What is Malware?
Malware has been a serious security threat to both individuals and organizations since the late 1980s. It’s a catch-all term for any software that is designed to gain unauthorized access to computers or network equipment with the goals of causing damage, extracting information or making money for the attackers.
“China is the country with the most Malware in the world”
Malware can take on many forms like Viruses, Adware, Worms, Trojan, Rootkits, Spyware, Phishing etc. While there are many types of malware, the infection methods are often similar.
How systems get infected with Malware?
There are two main ways that systems become infected with Malware:
1- System Vulnerabilities:
- These are flaws in hardware or software that allows malware to work.
- Usually patches exist to fix these vulnerabilities, but users and organizations don’t always apply them in a timely manner, leaving themselves exposed.
- Even old vulnerabilities are still targeted by malware attackers
“In 2019, researchers at Recorded Future found that attackers were still actively using a Microsoft vulnerability, first identified in 2012 to deploy malware”
2- Social Engineering:
- The second most common way that systems can get infected with malware is users falling prey to social engineering.
- This happens when attackers successfully convince a user to download infected software.
- Open an infected email attachment, or
- Connect an infected disk or drive
Having said that, systems are still vulnerable to the malware which are most likely introduced unknowingly.