antivirus

Dissecting Malware: Types, Newest Variants and Security Measures

We can estimate the world’s cost of cyberattacks. Experts believe losses will increase to a staggering $9.22 trillion per year by 2027. But we cannot put a finger on the devastation of human lives—loss of income, destroyed nest eggs, interrupted education, and the chaos and turmoil when a critical service goes down.

Headline-grabbing data breaches are only a part of the picture. They’re only the tip of the iceberg of data breaches or thefts that go unreported or unnoticed.

But on the brighter side, strong cybersecurity measures foil millions of attacks daily without anyone writing about them. While no one is immune from malware, companies that use advanced threat protection tools and a proactive approach stay safer than those with a haphazard approach to cyber defense.

What Is Malware?

Dissecting Malware

Malware refers to any program designed to affect or damage the files of a computer, server, client, or computer network. There are several malware categories, such as viruses, ransomware, and spyware, and millions of permutations of each.

The history of malware dates back to the early 1980s, when writing malware was a way to earn bragging rights and exposure rather than money. However, internet users increased in the early 1990s. Criminals woke up to the possibilities inherent in the vast number of connected devices. Their focus quickly shifted to financial gain.

Types of Malware

We can broadly classify malware into a few categories, of which these four are prominent threats:

  • Viruses and worms are similar. However, viruses require user action (a click to open a document) to execute, while worms self-replicate without user intervention.
  • Ransomware: Encrypts files and demands payment for access.
  • Spyware: Monitors user activities and collects personal information, often used for identity theft.
  • Trojans are malicious software that masquerades as genuine programs but has a harmful twist, such as stealing data or downloading other viruses.

How Do You Get Malware?

The main attack vectors are well known, and security companies have developed tools to shore up these weaknesses:

  • File downloads: Everybody does it, but downloading files from unverified websites is risky. Malicious downloads can contain viruses, worms, Trojan horses, or fake software updates that appear harmless but are malicious.
  • Phishing attacks cost businesses billions every year. In phishing attacks, criminals disguise themselves as trusted entities to trick people into opening tainted links or infected attachments.
  • Software vulnerabilities can be exploited when users do not install security patches or updates. Older software versions leave well-documented weak spots in operating systems, applications, or browsers.

Four Emerging Malware Trends in 2024

Accidental infections and script kiddie attacks made headlines ten or fifteen years ago. Today, AI-boosted tools and big players with big resources dominate the cyber landscape.

  1. Targeted ransomware attacks: Some attackers have adopted the long game. They do extensive surveillance before moving against their targets. They focus on companies that handle sensitive information or provide critical infrastructure. The stakes are higher, and the payoffs are bigger.
  2. Double extortion and the emergence of hybrid ransomware: New forms contain elements of different threats. For example, a ransomware attack might steal the data before encrypting it. After paying the ransom, victims sometimes find their data destroyed or corrupted. Then, the attackers demand a second ransom to restore the undamaged data. If victims are reluctant to pay, the attackers raise the stakes with threats to publish sensitive data.
  3. Supply chain attacks: Attackers use third-party software to reach their primary targets. They can attack multiple targets using the same methodology, making it harder to discover the origin of the breach. They can also attack third-party service providers with access to a corporation’s data.
  4. Smaller businesses are getting more attention: They’re good for quick, if smaller, payoffs. Small businesses are easy to attack because they remain largely ignorant of the scale and magnitude of cyber risks. Ironically, advanced malware protection is within every company’s reach.

Latest Variants Focused on Smaller Enterprises

Cuttlefish is an example of how keen criminals are to attack unsuspecting smaller businesses. They’re actively targeting SOHO (small office/home office) setups.

It’s a sophisticated, multifunction threat that infects routers and keeps a low profile. It sniffs data until it identifies a specific type of data traffic. Then, it looks for DNS requests to specific private IP addresses associated with cloud-based services such as AWS and CloudFlare. At this point, it launches a series of attacks.

The attackers can now hide in plain sight, posing as a legitimate device on the network. They can then manipulate data and install additional malware on your devices. They can also access cloud data without setting off alarms, gaining a permanent foothold on your cloud platform.

The only defense is to encrypt network traffic with TLS/SSL. Cuttlefish can’t read encrypted traffic, so it cannot identify your requests for cloud-based services.

Actionable Security Advice for Every Business

Be proactive rather than reactive. Bad actors release more than 300,000 new variants every day. Small businesses are at extreme risk and must use advanced threat detection tools. Minimize exposure to risks and mitigate the effects with the right software and security practices:

  • Protect your router with a VPN. Cuttlefish sniffs out specific types of DNS requests. If you install a VPN on your router, the DNS requests Cuttlefish feeds on will be encrypted and, therefore, not interesting. Enable the router’s firewall.
  • Install a VPN on each device. Encrypt everything that passes around your network—even internal messages and data.
  • Have up-to-date antivirus software. To perform additional checks, you could also run specialized anti-malware tools regularly. They can detect and eradicate certain types of malware that regular antivirus software may miss. Enable every device’s firewall.
  • Update all systems. Keep ahead of vulnerabilities – hackers scan the internet to identify unpatched computers and networks.
  • Monitor network traffic for traffic fluctuations. Also, monitor the devices on your network. If you don’t recognize a device straightaway, investigate it.
  • Back up your data regularly, but ensure it is encrypted before it gets sent.
  • Empower your employees with training. They face phishing messages and unsafe websites daily. Equip them with basic cybersecurity training and the tools to stay safe online.
  • Take authentication seriously. Enforce the use of strong, unique passwords. Implement 2FA/MFA security on all company platforms.

Every Business is a Target

Malware can strike any person or business at any time. The financial cost of cyberattacks is substantial, but the human impact, in terms of lost income and disrupted lives, is immeasurable. It’s important to understand the types of malware and how they can strike so that you can take proactive cybersecurity measures. Apply your knowledge to stay ahead of the cybercriminals and keep your data safe.

Author
  • Fredrik Filipsson

    Fredrik Filipsson brings two decades of Oracle license management experience, including a nine-year tenure at Oracle and 11 years in Oracle license consulting. His expertise extends across leading IT corporations like IBM, enriching his profile with a broad spectrum of software and cloud projects. Filipsson's proficiency encompasses IBM, SAP, Microsoft, and Salesforce platforms, alongside significant involvement in Microsoft Copilot and AI initiatives, improving organizational efficiency.

    View all posts