wants and tricks them into activating it so it can do its damage and spread.

Malware can also be installed on a computer "manually" by the attackers themselves, either by gaining physical access to the computer or using privilege escalation to gain remote administrator access. The best-known types of malware, viruses and worms, are known for the manner in which they spread, rather than any specific types of behavior. 

A computer virus is software that embeds itself in some other executable  software (including the operating system itself) on the target system without the user's knowledge and consent and when it is run, the virus is spread to other executables. On the other hand, a worm is a stand-alone malware software that actively transmits itself over a network to infect other computers.
 
These definitions lead to the observation that a virus requires the user to run an infected software or operating system for the virus to spread, whereas a worm spreads itself. 
 
Wandera:     Kaspersky:        CSO Online:    Dark Reading:     Forcepoint
 
You Might Also Read: 
 
Most Large Financial Firms Have Been Attacked In The Past Year:
 
« Biden Selects His Cyber Team
NSA Appoints New Cyber Director »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Software Testing News

Software Testing News

Software Testing News provides the latest news in the industry; from the most up-to-date reports in web security to the latest testing tool that can help you perform better.

Cato Networks

Cato Networks

Cato connects your branch locations, physical and cloud datacenters, and mobile users into a secure and optimized global network in the cloud.

Ergo

Ergo

Ergo is a world-class IT Partner of choice, leveraging the latest technology available in cloud, mobility, big data, analytics, and social media.

CybX Security LLC

CybX Security LLC

CybX is the first company of its kind to merge the practice of computer forensics with computer security and information security.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

NeuVector

NeuVector

NeuVector, the leader in Full Lifecycle Container Security, delivers uncompromising end-to-end security from DevOps vulnerability protection to complete protection in production.

RhodeCode

RhodeCode

RhodeCode is an open source repository management platform. It provides unified security and team collaboration across Git, Subversion, and Mercurial.

Armexa

Armexa

Armexa is a leading provider of advanced industrial cybersecurity solutions that protect your critical OT and ICS infrastructure against ever-changing threats.

EDGE Group

EDGE Group

EDGE is one of the world’s leading advanced technology groups, established to develop agile, bold and disruptive solutions for defence and beyond.

Assured Clarity

Assured Clarity

Assured Clarity are a global consultancy, specialising in Risk Management and Data Privacy, through Education, Awareness and Training, throughout an organisation.

Davinsi Labs

Davinsi Labs

Davinsi Labs helps companies achieve Digital Service Excellence with specialized Security Intelligence and Service Intelligence solutions.

vpnMentor

vpnMentor

We started vpnMentor to offer users a really honest, committed and helpful tool when navigating VPNs and web privacy.

Myrror Security

Myrror Security

Myrror Security is a software supply chain security solution that aids lean security teams in safeguarding their software against breaches.

Screwloose IT

Screwloose IT

Screwloose IT are a national provider of information technology services. We specialise in managed IT, cloud services, cyber security, website design and digital marketing for businesses of all sizes.

Modat

Modat

Modat is an AI-powered, research-driven company focused on developing products and services that enable cybersecurity professionals to outpace adversaries.

MineOS

MineOS

MineOS aligns compliance with business growth. We designed our platform so that privacy compliance efforts directly benefit other teams and initiatives.