All About Malware

The Coronvirus virus has made far more employees work from home and on mobile devices and cyber criminal have connected to them often using malware weekend attacks. 
 
This has led attackers to shift their tactics and take advantage of the chaos caused by remote work, according to a new report published by cloud security firm Wandera say in their Cloud Security Report 2021.
 
Compared with pre-pandemic times, Wandera found that employees were twice as likely to connect to inappropriate content during work hours and more likely to continue accessing email after being compromised with mobile malware,  As a result, attackers shifted attacks to the weekends, and 41% more organisations experienced a malware infection on an employee's remote device.
 
Malware, short for malicious software, is the collective name for a number of malicious software variants, including viruses, ransomware and spyware and usually consists of code developed by cyber-attackers, designed to cause extensive damage to data and systems or to gain unauthorised access to a network. Malware is typically delivered in the form of a link or file over email and requires the user to click on the link or open the file to execute the malware.
 
Malware is sometimes used broadly against government or corporate websites to gather guarded information, or to disrupt their operation in general. However, malware can be used against individuals to gain information such as personal identification numbers or details, bank or credit card numbers, and passwords. 
 
Over 50% of organisations have experienced a malware incident on a remote device, up from 37% a year ago.
 
The Morris worm or Internet worm of November 2, 1988, was one of the first computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It also resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. In fact, malware has actually been a threat to individuals and organisations since the early 1970s when the Creeper virus first appeared. This was first created in 1971 by Bob Thomas of BBN. Creeper was actually designed as a security test to see if a self-replicating program was possible.
 
The introduction of reliable, speedy broadband networks early in the 21st century changed the way malware was transmitted. No longer confined to floppy disks or company networks, malware was now able to spread very quickly via email, via popular websites or even directly over the Internet. As a result, modern malware began to take shape.
 
The threat landscape became a mixed environment shared by viruses, worms and Trojans, hence the name "malware" as an umbrella term for malicious software. One of the most serious epidemics of this new era was the LoveLetter, which was first identified in 2000. Since then, the world has been under attack from hundreds of thousands of different malware variants, all with the intent of causing the most disruption and damage as possible. 
 
There are three subtly different known ways in which malware can infect target computers:-
 
  • Worm - is a standalone piece of malicious software that reproduces itself and spreads from computer to computer.
  • Virus - is a piece of computer code that inserts itself within the code of another standalone program, then forces that program to take malicious action and spread itself.
  • Trojan - is a program that cannot reproduce itself but masquerades as something the user wants and tricks them into activating it so it can do its damage and spread.

Malware can also be installed on a computer "manually" by the attackers themselves, either by gaining physical access to the computer or using privilege escalation to gain remote administrator access. The best-known types of malware, viruses and worms, are known for the manner in which they spread, rather than any specific types of behavior. 

A computer virus is software that embeds itself in some other executable  software (including the operating system itself) on the target system without the user's knowledge and consent and when it is run, the virus is spread to other executables. On the other hand, a worm is a stand-alone malware software that actively transmits itself over a network to infect other computers.
 
These definitions lead to the observation that a virus requires the user to run an infected software or operating system for the virus to spread, whereas a worm spreads itself. 
 
Wandera:     Kaspersky:        CSO Online:    Dark Reading:     Forcepoint
 
You Might Also Read: 
 
Most Large Financial Firms Have Been Attacked In The Past Year:
 
« Biden Selects His Cyber Team
NSA Appoints New Cyber Director »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Chatham House

Chatham House

Chatham House is an independent policy institute based in London. Topics cover foreign affairs and defence including cyber security.

Intland Software

Intland Software

Intland offer an integrated Application Lifecycle Management platform that offers all-round Requirements, Development, and Testing & Quality Assurance functionality.

NowSecure

NowSecure

NowSecure are the experts in mobile app security testing software and services.

The Media Trust

The Media Trust

The Media Trust continuously scans websites, ad tags and mobile apps and alerts on anomalies affecting websites and visitors.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

Invest Ottawa

Invest Ottawa

The IO Accelerator Program is designed to rapidly and systematically accelerate the development and commercial success of high growth technology firms.

Nominet

Nominet

Nominet's cyber division offers network detection and response services to governments and enterprises worldwide.

Upfront Security

Upfront Security

Upfront Security helps companies with innovative products & services to prevent, recognise and recover from (identity) fraud.

Netstar

Netstar

Netstar is an IT Support company based in Central London providing fully managed IT Support, Cyber Security and Technology Consulting services.

FourthRev

FourthRev

FourthRev is an education-technology start-up with a mission to solve the skills crisis of the Fourth Industrial Revolution.

Blackrock Cyber

Blackrock Cyber

Blackrock Cyber consults on critical security decisions, oversees compliance for your payment initiatives, and details cyber security training for your entire organization and board reporting.

BIRD Cyber

BIRD Cyber

BIRD Cyber is a program to promote collaboration on cybersecurity and emerging technologies aimed at enhancing the cyber resilience of critical infrastructure.

TRM Labs

TRM Labs

TRM enables risk management and compliance for a global community of financial institutions, cryptocurrency businesses and government agencies.

OxCyber

OxCyber

OxCyber's mission is to ignite and encourage cybersecurity and technology growth in the Thames Valley through meetings, webinars, in person events, workshops and mentorship programs.

Keeran Networks

Keeran Networks

Established in Edmonton in 1999, Keeran specializes in delivering comprehensive IT support and solutions aimed at optimizing technology investments for businesses.

runZero

runZero

runZero delivers the most complete security visibility possible, providing you the ultimate foundation for successfully managing exposures and compliance.