According to the Ponemon Institute, more than 1 in 4 companies will experience at least one cyberattack incident in the next two years. And with an increase in work-from-home business models, the remote workforce is a prime target for opportunistic thugs. One more downer, most companies have unprotected data and poor cybersecurity practices in place, making them vulnerable to data loss.
Malware is the overarching term to label most of the types, categories, and threat levels of these attacks. As the name implies, malware has made cybercrime a very profitable business for hackers. iTBlueprint has compiled a list of the most common malware definitions so you can know what you’re up against and how to protect yourself.
1. Ransomware
Ransomware is malicious software that holds your computer for ransom. Disguised as a legitimate file, ransomware infects your systems, blocking or encrypting access to files with threats to publish or delete that information if a ransom is not paid. In 2020, COVID-19 created a breeding ground of ransomware hounds—at an increase of more than 150%—looking to take advantage of the chaos.
Remember WannaCry? The attack hijacked computers running Microsoft Windows, demanding a ransom paid in Bitcoin. Risk modeling firm, Cyence, estimated the potential cost of this attack to be about $4 billion.
2. Viruses
Like a virus in the human body that attaches itself to cells and replicates, a computer virus attaches to software, reproducing when the software is run. And like COVID, it’s most often spread through sharing, in this case software or files between computers. Once the program is run, the virus can go about stealing passwords or data, logging keystrokes, corrupting files, or even taking over the machine.
3. Rogue Apps
As a result of remote working, mobile devices—from smartphones to tablets—have become essential tools for employees. In addition to weekly Webex team calls, employees are using them to access sensitive company files and SaaS applications. Which makes them perfect in-roads for devious exploitation, using rogue apps.
Rogue apps are counterfeit mobile apps designed to mimic trusted brands or apps, but they carry a malware payload. Unaware users install the app, leaving the door open for hackers to steal sensitive information, such as credit card data or login credentials.
4. Phishing/Spear-phishing/Whaling
Phishing attacks use emails, looking like they’re from reputable companies (FedEx, Microsoft, your bank), to bait victims into clicking a link that takes them to a non-legitimate website or downloading an infected attachment to steal financial or confidential information. Phishing attacks account for more than 80% of reported security incidents, costing about $17,700 every minute.
Spear-phising is more targeted for an individual or group, usually from a trusted source. Whaling is when hackers impersonate senior management, such as a CEO or CFO, to leverage their authority to gain access to sensitive data or money.
5. Baiting
Another phishing lure is baiting. The email or text includes something to entice the victim to act, such as a free download of some kind or looks like it is was accidentally sent to them with a link to “Confidential Information.” Once they click on it, their computer or device becomes infected and allows the hacker to infiltrate the network.
6. Pretexting
Pretexting is old school, relying on person-to-person interactions. Instead of starting with an email or text, the victim receives a phone call from someone impersonating a fellow employee, IT representative, or vendor. The impersonator asks questions that convince the victim into providing confidential or other sensitive information. This information is used to get into and move freely throughout your network. Cybercriminals even outsource pretexting to call centers. It’s such problem that the Gramm-Leach-Bliley Act (GLBA), known for improving financial data security, has made pretexting illegal.
7. Distributed Denial of Service (DDoS)
A Distributed Denial of Service (DDoS) attack uses botnets (botnets are next) to crash a company’s web server or online system by overwhelming it with data. The most common kind of DDoS attacks are floods which send a massive amount of traffic to the targeted victim’s network, consuming so much bandwidth that users are denied access. Protocol attacks go after the network to exploit any weaknesses in protocols. Application layer attacks target web servers, web application platforms, and specific web-based applications with a goal to crash the server completely. Industry experts predict that by 2023, DDoS attacks worldwide will escalate to 15.4 million.
8. Botnets
Not always considered malicious, bots can actually be very helpful, such as when search engines use them to crawl the internet and index pages of information for our searches. When bad bots come together, they create a botnet that can carry out attacks against websites and even IoT devices. Run as a payload for another form of malware or through a contaminated file downloaded by the user, botnets can spread to other machines.
In 2016, the Mirai botnet infected IoT devices, such as thermostats, webcams, home security systems, and routers. Using the internet connection from roughly 100,000 IoT devices, the botnet launched a DDoS attack on the company that manages the connections between forbes.com domain names and the server that hosts the forbes.com website. This resulted in thousands not being able to connect to a variety of websites, bringing some businesses to a standstill.
9. Rootkits
Rootkits are sneaky, since they wait to strike by opening the door for attackers to gain administrator-level access to systems without your knowledge. Once inside, they can do almost anything they want with the system, including recording activity, changing system settings, accessing data, and mounting attacks on other systems. And what makes rootkits so insidious, is that many can hide out in the open disguised as necessary files.
10. Trojan Horses
Named after a very dangerous wooden horse from Greek mythology, Trojan Horses hide a harmful code inside a harmless-looking file to create backdoors that allow attackers unauthorized access to share your financial information, passwords and other sensitive materials with criminals.
The banking Trojan Grandoreiro took advantage of the COVID-19 crisis using fake websites. Grandoreiro was just one of scams hackers used to play on people’s pandemic fears. Hiding in videos on fake websites that promise to provide vital information about the virus, the Trojan downloads a payload on the victim’s device when they play the video.
11. Spyware
Exactly as the name implies, spyware is software that spies on you and gathers information about you without your consent. Though some spyware is benign such as cookies to monitor shopping habits, other types of spyware have been used to steal intellectual property and highly classified information as a form of corporate espionage. Spyware spreads by piggybacking on another piece of software or a file.
12. Data Leakage
Data leakage, also known as low and slow data theft, is the unauthorized sharing of data from within a company to an outside recipient. With the increase in mobile device usage and people working from home, data leakage has become a significant problem from many organizations. Whether leaked via a gap in security caused by a cyberattack, by mismanagement or on accident by an employee multi-tasking and accidentally sharing something they shouldn’t, data leakage can cost companies a lot—from declining revenue to a tarnished reputation or massive financial penalties to crippling lawsuits.
The Defenders
No need to be alarmed. iTBlueprint’s full-spectrum security solutions deliver unmatched protection—from core to cloud. Nothing slips past iTBlueprint’s team of specialists. Experienced in modern attack vectors, we combine sandboxing techniques, behavior best practices, and a range of tools and services for protection onsite or in the cloud.
Hackers aren’t going to stop anytime soon, so let iTBlueprint fill in those gaps with a range of services to monitor, alert, mitigate and resolve attacks when they happen.
Find out how we can help defend your business from cyberattacks.