Since the introduction of General Data Protection Regulations (GDPR) back in 2018, the media has shared stories of huge companies like Uber and Facebook falling victim to hackings and data breaches. But just because we only really hear about cybercriminals targeting these larger corporations, it doesn’t mean that smaller businesses aren’t also a target for these types of crimes.
In fact, it’s quite the opposite! There are around 65,000 attempts to hack SMEs every day in the UK and malware is one of the most popular techniques used by cybercriminals to do this. If successful, malware can do serious damage to your devices, it can steal your data and just generally cause chaos that your business certainly doesn’t need. That’s why cybersecurity is so important, no matter how big or small your business. For companies that collect consumer data in and around the EU, staying compliant with GDPR is also crucial for the very same reason, as it helps with ensuring that the collected data is being used in legal ways only for mentioned purposes. Not only that, but adhering to GDPR guidelines can help make systems more secure and prevent avoidable data breaches. Business owners often say that this was one of our options when looking for help with GDPR compliance, and it would be beneficial to look into it and do more research on the same.
To help keep your business safe, we’ve pulled together a list of some of the most common types of malware used by cybercriminals and you need to look out for as an SME. Equipping yourself with this knowledge can help you to get the best security systems in place to help protect your business.
What is Malware?
We’ve briefly touched on the damage that malware can do, but let’s quickly take a look at what malware actually is. In a nutshell, it is an umbrella term for dangerous software that can disrupt your devices or network and cause a lot of damage whilst doing it. Each type of malware serves different functions to the hackers and these can get into your systems in different ways. Below are the six most common types to be aware of:
Worms can make their way into your systems and spread via software vulnerabilities or phishing attacks such as infected phishing emails. Once the worm has got into your device it can spread and infect the whole system and network (imagine like a worm crawling around inside your device). From here on out it can tamper with and delete files, steal your data and make way for hackers to get into you systems through a backdoor. One of the biggest problems with worms is that they can spread through a large number of devices or through a network very fast, which means they can do some serious damage to your business.
On a similar note, viruses can be spread by email but can also be a result of opening a malicious attachment online. That said, they differ from worms in that they need an already-infected or vulnerable operating system to thrive. This is why you need to be careful when dealing with files and downloads from unknown sources. Annoyingly, these viruses can get into your system and lay dormant until the infected file or program is opened or activated by you. This then allows the virus to spread throughout.
The more concerning thing about these viruses is that they don’t just affect you. They can hijack your applications and use your apps to send infected files to your friends or contact, even without you realising or doing anything. Then, assuming it’s coming from a trusted source (i.e you), your contacts open this and fall victim to the virus as well.
Remember the story of the Trojan Horse? Well, this aptly named malware is a malicious program that disguises itself as a legitimate file, software or download. The problem is, it looks trustworthy so you’re more likely to open or download it. Then once you’ve done this, the hackers are able to create backdoors or tamper with your data. They can also spy on your device, get access to your network and even insert ransomware using a Trojan. This is bad news for business if they’re able to get in through a backdoor and steal your data.
Ransomware pretty much does what it says on the tin, it holds parts of your network or files ransom by encrypting the data or applications and restricting access to files. A ransom is then made (usually in the form of cryptocurrencies like BitCoins) and the files or apps are not released until the ransom is paid off.
This is one of the better-known types of malware, particularly after the Ashley Madison website, a site for extramarital affairs, was hacked and the data held ransom back in 2015. The cybercriminals involved demanded that the site be immediately shut down or the details of those who registered would be released to the public. This was a very high profile hacking and one which became well-known thanks to the media.
The best way to protect yourself from this type of attack is to make sure that all systems are up to date, you have anti-virus software and that you back up all your important files regularly.
Spyware is used to secretly record your online activity and in turn, can steal your data this way. For example, it can collect your personal information such as logins and passwords. This type of malware is often used to carry out fraud or identify theft, something which could have an extremely damaging impact on your business if they were able to access sensitive information or customer details. The problem is, once the spyware is on your device, data can be relayed to cybercriminals and they can even use it to install additional malware that makes changes to your settings and profile, so you could end up locked out!
Last on the list is adware. This is also a commonly recognised type of malware that serves pop-ups and spams your device with adverts that have zero relevance to you. The best case scenario is that it’s just a little annoying and slows your machine down slightly. In fact, some people will put up with it in exchange for illegally or cheaply downloading files such as games.
That said, some adware is worse than others and in the worst cases, malicious downloads can deliver this adware, which in turn can deliver spyware too. This is easy to hack and makes your devices vulnerable to cybercriminals or attackers.