Computer Malware, Viruses & How To Prevent Other Cyber Security Threats To Your Business

The world has never been more reliant on technology than it is today. Though this has brought about many positive changes – such as convenience, increased productivity and connection with friends, family and colleagues across the globe – it has also led to less favourable ones. 

No matter the device you use, that device is open to cyber attacks such as malware, viruses and ransomware. According to the ‘Cyber Security Breaches Survey 2021’, four in ten businesses (39%) and a quarter of charities (26%) reported having experienced cyber security breaches or attacks that past year. Among those surveyed, approximately one quarter (27% of these businesses and 23% of these charities) have experienced a security breach or attack at least once a week. Because these breaches can disrupt and damage businesses, we wanted to inform you about two of the major cyber attacks – malware and viruses – and provide you with guidance on how to protect your business and personal devices from them. Cyber security is of the utmost importance, as is protecting your customers, staff and the company you’ve worked so hard for.

cyber-security-threat-support

What Is Computer Malware? – Infections, Attacks, Malicious Programs & Other Cyber Security Threats

Malware is the collective name for a range of malicious software, such as viruses, ransomware and spyware. Usually comprising code developed by cyber attackers, it is designed to cause significant damage to data and systems, or to gain unauthorised network access. Malware can be delivered from a link, or file through email, and requires an individual to click the link or open up the file to enact the malware. Since the 1970s when the Creeper virus appeared, hundreds of thousands of different malware variants have been wreaking havoc, all with the purpose of causing damage and disruption. 

Though varied in type and capabilities, malware typically has one of the following aims:

  • Allow remote control for a cyber attacker on an infected machine.
  • Send spam from the infected machine to unsuspecting targets.
  • Investigate the infected user’s local network.
  • Steal sensitive data and personal information.

 

Malware can include:

 

Trojans Malware – Malware that is hidden within what seems to be legitimate software. Once activated, malware Trojans will carry out the malicious activity they have been programmed to. 

 

Virus Malware – Disruptive programs that copy themselves throughout a computer or network. Malware viruses latch onto existing programs and can only be activated when a user opens the program. Unfortunately, viruses can corrupt and even delete data, using the user’s email to spread, or erase everything on a hard disk.

 

Worm Malware – Self-replicating viruses that exploit security vulnerabilities to spread themselves throughout computers and networks. They typically go unnoticed until replication reaches a scale that consumes significant system resources or network bandwidth.

 

Ransomware – Uses malicious software to hold valuable files, data or personal information for ransom. Victims of a ransomware attack may have their operations severely damaged, degraded or shut down entirely, leaving much stress and financial ruin.

 

Remote Administration Tools (RATs) – This is software that enables a remote user to control a system. RATs allow administrative control, so that a cyber attacker can do anything they want to an infected computer. What’s most worrisome about them is that they are very tough to detect, as they don’t usually appear in lists of running programs or tasks, and their actions can be mistaken for the actions of trusted programs.

 

Rootkits – Programs that provide network attackers privileged (root-level) access to your business computers and/or operating systems.

 

Spyware – Malware that gathers detailed information on the usage of the infected computer and sends this back to the attacker

 

Cryptojacking – A type of malware that involves cryptomining. This is the process of using computing power to verify transactions on a blockchain network, with cyber attackers stealing cryptocurrency from your business’s services. Crytojacking happens when cybercriminals hack into both business and personal computers, laptops, and mobile devices to install software, and divert payments into their own pockets.

 

Malvertising – This malware attack involves using online advertising to spread malware, by injecting malicious code or malware-laden advertisements into seemingly trustworthy online advertising networks and web pages.

prevent-malware-attack

Online Viruses & Computer Viruses – How They Spread

A computer virus – in a similar way to a flu virus – spreads from host computer to host computer and has the capability to reproduce and replicate itself, spreading itself through software, files and documents. The aim is to change how the computer operates and provide access to it for nefarious purposes. The virus will insert or attach itself to a legitimate program or document that supports macros in order to execute its code, and, in the process, can cause damaging effects such as destroying data and system software.

 

Once a virus has attached itself to a file, document or program, it may lie dormant until an unsuspecting user accidentally causes the computer or device to execute its code. For the virus to take hold, you have to run the infected program, but, because viruses aren’t always detectable, they don’t always show warning signs. Still, once the virus infects your computer, the virus can further infect other computers on the same network and can cause the following damage: Password and data theft; file corruption; email contact spamming; taking control of your equipment; financial theft; hard disk damage.

 

It’s pretty easy for computer viruses to spread too – if you consider all of your connected devices, applications and software. Online viruses can spread through malicious email attachments, text message attachments, internet file downloads, social media links and app downloads that seem reliable. Viruses can even hide behind or be disguised as socially-shareable content such as photos, audio files and video files.

 

An example of a big cyber attack from 2021 occured in May, when the computer manufacturer Acer was infiltrated by the REvil hacker group – incidentally, the same operative responsible for a network attack on Travelex. A ransom of $50 million was demanded, as REvil hackers exploited a major vulnerability in a Microsoft Exchange server to gain access to Acer’s files and released images of sensitive financial documents and business spreadsheets.

online-virus-protection

 

Cyber Security Threats Best Practices – Antivirus Software, Malware Protection, Cyber Insurance & More 

There are luckily a wide range of cybersecurity solutions available to detect and prevent malware and viruses. These include: firewalls, network intrusion prevention systems (IPS), deep packet inspection (DPI) capabilities, unified threat management systems, antivirus software and virtual private networks, as well as content filtering and data leak prevention systems. For greater online protection, all of your security processes and programs should be regularly tested using a variety of controlled and simulated malware-based attacks to ensure they are working properly and can provide suitable protection – known as penetration testing. What’s more, a stable library of malware signatures should be utilised to ensure testing is completed against the latest attacks. 

The National Cyber Security Centre (NCSC) provides the following guidance for mitigating cyber attacks, and preventing malware from reaching your devices and spreading between them:

  • Filtering to only allow file types you would expect to receive.
  • Blocking websites that are known to be malicious.
  • Regularly inspecting content.
  • Using signatures to block known malicious code.

 

This can be done at the network level via:

At The Insurance Octopus, we understand that malware and computer viruses can cause much concern for businesses, prompting them to install the very best in cybersecurity and online protection. But we also know that sometimes, even the most secure of programs can fall foul to network attacks and cyber attackers, and that’s why a cyber insurance policy can provide that extra layer of support – both from a financial and reputational point of view. The Insurance Octopus can help you to find a cyber insurance policy to suit your business, and we have a supportive team by your side should you ever need us. For your cyber insurance quote, please click here or call us today on 0161 968 2030.