What is Malware?
CISO Panel: Strategies and Tools to Remediate and Shut Down Advanced Attacks at the Endpoint
There are no shortage of challenges facing enterprises when it comes to cyber security. While often facing a shortage of skilled security professionals dedicated to responding to active threats, enterprises are hit by cyber criminals willing to invest significant time and resources into creating advanced attacks that target them specifically.
Malware, or malicious software, is the broad category name for harmful code used in cyberattacks that affect laptops, desktops, servers, mobile devices, and, more recently, IoT devices.
The list of malicious attacks that fall under the category of malware is extensive – and it keeps getting longer and longer. While the first samples of malware started as viruses, it now comprises major types such as worms, Trojan horses, spyware, adware, rootkits, botnets, and ransomware.
Many subtypes exists as well, while some samples of malware can be categorized under multiple classifications based on what it is designed to accomplish and how. The categories list above are helpful guides to discuss the topic of malware and provide a framework to discuss its capabilities and intent.
What are the different types of malware?
Malware is a big term, so in order to discuss it more effectively we've created categories of malware that describe their function, distribution and, in some case, intent. This episode of "The 101" dives into the eight major categories of malware today.
To view this and other episodes of "The 101" click here.
While there are many different types of malware, with unique characteristics and goals, there are seven key traits that are common to almost all malware:
Cyberattackers that use malware have a single goal in mind – and they are using malware as the primary mechanism to achieve their specific outcome.
Each type of malware gains entry to a system or device differently, typically without the knowing consent of users.
Each type of malware exhibits different behaviors once it is on a system, depending on the programming code developed by the attacker. The threat may spread, replicate, harvest, spy, or harm as it executes its code.
Different behaviors present different levels of risk, depending on the ultimate intent.
All malware requires interactions, either with a user or a machine, in order for the attack code to execute.
Almost every malware attack today results in a remote connection back to the attacker, who may initiative further, more complex maneuvers.
Malware continues to evolve in technological complexity and egregious intents at an aggressive pace.
As seen in these industry statistics, malware as a whole is pervasive and costly – and almost every company is a victim1.
spent, on average, defending against malware
pass, on average, resolving a malware attack
new samples of malware are discovered every day
Carbon Black’s data found that malware was at the root of 48% of all cyberattacks in 2017. However, of all the malware in use today, ransomware is the one that is of the most concern for every security professional in companies large and small. Here’s why:
Cybercriminals are very successful at using malware to achieve their goals for the simple reason that most traditional antivirus tools use static analysis as a primary security tactic. However, these tools only can identify known samples – and today, with the rapid development of new malware every day, the majority of it now appears as unknown files. Attackers use various techniques like packing, or compressing, to change aspects of the malware so it looks different than known threats. As such, the attacks easily slip through antivirus defenses.
This is where next-generation endpoint security – and behavior analytics – comes in. The good news about malware is that how it operates within a system or device will eventually appear different than normal user behavior. Therefore, with big data and machine learning zeroing in on anomalies, potential malware can be identified as out-of-the-norm and potentially malicious.