Malware
Malware
Malware
Malware, short for malicious software, refers to any intrusive software developed by
cybercriminals (often called hackers) to steal data and damage or destroy computers and
computer systems. Examples of common malware include viruses, worms, Trojan viruses,
spyware, adware, and ransomware. Recent malware attacks have exfiltrated data in mass
amounts.
What is the intent of malware?
Malware is developed as harmful software that invades or corrupts your computer network.
The goal of malware is to cause havoc and steal information or resources for monetary gain
or sheer sabotage intent.
Destruction or vandalism
Destroys computer systems to damage your network infrastructure.
Monetary gain
Sells your organization's intellectual property on the dark web.
Product
Cisco Umbrella
Effectively protect your users against malware in minutes with fast, flexible, cloud-delivered
security.
Explore Umbrella
Product
Secure Email
Rapidly detect, quarantine, investigate, and remediate cyberattacks that target your email.
Explore Secure Email
Product
Secure Firewall
Improve security with intelligent control points, unified, dynamic policies, and threat
visibility.
Explore Secure Firewall
7 types of malware
Virus
Viruses are a subgroup of malware. A virus is malicious software attached to a document or
file that supports macros to execute its code and spread from host to host. Once downloaded,
the virus will lie dormant until the file is opened and in use. Viruses are designed to disrupt a
system's ability to operate. As a result, viruses can cause significant operational issues and
data loss.
Worms
A worm is a type of malicious software that rapidly replicates and spreads to any device
within the network. Unlike viruses, worms do not need host programs to disseminate. A
worm infects a device through a downloaded file or a network connection before it multiplies
and disperses at an exponential rate. Like viruses, worms can severely disrupt the operations
of a device and cause data loss.
Trojan virus
Trojan viruses are disguised as helpful software programs. But once the user downloads it,
the Trojan virus can gain access to sensitive data and then modify, block, or delete the data.
This can be extremely harmful to the performance of the device. Unlike normal viruses and
worms, Trojan viruses are not designed to self-replicate.
Spyware
Spyware is malicious software that runs secretly on a computer and reports back to a remote
user. Rather than simply disrupting a device's operations, spyware targets sensitive
information and can grant remote access to predators. Spyware is often used to steal financial
or personal information. A specific type of spyware is a keylogger, which records your
keystrokes to reveal passwords and personal information.
Adware
Adware is malicious software used to collect data on your computer usage and provide
appropriate advertisements to you. While adware is not always dangerous, in some cases
adware can cause issues for your system. Adware can redirect your browser to unsafe sites,
and it can even contain Trojan horses and spyware. Additionally, significant levels of adware
can slow down your system noticeably. Because not all adware is malicious, it is important to
have protection that constantly and intelligently scans these programs.
Ransomware
Ransomware is malicious software that gains access to sensitive information within a system,
encrypts that information so that the user cannot access it, and then demands a financial
payout for the data to be released. Ransomware is commonly part of a phishing scam. By
clicking a disguised link, the user downloads the ransomware. The attacker proceeds to
encrypt specific information that can only be opened by a mathematical key they know.
When the attacker receives payment, the data is unlocked.
Fileless malware
Fileless malware is a type of memory-resident malware. As the term suggests, it is malware
that operates from a victim's computer's memory, not from files on the hard drive. Because
there are no files to scan, it is harder to detect than traditional malware. It also makes
forensics more difficult because the malware disappears when the victim computer is
rebooted. In late 2017, the Cisco Talos threat intelligence team posted an example of fileless
malware that they called DNSMessenger.