Malware 101: Part 1

Malware 101: Part 1

Malware: A powerful word able to invoke fear in IT directors at its very mention  Malware has infected almost every corner of the Internet, and now mobile devices and social networks have been trapped in its vicious claw.  And the problem is not a small one. According to Symantec, in 2010 alone, 286 million different types of malware were responsible for more than 3 billion total attacks on computer users.  And the cost of malware for users is even more sobering. Some estimates suggest that cybercriminals using malware to steal personal financial information and other information cost the global economy as much as $1 trillion dollars per year. For businesses, that is an average cost of $3.8 million spent addressing, mitigating and restoring systems after a cyber attack. For individual customers, the numbers are estimated to work out to about $1000 in losses per attack.

What Is Malware?

Given its far-reaching and damaging effects, it’s important to understand exactly what malware is. Malware is software designed for the specific purpose of damaging, disabling, or disrupting computers,  computer systems, or networks. The bad guys, also known as hackers, will pounce on website security flaws, or vulnerabilities, to introduce malware into existing software and systems causing issues that can be as small as annoying pop-up windows or as significant as severe security breaches that give access to sensitive information and allow for major theft.

Malware is a term that encompasses a range of potential threats that include viruses, trojans, bots, worms, spyware and other malicious programs, however, each of these have their own unique way of wreaking havoc. Viruses replicate themselves and spread to other computers. Spyware takes information from a user’s system and sends it to hackers who can use the information to steal financial information.

How does malware work?

Malware can very easily infect websites. This is most commonly accomplished by injection and cross-site scripting. These methods allow user’s computer systems to be attacked by visiting a site. Sometimes referred to as “drive-by downloads”, users don’t have to actually download a bad file, the malware will take care of it on its own by taking advantage of compromised servers and developer desktops that are not secure. They often will affect web server PHP, HTML, and JavaScript files.

Most consumers don’t have the latest and greatest security software installed, or they may be using outdated browsers, plug-ins or other applications that may not be 100 percent secure. However, malware changes very rapidly so even the most current security systems with the most up-to-date patches may still be susceptible to malware attacks.

Moreover, with the spread of “packaged” attack software, which may also go by the name of exploit or command-and-control toolkits, now more than ever before hackers can develop malware that is faster, smarter and more damaging.

Website malware can include keystroke loggers, password harvesters, screen scrapers, and myriad other tools developed to infect a website visitor’s computer. When this happens, have inroads to take over a computer and cause significant and costly damage.