What is Malware?
Malware is short for Malicious Software, and refers to a file designed to harm a computer or broader network, frequently to steal data. This software is commonly targeted towards businesses. There are many types of malware present but the common types are viruses, trojans, bots, spyware, and ransomware.
How does Ransomware get onto my network?
Malware impacts businesses of all sizes. While larger companies have more information to steal, they also have more resources to mitigate their risk. Smaller companies lack the resources and expertise to protect themselves properly (read our article on ransomware prevention). Malicious actors (aka: hackers) are very aware of this, and act accordingly. In today’s world, hackers target smaller companies, rather than put all of their efforts towards one large corporation. While they may only receive tens-of-thousands of dollars (rather than millions) per successful attack, they are also aware that these smaller companies are easier targets.
With their target in mind, hackers employ a variety of techniques to gain access to a businesses network. Unfortunately, most of this occurs without the knowledge of anyone within your organization. Three common techniques include:
- Unpatched Operating Systems – The best example of this may be the Windows Operating System. Nearly every month, Microsoft releases updates to their software when security holes are discovered – the updates are called patches. Unfortunately, most employees don’t update their software (nobody wants to restart their computer), and employers are often unaware how to force these updates on a set schedule.
- Phishing Emails – criminals will send scam emails to employees, waiting for one of them to click a link within the email. Once that link is clicked, they begin the process of gaining access to the network.
- Infected Files – In other situations a document will be uploaded to someone’s computer. This sometimes occurs as a fake invoice in an email, or a usb-drive found in the office parking lot. Once on a network, the infected file provides a hacker complete access to the network.
Why do people put malware on your devices
Cybercriminals are not the hackers that we see in movies – it is a large, and profitable industry. Most hacker groups are designed like a corporation, complete with a CEO, CFO, and customer service departments. As far as small and mid sized businesses are concerned there is only one reason to be targeted: Money. These groups will monitor activity on your network to steal banking information, or to deploy ransomware in the hopes that the business will pay the ransom.
How can you prevent ransomware?
Malware prevention is often made more complicated than it needs to be. On a high level, businesses need to take a layered approach to malware protection, starting with employee training. The last point of protection should be BC/DR (backup and recovery – read about the 3-2-1-1 approach). Between those two strategies are a handful of other strategies that make up the Layered Approach. Even if a hacker gets through one layer of defense, every extra layer of defense will make it increasingly difficult for them to do harm to your business (read about the Ransomware Prevention).