Malware

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 3

What is malware?

Malware, short for malicious software, refers to any intrusive software developed by
cybercriminals (often called hackers) to steal data and damage or destroy computers and
computer systems. Examples of common malware include viruses, worms, Trojan viruses,
spyware, adware, and ransomware. Recent malware attacks have exfiltrated data in mass
amounts.
What is the intent of malware?
Malware is developed as harmful software that invades or corrupts your computer network.
The goal of malware is to cause havoc and steal information or resources for monetary gain
or sheer sabotage intent.

Intelligence and intrusion


Exfiltrates data such as emails, plans, and especially sensitive information like passwords.

Disruption and extortion


Locks up networks and PCs, making them unusable. If it holds your computer hostage for
financial gain, it's called ransomware.

Destruction or vandalism
Destroys computer systems to damage your network infrastructure.

Steal computer resources


Uses your computing power to run botnets, cryptomining programs (cryptojacking), or send
spam emails.

Monetary gain
Sells your organization's intellectual property on the dark web.

How do I protect my network against malware?


Typically, businesses focus on preventative tools to stop breaches. By securing the perimeter,
businesses assume they are safe. However, some advanced malware will eventually make
their way into your network. As a result, it is crucial to deploy technologies that continually
monitor and detect malware that has evaded perimeter defenses. Sufficient advanced malware
protection requires multiple layers of safeguards along with high-level network visibility and
intelligence.

Product

Cisco Umbrella
Effectively protect your users against malware in minutes with fast, flexible, cloud-delivered
security.
Explore Umbrella

Product
Secure Email
Rapidly detect, quarantine, investigate, and remediate cyberattacks that target your email.
Explore Secure Email

Product

Secure Firewall
Improve security with intelligent control points, unified, dynamic policies, and threat
visibility.
Explore Secure Firewall

How do I detect and respond to malware?


Malware will inevitably penetrate your network. You must have defenses that provide
significant visibility and breach detection. To remove malware, you must be able to identify
malicious actors quickly. This requires constant network scanning. Once the threat is
identified, you must remove the malware from your network. Today's antivirus products are
not enough to protect against advanced cyberthreats.

Learn how to update your antivirus strategy

Inside Cisco Talos Threat Hunters


Discover how Cisco Talos threat hunters identify new and evolving threats in the wild, and
how their research and intelligence helps organizations build strong defenses.

7 types of malware
Virus
Viruses are a subgroup of malware. A virus is malicious software attached to a document or
file that supports macros to execute its code and spread from host to host. Once downloaded,
the virus will lie dormant until the file is opened and in use. Viruses are designed to disrupt a
system's ability to operate. As a result, viruses can cause significant operational issues and
data loss.

Worms
A worm is a type of malicious software that rapidly replicates and spreads to any device
within the network. Unlike viruses, worms do not need host programs to disseminate. A
worm infects a device through a downloaded file or a network connection before it multiplies
and disperses at an exponential rate. Like viruses, worms can severely disrupt the operations
of a device and cause data loss.

Trojan virus
Trojan viruses are disguised as helpful software programs. But once the user downloads it,
the Trojan virus can gain access to sensitive data and then modify, block, or delete the data.
This can be extremely harmful to the performance of the device. Unlike normal viruses and
worms, Trojan viruses are not designed to self-replicate.

Spyware
Spyware is malicious software that runs secretly on a computer and reports back to a remote
user. Rather than simply disrupting a device's operations, spyware targets sensitive
information and can grant remote access to predators. Spyware is often used to steal financial
or personal information. A specific type of spyware is a keylogger, which records your
keystrokes to reveal passwords and personal information.

Adware
Adware is malicious software used to collect data on your computer usage and provide
appropriate advertisements to you. While adware is not always dangerous, in some cases
adware can cause issues for your system. Adware can redirect your browser to unsafe sites,
and it can even contain Trojan horses and spyware. Additionally, significant levels of adware
can slow down your system noticeably. Because not all adware is malicious, it is important to
have protection that constantly and intelligently scans these programs.

Ransomware
Ransomware is malicious software that gains access to sensitive information within a system,
encrypts that information so that the user cannot access it, and then demands a financial
payout for the data to be released. Ransomware is commonly part of a phishing scam. By
clicking a disguised link, the user downloads the ransomware. The attacker proceeds to
encrypt specific information that can only be opened by a mathematical key they know.
When the attacker receives payment, the data is unlocked.

Fileless malware
Fileless malware is a type of memory-resident malware. As the term suggests, it is malware
that operates from a victim's computer's memory, not from files on the hard drive. Because
there are no files to scan, it is harder to detect than traditional malware. It also makes
forensics more difficult because the malware disappears when the victim computer is
rebooted. In late 2017, the Cisco Talos threat intelligence team posted an example of fileless
malware that they called DNSMessenger.

What are the benefits of advanced malware protection?


Advanced malware can take the form of common malware that has been modified to increase
its capability to infect. It can also test for conditions of a sandbox meant to block malicious
files and attempt to fool security software into signaling that it is not malware. Advanced
malware protection software is designed to prevent, detect, and help remove threats in an
efficient manner from computer system.

You might also like