What is Malware?
Malware is short for Malicious Software, and refers to a file designed to harm a computer or broader network, frequently to steal data. This software is commonly targeted towards businesses. There are many types of malware present but the common types are viruses, trojans, bots, spyware, and ransomware.
How does Ransomware get onto my network?
Malware impacts businesses of all sizes. Larger companies tend to have more information to steal, and are targeted more frequently but often have many more resources to help prevent a malware attack. Smaller companies often lack the resources and knowledge to protect themselves properly (read our article on ransomware prevention), and this is something that malicious actors (aka: hackers) are very aware of. In today’s world, hackers will typically target many smaller companies, rather than put all of their efforts towards one large corporation. They are aware that these smaller companies are easier targets.
With their target in mind, hackers will employ a variety of techniques to gain access to a businesses network. Unfortunately, most of this occurs without the knowledge of anyone within the company. Three common techniques include:
- Unpatched Operating Systems – The best example of this may be the Windows Operating System. Nearly every month, Microsoft releases updates to their software when security holes are discovered – the updates are called patches. Unfortunately, most employees don’t update their software (nobody wants to restart their computer), and employers are often unaware how to force these updates on a set schedule.
- Phishing Emails – criminals will send scam emails to employees, waiting for one of them to click a link within the email. Once that link is clicked, they begin the process of gaining access to the network.
- Infected Files – In other situations a document will be uploaded to someone’s computer. This sometimes occurs as a fake invoice in an email, or a usb-drive found in the office parking lot. Once on a network, the infected file provides a hacker complete access to the network.
Why do people put malware on your devices
Cybercriminals are not the hackers that we see in movies – it is a large, and profitable industry. Most hacker groups are designed like a corporation, complete with a CEO, CFO, and customer service representatives. As far as small and mid sized businesses are concerned there is only one reason to be targeted: Money. These groups will monitor activity on your network to steal banking information, or to deploy ransomware in the hopes that the business will pay the ransom.
How can you prevent ransomware?
Malware prevention is often made more complicated than it needs to be. On a high level, businesses need to take a layered approach to malware protection, starting with employee training. The last point of protection should be BC/DR (backup and recovery – read about the 3-2-1-1 approach). Between those two strategies are a handful of other strategies that make up the Layered Approach. Even if a hacker gets through one layer of defense, every extra layer of defense will make it increasingly difficult for them to do harm to your business (read about the Ransomware Prevention).