A Brief Guide to Ransomware, Malware and Everything In-between
While the internet is a wonderful tool filled with essentially endless pools of information for you to take from, it’s important to be weary of how dangerous it is too; from hackers to phishers, there’s always going to be some kind of danger creeping around, so it’s important to know what danger is around and how to avoid it. In this article, we’ll be looking at malware, a rundown of the different types, and how to spot them.
Malware
You’ll hear the word ‘malware’ a lot nowadays, but what exactly does it mean? Malware is more of a blanket term used to describe any malicious or harmful software. Malware can have a range of features from keeping track of every key you press, or straight up destroying your files. While the effects of malware can be quite strange at times, it’s important to never let any programs like this into your machine, otherwise your system might just become a puppet for a hacker in another country to control.
There are many different classifications of malware, here’s a rundown of some of the more common varieties:
Viruses
Malware gets commonly called a virus, when sometimes that’s not the case, a virus is a specialised type of malware that you don’t see too often nowadays. A key component of a virus is that it spreads through the system by hiding in existing files rather than creating and trying to hide new ones (similar to real viruses, which spread through hiding in body cells).
Viruses will also typically include a payload. A payload is essentially a group of harmful operations that the virus will do. For instance, when a virus’ payload has been activated, it might be programmed to find important Windows files and corrupt them, or it could be programmed to open up a pop up window you can’t close down.
You won’t see many viruses nowadays because of their nature; a virus will draw attention to itself and most malware developers don’t want that, they’d prefer their malware to stay hidden.
It’s not too difficult to protect yourself from viruses, you just need to be weary of what you’re downloading and where from, and above all else get a good antivirus to stop threats before they start.
Trojans
Trojans are a little more common, and instead of opting for hiding in files, they will hide in plain sight, appearing as a legitimately helpful program. A trojan is designed to trick the user into downloading it by appearing as a helpful program such as an antivirus, or a PC optimiser. Once on the system, they will start their dirty work; Fake antivirus scanners will claim that a clean PC is filled with dozens of threats, and claim the only way to remove them is to buy into their “premium” service when in actuality the only threat on the system is the fake antivirus.
Trojans may also come bundled with other malware too, so if you happen to end up installing a fake optimiser, it might not be enough just to remove that; there could be dozens of other hidden pieces of malware still in the PC, brought through by the Trojan.
To avoid these programs, always do a background check on any software you install, search around and see what people have to say about it. If the top results are guides on how to uninstall it, it’s probably a Trojan.
Ransomware
A deadly type of malware that’s been appearing more and more often in the recent years. It gets its name from what it does, encrypts your data, and forces you to pay a ransom in order to reverse the damage. Generally, ransomware encrypts every file it can find on the victim PC, meaning they’re useless gibberish until they’ve been decrypted. The ransomware would then offer to decrypt these files for a fee, usually paid to an anonymous source through bitcoin.
Some recent examples of this include WannaCry and Petya, both have appeared relatively recently, and caused a lot of damage to businesses around the world. They worked as a typical ransomware does, infects the victim’s PC, and encrypts every file it can find. The deadly aspect about these two is they were also able to spread to every other system on the same network, so if only one PC was infected to start out, the rest of the systems on the network would soon become infected too.
Remember, if your system is ever infected with this sort of program, never pay the ransom; there’s no guarantee you’ll get your information back, and it will only help fund these organisations. Always keep multiple backups of your data, onsite and off, so you’re able to recover from the damage as soon as possible. Its worth paying for an extra level of security. Ask yourself the question, what would it cost your organisation is you lost EVERYTHING ?
Spyware
A rarer type of malware designed to go completely undetected on the victim PC. Spyware will monitor the actions taken on a PC, and often log them to an anonymous source, which normally is the spyware creator. Information can include what programs are used, what internet connections are made and each key stroke made on the PC. Spyware that can do this is classified as a keylogger, which are very dangerous programs to have, given it can allow the spyware creator to access any login information through logging the keystrokes given.
It’s very rare, but if a keylogger is poorly written, there’s a chance you can tell when it does this by an incredibly subtle delay in keystroke typing to response, however it is extremely difficult to tell, so it’s likely not going to be the best way of keeping safe from these programs.
A good commercial Anti-Virus package should keep Spyware at bay, although a free tool like CCleaner can also be effective.
Adware
The main point of adware is quite simple; it wants to inject advertising into everything you do. So, it’s easy to guess where it’s gotten its name from. Adware on a system will inject advertising into webpages, programs and sometimes even the desktop where they wouldn’t be normally, in order for the developers to make money from desperate and dodgy advertising sites. Adware on its own can be annoying, however the adverts and popups it opens might end up leaving the system open to other malware, so it should still be considered a threat.
Using a safer browser like Chrome, or having a good firewall can prevent these being installed in the first place.
Conclusion
There’s so many types of malware out on the internet that it would take far too long to go over every type you could find. Though hopefully these has given you a good idea of some of the more prevalent types sneaking around the web.
Cybercrime is becoming more and more of a threat to small to medium enterprises, and you must ensure your systems are in a position to handle\prevent any attacks. Jupiter IT offer a free audit to ensure your systems are where they need to be. Call our team on 01482 974444 or email cybersafe@jupiterit.co.uk and we will be happy to help.
