How to protect your computer and devices from malware:
What is malware? – Malware (a shortened term for malicious software) is software that infects your computer with the intention to penetrate or damage your system, network, or device.
How can I get infected with malware?
Malware is usually disguised as a software or program appearing as a legitimate file that you download. It can also be hidden on a storage device (such as a USB or hard drive), or through a link where the malware auto-downloads without your approval or awareness once you visit a website. It could even be disguised as a download for an anti-virus software that is actually malware. This is why it is important to always confirm your source and to ensure that the source is authentic before downloading anything. Direct downloads on a website, email attachments, and links in text messages are all very common sources for malware.
What are the different types of malware?
There are many different types of malware, but understanding the unique characteristics of each may help protect your devices and networks.
Viruses
A virus is a program that was commonly spread when people shared USBs, CDs, or other physical media. Now, they’re usually hidden in an email attachment. It infects your computer by copying itself without knowledge or permission of the user. It could erase everything on your hard disk, spread itself to other computers, corrupt or delete data
Ransomware
This is malware that installs onto a device and encrypts files. The cybercriminals will typically use ransomware to demand a ransom payment in exchange for decrypting the victims’ data.
Worms
Worms copy themselves without user interaction. They often use a computer network to spread, utilizing your security weaknesses to get through.
Spyware
Software that steals data from the devices and the user without your knowledge or consent.
Trojans
Trojans are harmful code or software that’s disguised as a real functioning program. Users are fooled into downloading and using them, and once they run, they can do various things such as attack, steal data, corrupt your device, or spy.
How do you know if you have malware?
Sometimes, you can observe unusual activity on your computer, such as slow speeds, crashes, and freezing, browser redirects, loss of disk space, or pop-up advertisements. Another sign could be a large pop-up screen stating, “your files have been encrypted”. Any of these should prompt you to run a malware scan or set one up if you are not already running an anti-malware program.
How to protect and respond to malware?
Many scans will remove the infected program and lines of code if found. Others may be more discreet, and harder to discover where they are located. Anti-malware software is the best way to protect yourself upfront in order to maintain a clean device.
The quality and effectiveness of software can range from simple retail antivirus software to more sophisticated EDR (Endpoint Detection & Response) or MDR (Managed Detection & Response). For businesses, EDR or MDR cybersecurity solutions are preferred as their detection and mitigation capabilities are far more advanced than basic retail antivirus software detection.
EDR is effective in detecting the threat at the endpoint (i.e. computer) and prevents that virus from spreading to other devices on the network. Some EDR providers provide AI (Artificial Intelligence) software to detect header signatures on the files to ascertain whether a piece of software could be a threat. Once it has identified suspicious software, it will isolate the device from the network and run through a set of analyses that will alert you if further action is warranted. If sufficient data exists to point to the software as being a virus, it will take mitigation steps to limit the virus spreading to other devices.
MDR is an outsourced solution that provides further managed mitigation services by a security center. They ensure that threats are isolated, identified, and effectively mitigated with cybersecurity resources to investigate the virus in real time and take appropriate steps based on any identified propagation to the network. Once the extent of the damage has been assessed, action is taken on any impacted devices to reverse the damage.
