What is “malware” and why should we care?

The world is suddenly full of new words, some of which are easy to decipher, while others maybe not so much.

One of these commonly slung around is “malware.” Malware is software designed to disrupt normal operation of our computers, tablets and other systems by gathering sensitive information stored on them and worse: such as installing other pieces of software and gaining access to private computer systems that offer more valuable information and access, thereby increasing the liability and risk attached to allowing malware to proliferate. It comes in far too many forms to illustrate in great detail, so the word is used generally to refer to the vast diversity and scope of the hostile and intrusive forms it takes, including viruses, worms, spyware, adware and trojan horses.

Malware is not the same as “buggy” software, which is legitimate software built for legitimate purposes that may contain harmful bugs that went undetected and uncorrected before the software was released. However, it is important to keep in mind that a great deal of malware is disguised as genuine software and can be unknowingly downloaded from official company websites.

Malware is singularly responsible for the necessity of anti-virus, anti-malware and perimeter security devices on networks, such as firewalls. Once required only on corporate networks, firewalls and other defensive tools are now necessary for personal users, too, in order to prevent unauthorized access, such as automated proliferation of malware’s countless threats. Times have sure changed.

Malware, viruses and worms, are typically classified for the method they spread, in contrast to specific behaviors. “Virus” describes software that has infected some other, legitimate executable software and seeks to run in order to spread to other executable files, which spread them, and so on and so on.

“Worm” describes software that transmits itself over networks, actively seeking to infect other systems. Note that definitions like these lead to pictures in our minds of distinct methods: one that requires we, as users, to assist its proliferation by performing an action in order to help it spread (ie clicking on it and installing it), whereas, once established inside a system, worms can spread themselves quickly, stealthily and automatically without a user doing anything.

Purpose-built

Malware is used broadly against individuals, organizations and governments to discover and gather guarded information, disrupt operations and generally disrupt business. When used against individuals, the goal is to uncover and collect personal information that is valuable on a thriving black market, such as social security numbers, bank accounts, credit card numbers and more. Any personal computer or mobile device connect to a network (yes, such as the Internet) is at constant risk against such threats.

Since business has made the jump to taking place mostly online, coupled with ubiquitous access to broadband speeds, malware is more and more frequently being designed for profit. Since 2003 viruses and worms have primarily been designed to commandeer users’ computers for exploitation in the context I mentioned above – to harvest information then sold to the highest bidders on the black market. Likewise, “botnets” or “zombie computers” are acquired en masse using malware to work in collaboration across the globe, silently doing their authors’ malevolent bidding, including sending email spam, hosting contraband, launching distributed denial-of-service attacks and other forms of extortion.

Malware’s prevalence as a criminal’s most powerful too, combined with anti-malware software to counter a continuous stream of new and undocumented malware, has shaped the way individuals and businesses use and do business on the Web. With the overwhelming amount of malware being distributed, some unknown percentage of systems will constantly be infected. For businesses this means they need strategies to operate in spite of these security concerns. The result is a greater focus on and need for disaster recovery and continuity strategies designed to protect businesses against unplanned events.

Stealthy Delivery

Malicious software needs us to do something (like install it) in order to accomplish the objective of running on our computers, tablets and other systems. These malignant tools need high-level authority in order to run on our devices and systems without detection, with enough credentials to install others pieces of software, restart, shut down and modify, add or delete files on our systems. Malicious programs are often designed to be stealthy, to appear to be normal or desirable, something we as users might casually install it without realizing or thinking much about it.

We call this technique “Trojan horse” or just “trojan.”  Generally speaking, a Trojan horse behaves just like the story from which the term is taken:

“The Trojan Horse is a tale from the Trojan War about the subterfuge that the Greeks used to enter the city of Troy and win the war. In the canonical version, after a fruitless 10-year siege, the Greeks constructed a huge wooden horse, and hid a select force of men inside.”
— https://en.wikipedia.org/wiki/Trojan_Horse

A “Trojan Horse” is any program that comes bundled inside something legitimate and invites us to install it using friendly or otherwise familiar language and interface (pictures and clicking steps). Meanwhile, it conceals harmful tools which, once installed, can silently cause unquantifiable damage.

One of the most common ways malware is distributed is as something else, such as a legitimate application that we do wish to install, typically stuff that is free but not always. This is why it is so important to be mindful – especially at this time of year.

When malware is bundled with a piece of desirable software that we download, it is easy to presume there is no risk. Some of the more savory authors of malware often include end-user license agreements that describe the behavior of the malware in vague terms, which most of us may or may not read, understand or pay any attention to before initiating installation of the desirable application we downloaded.

Have more questions? There are no silly ones. Get in touch – I am at your service to answer them and help us all educate one another in an ongoing effort to help us all be more informed and aware in order to make the Internet safer for doing business.

Meanwhile, thanks for reading.