Malware comprises a number of nasties:
- Adware - software displaying adverts and/or banners when user is online – while sometimes acceptable, the malware version relates to the ones you cannot get to go away
- Bots – an autonomous programme on the internet that can get into programmes and does things that might be different to what the normal user of that programme may want
- Bugs – (in this instance) a mistake or error in a programme that prevents that programme functioning according to original design intention – and can be planted maliciously or appear by accident
- Rootkits - a set of software tools that enable an unauthorised user to gain control of a computer system without being detected.
- Spyware - software that enables a user to obtain covert information about another's computer activities by transmitting data covertly from their hard drive
- Trojan horses - a program designed to breach the security of a computer system while ostensibly performing some innocuous function.
- Viruses - a type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another by replicating itself (potentially endlessly) – it needs software programmes to be present to achieve this
- Worms - malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage
Historically there have been times that hackers have used such Malware simply because they can. This is now no longer the usual reason.
So what to do?
- Prepare: by ensuring your systems are safe initially, ensure you have a proper anti-virus software installed, ensure your back-ups are created regularly and often, ensure you know what to do if you find the effects of malware – but better ensure you know what to do to prevent such a request in the first place.
- Keep only the most up to date software – ie up to date on all patches, updates and new versions of ALL software that you use. If there is software that you do not use, then either remove it (if possible) or update it anyway as this is a key way that hackers can break into your systems.
- Teach your people – from the Chairman of the Board to the office juniors – to never accept / open emails that may be attempts to access your systems by cyber criminals. The favourite approach to get “into” a system is to use a Phishing attack via email. Teach them to spot these, what to do when they have spotted it, what to do if they did open it anyway and what to do if they receive a ransomware demand.