The 4 Types of Malware That Threaten Your Business - CWPS

Posted by Myra Koshan on October 6, 2015
Myra Koshan

Security intrusions can be costly. IBM found that the average cost of a data breach is $3.8 million, with each record stolen averaging a cost of $154 to the business. Modern companies must protect themselves from malware and security threats -- and to do that, they need to understand which threats are most common.

1. Viruses

When most people think about a security threat, they think about a virus -- a malicious program that entices a user to launch it and then begins to cause a variety of security and stability issues. Viruses are usually spread through email, but not always; they can be spread through any type of file transfer protocol, including cloud servers and Internet downloads. Viruses may be obvious and immediately start causing damage to a system, but they can also be very discrete. A worm, for instance, may reside on a system and quietly send and receive data, while a Trojan may install a backdoor through which a malicious user can enter.

2. Adware/Spyware

Adware and spyware is generally used to collect data. It's often distributed through similar measures as viruses, or may be embedded within seemingly harmless software. Adware may begin to display ads throughout a computer system and the user's browsing experience or it may quietly collect data from the user such as login names and passwords. Adware and spyware can represent a very significant security risk because it doesn't disable the user's computer; instead, it can avoid detection while collecting confidential information.

3. Phishing Scams

Phishing attempts are usually completed through email or instant messenger. A phishing scam may appear to be a legitimate email from a well-known site, such as Gmail. It will prompt the user to click on a link to log into their account. Often the scam will prompt the user with a concern, such as stating that their account had been compromised and that they need to change their password. The user is directed to a fake website which then collects the information that they enter.

4. Botnets

A botnet is also sometimes known as a DDoS attack (distributed denial of service). With a botnet, a malicious outsider attacks the company by sending a multitude of very fast requests. Often when a system is met with a fusillade of requests it can become overwhelmed and vulnerable. DDoS protection and enhanced security is necessary to avoid this type of attack.

Nearly a million new malware threats are released every single day. That's a lot for a company to keep up with, but luckily most don't have to. Comprehensive enterprise security measures are usually enough to protect from viruses, adware, phishing scams and botnets -- provided that they are updated and maintained.

Image source: Yuri Samoilov

Topics: malware