Malware is a broad term used to describe any file or program that is intended to harm or disrupt a computer. This includes:
1. Botnet Software
Botnet software is designed to infect large numbers of Internet-connected devices. Some botnets comprise millions of compromised machines, each using a relatively small amount of processing power. This means it can be difficult to detect this type of malware, even when the botnet is running.
2. Ransomware Attack
Ransomware is a form of malware that encrypts victims’ information and demands payment in return for the decryption key. Paying a ransom does not necessarily guarantee that you will be able to recover the encrypted data. Learn more about ransomware
RATs (Remote-Access Trojans) are a type of malware that install backdoors on targeted systems to give remote access and/or administrative control to malicious users.
4. Rootkits and Bootkits
Rootkits tend to comprise several malicious payloads, such as keyloggers, RATs and viruses, allowing attackers remote access to targeted machines.
Bootkits are a type of rootkit that can infect start-up code – the software that loads before the operating system.
Spyware is a form of malware used to illicitly monitor a user’s computer activity and harvest personal information.
A Trojan is a type of malware that disguises itself as legitimate software but performs malicious activity when executed.
7. Viruses and Worms
A computer virus is a piece of malicious code that is installed without the user’s knowledge. Viruses can replicate and spread to other computers by attaching themselves to other computer files.
Worms are like viruses in that they are self-replicating. However, they do not need to attach themselves to another program to do so.
Also known as “Ransomware as a Service” — is a growing industry in the underground hacker community. People without the knowledge to carry out a sophisticated ransomware attack can pay to hire a professional hacker or team of hackers to perform the attack for them.
The growth of the underground RaaS industry is worrying, as it shows how easy it is to infect people with ransomware despite the bad actors having no previous experience with designing or coding malware.
9. News Malware Attacks
Cybercriminals often use current news stories and global events to target people with malware.
One example is hackers using the wave of the COVID-19 (Coronavirus) outbreak to target individuals with malware. Hackers send out emails that are disguised as legitimate information about the outbreak. Readers are prompted to click a link to learn more about the information, but the link contains malware that copies the files on your device and steals your personal information.
Research currently focuses on the spread of this malware in Japan. Still, it will become an issue worldwide during any kind of newsworthy outbreak.
IoT Device Attacks
As the popularity of IoT (Internet of Things) devices grows — things like smart speakers and video doorbells — hackers are looking to exploit these devices for valuable information.
There are multiple reasons why hackers choose to target IoT devices. For one, most IoT devices don’t have enough storage to install proper security measures. These devices often contain easy-to-access data such as passwords and usernames, which then can be used by hackers to log into user accounts and steal valuable information, such as banking details.
Hackers can also use internet-based cameras and mics to spy on and communicate with people — including young children via smart baby monitors.
These devices can also act as weak points in a corporation’s network, meaning hackers can gain access to entire systems through unsecured IoT devices — spreading malware to other devices across the network.
Botnets are large networks of compromised computers, whose processing power is used without the user’s knowledge to carry out criminal activity. This can include distributing spam or phishing emails or carrying out DDoS attacks.
Exploits and Exploit Kits
An exploit is a piece of malicious code that can compromise a security vulnerability. Many have been developed by the security services. For instance, in 2017 the WannaCry ransomware spread using an exploit known as EternalBlue. This exploit had been developed by, and stolen from, the US National Security Agency.
Exploit kits are collections of multiple exploits. Available for rent on the dark web, they enable unskilled criminals to automate attacks on known vulnerabilities.
An MITM (man-in-the-middle) attack occurs when a criminal hacker inserts themselves between a device and a server to intercept communications that can then be read and/or altered.
MITM attacks often happen when a user logs on to an insecure public Wi-Fi network. Attackers can insert themselves between a visitor’s device and the network. The user will then unknowingly pass information through the attacker.Drive-by downloads
Drive-by downloads install malware when victims visit a compromised or malicious website. They don’t rely on unsuspecting users taking action, such as clicking malicious email attachments or links, to infect them.
Phishing is a method of social engineering used to trick people into divulging sensitive or confidential information, often via email. Not always easy to distinguish from genuine messages, these scams can inflict enormous damage on organisations.
Social engineering is used to deceive and manipulate victims in order to obtain information or gain access to their computer.
This is achieved by tricking users into clicking malicious links or by physically gaining access to a computer through deception.
Humans are possibly the weakest link in any security protocol. This is why cybercriminals are now turning to human psychology and deception to try and gain access to personal information.
The hacker will start by contacting a company or service provider and pretend to be a specific person. They’ll ask questions regarding the victim’s account and trick the customer support team into handing over pieces of sensitive information. Then, they’ll exploit that information to gain access to a person’s account and data, including payment details.
Although this isn’t a type of malware, social engineering is an alarming trend, as it doesn’t require hackers to know about coding or malware development. Instead, all the attacker needs is to be convincing and allow human error and complacency to reward them with the data they need.
A SQL (Structured Query Language) injection occurs when an attacker inserts malicious code into a server that uses SQL. SQL injections are only successful when a security vulnerability exists in an application’s software. Successful SQL attacks will force a server to provide access to or modify data.
Backdoors allow remote access to computers or systems without users’ knowledge.
DDoS (distributed denial-of-service) attacks attempt to disrupt normal web traffic and take targeted websites offline by flooding systems, servers or networks with more requests than they can handle, causing them to crash.
Cryptojacking is the malicious installation of cryptocurrency mining – or ‘cryptomining’ – software. This software illicitly harnesses the victim’s processing power to mine for cryptocurrency.
DNS Poisoning Attacks
DNS (domain name system) poisoning attacks compromise DNS to redirect traffic to malicious sites. Affected sites are not ‘hacked’ themselves.
Artificial Intelligence (AI) Attacks
As more tools become available to developers who want to program AI scripts and software, hackers will be able to use this same technology to carry out devastating cyberattacks.
Although cybersecurity companies are using artificial intelligence and machine learning algorithms to help combat malware, these technologies can also be exploited to hack devices and networks on a massive scale.
Cyberattacks can often cost cybercriminals a lot in terms of time and resources. So, with the expansion of AI and machine learning technologies, we can only expect hackers to develop highly-advanced and destructive AI-based malware in the future.
Vulnerabilities are the security flaws in your systems that cyber attacks exploit.
All a criminal needs to be able to exploit them is a malware toolkit and an online tutorial. There is no need for any coding knowledge whatsoever.
Types of cyber security vulnerability include the following:
1. Network Vulnerabilities
result from insecure operating systems and network architecture. This includes flaws in servers and hosts, misconfigured wireless network access points and firewalls, and insecure network protocols.
2. Hardware Vulnerabilities
Exploit weaknesses in computer hardware. Examples include the Spectre and Meltdown vulnerabilities, which were found in processors manufactured by Intel, ARM and AMD. They affected almost every system, including desktops, laptops, servers and smartphones.
3. Software and Application
These vulnerabilities are flaws such as coding errors or software responding to certain requests in unintended ways. They include CSRF (cross-site request forgery) and XSS (cross-site scripting) vulnerabilities.
4. Zero-day Vulnerabilities
These are security flaws that have been discovered by criminals but are unknown to, and therefore unpatched by, the software vendors. The term refers to the number of days the vendor has to address the vulnerability. (Zero-day exploits are code that compromise zero-day vulnerabilities.)