Which of the following is a malicious program used to capture information from an infected computer?

In 2018, there were 812 million reported malware infections (PurpleSecus Cyber Security Report), and 94% of those malware infections were delivered via email (CSO). No devices were immune to these infections—not even mobile devices.

What is malware? Malicious software, or "malware," is software written with the intent to damage, exploit, or disable devices, systems, and networks. It is used to compromise device functions, steal data, bypass access controls, and cause harm to computers and other devices and the networks they are connected to.

Malware on the Rise

According to a recent Internet Security Threat Report by Symantec, there were 246 million new malware variants discovered in 2018, and the percentage of groups using malware is on the rise, too. Symantec reported that groups using destructive malware increased by 25% in 2018.

With malware usage continuing to rise, it’s important to know what the common malware types are and what you can do to protect your network, users, and critical business data.

Understanding the Six Most Common Types of Malware

The six most common types of malware are viruses, worms, Trojan Horses, spyware, adware, and ransomware. Learn more about these common types of malware and how they spread:

1.   Virus

Viruses are designed to damage the target computer or device by corrupting data, reformatting your hard disk, or completely shutting down your system. They can also be used to steal information, harm computers and networks, create botnets, steal money, render advertisements, and more.

Computer viruses require human action to infect computers and mobile devices and are often spread through email attachments and internet downloads.

[You Might Also Like: "As Cyber Crime Evolves, Are Your Security Tools Keeping Up?"]

2.   Worm

One of the most common types of malware, worms spread over computer networks by exploiting operating system vulnerabilities. A worm is a standalone program that replicates itself to infect other computers, without requiring action from anyone.

Since they can spread fast, worms are often used to execute a payload—a piece of code created to damage a system. Payloads can delete files on a host system, encrypt data for a ransomware attack, steal information, delete files, and create botnets.

3.   Trojan Horse

A Trojan horse, or “Trojan”, enters your system disguised as a normal, harmless file or program designed to trick you into downloading and installing malware. As soon as you install a Trojan, you are giving cyber criminals access to your system. Through the Trojan horse, the cyber criminal can steal data, install more malware, modify files, monitor user activity, destroy data, steal financial information, conduct denial of service (DoS) attacks on targeted web addresses, and more. Trojan malware cannot replicate by itself; however, if combined with a worm, the damage Trojans can have on users and systems is endless.

[You Might Also Like: "What is Layered Security & How Does it Defend Your Network?"]

4.   Spyware

Installed on your computer without your knowledge, spyware is designed to track your browsing habits and internet activity. Spying capabilities can include activity monitoring, collecting keystrokes, and harvesting of account information, logins, financial data, and more. Spyware can spread by exploiting software vulnerabilities, bundling with legitimate software, or in Trojans.

5.   Adware

Adware is often known for being an aggressive advertising software that puts unwanted advertising on your computer screen. Malicious adware can collect data on you, redirect you to advertising sites, and change your internet browser settings, your default browser and search settings, and your homepage. You typically pick up adware through a browser vulnerability. Legitimate adware does exist, but it will ask your permission first before collecting data about you.

6.   Ransomware

According to Cybersecurity Ventures, cybercrime is predicted to cost the world 6 trillion dollars annually by 2021. Because ransomware generates so much money for cybercriminals, it is the type of malware we hear the most about.

Ransomware is a type of malware that holds your data captive and demands payment to release the data back to you. It restricts user access to the computer by either encrypting files on the hard drive or locking down the system and displaying messages that are intended to force the user to pay the attacker to release the restrictions and regain access to the computer. Once the attacker is paid, your system and data will usually go back to its original state.

How To Protect Your Business from Malware

Propagation of malware and cybercrime will continue to rise, and it’s important to protect yourself and your business from cybercriminals by implementing multiple layers of security, also known as a “layered approach.” These layers may include a firewall, end-user training, anti-malware and anti-virus software, email and web filtering, patch and update management, network monitoring, and managed detection and response services, just to name a few.

A layered approach is important to ensure that all potential entry points are protected. As an example, a firewall may prevent a hacker from getting on the network, but it won’t stop an employee from clicking an infected link in an email.

A good business continuity and disaster recovery solution (BCDR) is a must, too. A BCDR device and plan will not only protect your critical data in the event of a ransomware attack, but also from server failure, fire, or other natural disasters.

Don’t Forget Your End-Users

Though the layered approach described above can significantly reduce the risk of an attack, a business’ biggest vulnerability lies with its end-users.

Remember, 94% of all malware is delivered via email, which means that the security of your business lies in the hands of your end-users. So, when building your cybersecurity layers, don’t forget to educate your end-users and train them to be aware of the threats they may encounter and what to do when an attempted attack inevitably lands in their inbox.

End-user education along with software and hardware solutions are key to creating a more secure business environment. Prosource’s Managed IT Services give customers peace of mind. The monthly service not only includes many of the layers needed to secure your business network, but also other productivity-boosting benefits, like Help Desk support and a virtual Chief Information Officer (vCIO) who can educate and guide you and your employees on best practices to help protect your business.

Editor's Note: This post was originally published as "5 Common Types of Malware" in June 2017 and has been updated for accuracy and comprehensiveness, including an additional common type of malware.

Whether you’re on a Windows, Apple or Linux computer, a desktop, laptop, smartphone or tablet, you’re vulnerable to ever-evolving cyberthreats from computer viruses and other types of malware. The first step to protecting yourself and your data is understanding what you're up against. Here's an overview of the major types of malware, today’s most common computer viruses and their potential impact.

The term "malware" — an amalgamation of malicious and software — is now used to describe any malicious computer program on a computer or mobile device. These programs are installed without the consent of users and can cause a number of unpleasant effects, including crippling computer performance, mining your system for personally identifiable information (PII) and sensitive data, erasing or encrypting data or even hijacking device operations or computer-controlled hardware. Hackers continuously develop increasingly sophisticated ways to infiltrate user systems. Like a game of whack-a-mole, as soon as one threat is neutralized, a replacement evolves, and the next iteration emerges. Let's look at some of the most common types of malware currently in use.

1. Computer Viruses

What is a computer virus? Computer viruses are a type of malware that earned their name because of how they spread by "infecting" other files on a disk or computer. Viruses then spread to other disk drives and machines when the infected files are received in downloads from websites, email attachments, shared drives or when carried in files on physical media, such as USB drives or—in the early days—floppy disks.

According to the National Institute of Standards and Technology (NIST), the first computer virus, a boot sector virus called "Brain," was developed in 1986. Tired of customers pirating software from their shop, two brothers claim to have designed the virus to infect the boot sector of software thieves' floppy disks. The virus spread through infected copies of the pirated software, jumping from the infected floppy disk to the computer hard drive when the program was booted, or loaded onto the new machine.

2. Worms

Unlike viruses, worms don't require human help in order to infect, self-replicate or propagate. As soon as they breach a system, they infect their entry point and spread through the device and across any network to which the device connects. By exploiting network vulnerabilities—such as missed operating system (OS) updates or application patches, weak email security or poor internet safety practices—worms can execute, self-replicate and propagate at an almost exponential rate as each new infection repeats the process. Originally, most worms simply "ate" system resources and reduced performance. Now, most worms contain malicious "payloads" designed to steal or delete files upon execution.

3. Adware

One of the most common online nuisances is adware. Adware programs automatically deliver advertisements to host computers. Familiar examples of adware include pop-up ads on webpages and advertising messages that are part of the interface of "free" software. While some adware is relatively harmless, other variants use tracking tools to glean information about your location or browser history. Most of the time, adware collects information in order to serve better targeted ads. But sometimes Adware is used for more nefarious purposes including redirecting search results, displaying op-ups that can’t be closed or link to malware, disabling antivirus software or even  going all the way off the rails into the territory of spyware—see #4.

Technically, adware is installed with people's knowledge and consent. But when was the last time you read all the way through a several thousand word "Terms of Service" statement? By clicking the "I Agree" button, you grant consent. Because you have acknowledged and consented to the terms of service, these programs can't be termed malware. Today’s antivirus software typically identifies these programs as "potentially unwanted programs" (PUPs).

4. Spyware

Spyware does just what it says. It spies on what you're doing at your computer. It collects data such as keystrokes, browsing habits, location data and even login information. While adware might include "repurposing" collected data for sale in the terms of service statement, spyware is more duplicitous. Spyware is considered malware because users are unaware of it. The only intent of spyware is malicious. Spyware collects and sells your data to third parties, typically cyber criminals, with no regard for how the data will be used. Spyware may also modify specific security settings on your computer or interfere with network connections.

In another example of how the line between adware and spyware can blur, the rise of mobile computing has seen an explosion of spyware that tracks user behavior across devices and physical locations without their consent. For example, a free weather app on your smartphone may have gotten your consent to collect and use your location data, ostensibly to provide more accurate forecasts. You agreed to the app’s terms of service which include language enabling to re-use the location as they see fit, so it’s legit. But what happens when that includes selling your location to data to anyone who can afford it, regardless of whether that an online store trying to populate banner ads in your browser or a cyber criminal who cross-references mobile phone user data with other data sources?

5. Ransomware

Ransomware infects your computer, encrypts your PII and other sensitive data such as personal or work documents and then demands a ransom for their release. If you refuse to pay, the data is deleted. Some ransomware variants lock out all access to your computer. Sometimes, they might claim to be the work of legitimate law enforcement agencies and suggest that you've been caught doing something illegal.

6. Bots

Bots are programs designed to automatically carry out specific operations. Although they serve many legitimate purposes, they are also a popular type of malware. Once on a computer, bots can cause the machine to execute specific commands without the user's approval or knowledge. Hackers may also try to infect multiple computers with the same bot to create a "botnet"—short for robot network. These zombie botnets give hackers the ability to remotely manage compromised computers, enabling them to steal sensitive data, to spy on user activities, to distribute spam automatically or to launch devastating Distributed-Denial-of-Service (DDoS) attacks on computer networks and websites.

7. Rootkits

Rootkits allow remote access or control of a computer by a third party. These programs are useful for IT professionals trying to troubleshoot network issues remotely, but they can easily become nefarious. Once installed on your computer, rootkits allow attackers to take complete control of your machine to steal data or install additional malware. Rootkits are designed to go unnoticed and actively hide their presence and that of other malware that they install.

As with most computer viruses and malware, although it’s no guarantee of safety, protecting your devices from rootkits starts with keeping current on all OS and application updates and patches to eliminate potential infection routes. Effective detection of rootkits requires real-time monitoring—not just periodic disk drive scans—for unusual behavior system behavior.

8. Trojan Horses

Commonly called "Trojans," these programs hide in plain sight by masquerading as legitimate files or software. Once downloaded and installed, Trojans make changes to a computer and carry out malicious activities, without the knowledge or consent of the victim.

9. Bugs

Bugs—flaws in software code—are not a type of malware, they are errors in software code that popular vectors for attackers with malicious intent. Bugs can, on and of themselves, have detrimental effects on your computer, such as freezing, crashing or reducing performance. Security bugs create holes in a computer or network’s defenses that are especially attractive to would-be attackers. While better security control on the developer end helps reduce the number of bugs, bugs are another reason why keeping current on software patches and system updates is crucial.

Common Computer Virus Myths

• Any computer error message indicates virus infection. Error messages can also be caused by faulty hardware or software bugs.
• Viruses and worms require user interaction to activate. False. This is actually the primary difference between viruses and worms. Although viruses do require the activation of their host file in order to execute, this may be part of an automated process. In contrast, once a worm has breached a system, it can execute, self-replicate and propagate freely and with no trigger, human or automated.
• Email attachments from known senders are safe. Viruses and malware often spread by blast emailing the contacts on an infected computer. Even if you know the sender, don't open any attachments that you aren't sure about.
• Antivirus programs will stop all threats. While antivirus vendors do their best to stay on top of malware developments, it's important to run a comprehensive internet security product that includes technologies specifically designed to proactively block threats. Even then, of course, there's no such thing as 100 percent security. So, it's important to adopt safe internet practices to reduce your exposure to attack.

Common Misconceptions About Malware

Malware threats often rely on common misconceptions to create soft targets. By understanding some of the most widely misunderstood points, simple shifts in behavior can remove you from the soft target list.

One of the most common misconceptions about malware is the assumption that infection is obvious. Users often assume they'll know if their computer has been compromised. Typically, however, the intent of malware is to perform their task(s) for as long as possible. So, malware doesn't leave a trail to follow, and your system displays no signs of infection. Even malware like ransomware only makes its presence known after it has encrypted the files, thus completing its first task, to be ransomed back to the user.

Another common misconception is that all reputable websites are safe. Compromising legitimate websites with infected code is one of the easiest ways to convince potential victims to download files or provide sensitive information. This is exactly what happened to the European Central Bank (ECB) in August of 2019.

Many users believe their personal data—photos, documents and files—have no value for malware creators. But cyber criminals mine publicly available data, like that on social networks, to create custom targeted attacks on individuals or to gather intelligence for spear phishing emails popular for accessing the networks and assets of large, otherwise secure organizations.

Methods of Malware and Virus Infection and Spread

So how does your computer become infected by computer viruses or malware? There are many common approaches, but the following are some of the most popular methods owing to their efficacy and simplicity:

• Downloading infected files as email attachments, from websites or through filesharing activities
• Clicking on links to malicious websites in emails, messaging apps or social network posts
• Visiting compromised websites, aka drive-by downloads, viruses can be hidden in HTML, thus downloading when the webpage loads in your browser
• Connecting your device to infected external hard drives or network drives
• Operating system and application vulnerabilities provide security loopholes, backdoors and other exploits
• Social engineering attacks, such as phishing scams, trick victims into providing sensitive information or access to personal and work systems through customized attacks that often masquerade as legitimate organizations reporting fake emergencies to push victims to act quickly and without question
• Connected peripherals, smart devices and Internet-of-Things (IoT) devices can act as vectors, or access points, or they can be hijacked and controlled remotely by the hacker

Confidential data, such as passwords, are a key target of cyber criminals. In addition to using malware to capture passwords, cyber criminals also collect login details from hacked websites and devices, even physical means like peering over your shoulder in a crowded cafe. That's why it's so important to use a unique and complex password for each online account. This means 15 character or more and including letters, numbers and special characters.

The easiest way to do this is through a password manager tool that generates random passwords, stores them securely and obtains validation/permission prior to entering the stored credentials while masking the characters. Because so many people re-use passwords, password tools ensure that one compromised account does not cascade through your entire digital ecosystem. Also, remember that many security verification questions are ineffective. For example, if the question is "What's your favorite food?" and you're in the United States, "Pizza" is a common answer.

Signs of Malware and Computer Virus Infections

While most malware leaves no telltale signs and leaves your computer operating normally, sometimes there can be indications that you might be infected. Reduced performance tops the list. This includes slow-running processes, windows that take longer to load than usual and seemingly random programs running in the background. You may also notice that internet homepages have been changed in your browser, or that pop-up ads are occurring more frequently than usual. In some cases, malware can also impact more basic computer functions: Windows may not open at all, and you may be unable to connect to the internet or access higher-level system control functions.

If you suspect that your computer might be infected, scan your system immediately. If nothing is found, but you're still in doubt, get a second opinion by running an alternative antivirus scanner. Check out these free tools: Free Cloud Anti-Virus Software and Free Ransomware Protection & Decryption Tools

Ideally, you want to prevent an attack, not discover it. While you should scan your device as soon as you suspect something amiss, your best defense is a comprehensive internet security solution that includes real-time scanning and monitoring of disk drives, files and activities as well as real-time updates on web threats provided by a team of experienced cyber security professionals. This includes monitoring instant messaging services, scanning email attachments, providing a firewall and so much more than scheduled scans and periodic updates. Effective antivirus and cyber security software should be able to work and coordinate between all your devices—how else can they protect you from viruses and malware that do the same?