Malware 101: What It Is and How It Works

You’re not just imagining it. Malware really is everywhere. Want proof? Just plug “Malware” into Google as a search term and watch more than 26 million results pop up. Even on the day I wrote this blog post, there were 46,500 stories about malware on Google News. Among them: an item on Symantec’s 2013 Internet Threat Report which says targeted malware attacks jumped by 42 per cent worldwide last year. Clearly, malware is a massive problem that’s only getting bigger.

But what exactly is it? You may know ‘malware’ as an ominous collective term for stuff that can crash your company computers and melt down your mobile devices. However, before your business can take steps to protect against malware, it helps to know what it is, what it does, the history of its origins, and the various names it goes by. That’s all in this blog post, the first in a three-part series on malware.

What it is
The term ‘malware’ refers to malicious software. It’s any type of software created specifically to hurt computers and computing networks. It can do this by disrupting them, disabling them, taking them over, spying on them, gaining access to their data and stealing or leaking that data.

Types of malware
You’ve probably heard of various malware pests but you may only have a vague idea of what they do and how they differ. Here’s a simplified breakdown of some major malware categories:

Viruses – Damage computers and networks, steal data and sometimes create botnets (see ‘bot’ below). Viruses often copy themselves and spread to other computers once a user accidentally activates them by running an infected file or program, etc.

Worms – Steal data, overload web servers and delete files. Worms spread by exploiting bugs or weak spots in operating systems, and unlike a virus, worms replicate automatically without any action by the user

Bots – Steal website content and email addresses and send out mass spam emails. Big networks of bots called botnets are often used in denial of service attacks on web sites.

Spyware – Tracks your web browsing and other computer activity and steals personal data

Adware – Generates pop-up ads that slow your computer and often carry spyware

Ransomware – Takes over your computer system or files until you pay a ransom to regain control of them

Trojans – Provide hackers with remote access to your computer. Trojans often fool users into thinking they’re safe through being disguised as something good; i.e., you click on what looks like something you want to open, install or download but it’s actually malware

The birth of malware
Malware has likely been around for longer than you might think. The first virus, 1971’s Creeper, was a benign one created just to demonstrate the concept of how a virus could work. The first major ‘bad’ virus was The Brain, programmed in 1986. The first widespread worm, Morris, was born in 1988. As you’ll read next, malware didn’t really make headlines or spread on a massive scale until the 1990s.

Malware hall of fame (or shame)
Here’s a short timeline of some of the most infamous malware attacks of all time:

– 1992: the Michelangelo virus is programmed to strike on the artist’s birthday, March 6

– 1999: the Melissa worm attacks Microsoft Word and Outlook users

– 2000: the I Love You worm causes about $10 billion in damages

– 2001: email attachments falsely labeled as pictures of tennis star Anna Kournikova contain a worm instead

– 2007: birth of Zeus, one of the first major bots

– 2008: Koobface worm hits Facebook and Twitter, heralding the era of social media malware

– 2010: the Stuxnet worm strikes Iran’s nuclear facilities

– 2012: Flashback Trojan proves MacOS users are not immune to malware by infecting over 600,000 Macs

As you can see, major malware incidents are happening more frequently, having greater impact and targeting more strategically as time goes on.

The bottom line
We talked above about the many reasons why you can’t let your guard down on malware. Hackers are constantly coming up with new ways to spread it to devices (including mobile ones) and networks like yours. That’s what the next post in this series will cover: the craftiest and creepiest methods of getting malware onto your IT system. It’s all the more reason to check out comprehensive security solutions that can help protect your business from the threat of malware.

Has your business been a victim of malware? What did it cost your company in money, time and other resources? Share your thoughts in our comments area below.