什麼是惡意軟體?

A portmanteau of “malicious software”, malware is software designed to achieve malicious purposes on an infected computer. Essentially, malware is like any other type of software, as it uses a combination of custom code and system-provided resources to achieve its goals.

The goals of a particular malware sample determine how it works. For example, malware designed to serve unwanted advertisements to users works very differently from ransomware, which encrypts files on infected systems

申請示範 Endpoint Security Buyer's Guide

什麼是惡意軟體?

What Is the Purpose of Malware?

The purpose of malware is to intrude on a machine for a variety of reasons. From theft of financial details, to sensitive corporate or personal information, malware is best avoided, for even if it has no malicious purpose at present, it could well have so at some point in the future.

With the growth in online usage over the last decade, there has also been a rapid increase in the number and types of malware that currently roam in the wild. It is highly likely that one form of malware or another is already present on the machine of anyone reading this article.

Of course, not all malware is as aggressive or intrusive as others, though it is generally good practice to have a secure anti-malware solution in place to protect a computer or computer network.

Types of Malware

Malware can be designed to achieve a variety of goals in various ways. Some of the most common types of malware include:

  • Adware: Adware is malware designed to serve unwanted advertisements to users. Since advertisers often pay for each view or click on their advertisements, serving this content to users allows them to earn revenue from their attacks.
  • Botnet Malware: Botnets are collections of infected computers that are used to perform Distributed Denial of Service (DDoS), password stuffing, and other automated attacks. Botnet malware is designed to infect a computer and force it to do the attacker’s bidding.
  • Cryptomining Malware: Some cryptocurrencies pay “miners” to perform computationally-expensive operations as part of their consensus algorithms. Cryptomining malware uses infected computers to perform these calculations for the attacker’s benefit, providing them with additional revenue and control over the blockchain.
  • Fileless Malware: Some cybersecurity solutions are designed to identify malicious files saved on a computer. Fileless malware is designed to evade these file-focused defenses by running solely in memory without writing any data to the filesystem.
  • Infostealers: Infostealer malware is designed to collect and exfiltrate sensitive information from an infected computer. This includes everything from an account password to large databases containing sensitive information.
  • 行動惡意軟體: Mobile device usage has grown dramatically due to the rise of remote work and bring your own device (BYOD) policies. Mobile malware is designed to target smartphones, tablets, and other mobile devices.
  • 勒索: Ransomware encrypts files stored on an infected computer, rendering them inaccessible to their owners. The attacker then demands a ransom payment in exchange for the secret key that can be used to restore access to these files.
  • Rootkits: Rootkits are designed to hide the presence of malware on a system. This can include hiding files, network connections, running processes, and other signs of an infection.
  • Trojans: Trojan malware is designed to look like something legitimate and desirable. For example, a “free” version of paid software may actually be malware.
  • Viruses: Viruses are malware designed to infect other programs on a computer. By doing so, they make themselves more difficult to detect and remove from a system.
  • Wipers: Wiper malware will encrypt or delete important or valuable files on a computer. By doing so, they cause damage to the target and disrupt its operations.
  • Worms: Worms are malware that can spread themselves to new systems without human interaction. This can be accomplished by exploiting vulnerabilities, sending malicious emails, and similar means.

Malware trends vary from year to year. In recent years, ransomware has been on the rise, as demonstrated by the 93% increase in ransomware attacks in 2021 according to the 2021 Cyber Attack Trends Report

How to Know If a Computer Is Infected with Malware?

There are various signs that would indicate a computer has been infected with malware of any kind.

  1. Often the machine would be running slower than usual if infection had taken place.
  2. Especially for adware infection, many pop-ups would begin appearing and also interfering with not only machine performance but also user experience.
  3. It is common for a machine to crash often should malware be present. Of course this would be detrimental to the user and in such cases they may well need to replace the machine altogether in case the malware was unable to be eradicated.
  4. Higher volume of network activity, even when the user is not connected to the internet at all, or any other online connections to servers to download or upload any data is present. In such cases, various checks would need to be done to rule out malware infection or any other cause of the irregularity.
  5. Another and more social way of knowing if a user’s computer has been infected is by them hearing from their network of friends or colleagues telling them that they have received unwanted or suspicious messages from the user that they doubt was genuinely sent by them.

In short, any irregularities that are noticed, from unwanted desktop items to a slowing down of the machine, to unusual error messages, all could indicate something is amiss and needs looking into.

Of course, there are also malware that runs silently in the background in order to avoid detection and removal.

How to Protect Against Malware Infection?

The best way to protect against malware is to prevent it from gaining access to and running on an organizations’ systems in the first place. In many cases, such as ransomware, malware starts causing damage to an organization as soon as it begins running.

 

Malware can gain access to a company’s systems in several ways. Some solutions for malware prevention include:

 

  • Browser Security: Malware can be served by malicious or infected websites. Each day, the world faces over 100,000 malicious websites according to Check Point; 2021 年網路安全防護報告. Secure browsing solutions help to identify and block malicious content before it can execute on the user’s computer.
  • Cloud Security: Companies are increasingly moving data and applications to cloud-based infrastructure. Protecting these cloud workloads requires cloud-focused security solutions.
  • Email Scanning: Phishing emails are a common delivery mechanism for malware in the form of attachments or malicious links. Email security scanning can identify and block malicious emails before they reach the recipient’s inbox.
  • 端點資安: Malware is designed to access and run on endpoints. Endpoint security solutions can help to detect, prevent, and remediate malware attacks.
  • 行動安全: As remote work and BYOD policies become more common, mobile devices have become a more common target of cyberattacks. According to Check Point’s 2021 年行動資安報告, 97% of organizations faced mobile attacks in 2020. Mobile security solutions are vital to protecting these devices and the corporate data and systems that they have access to.
  • Sandboxed Inspection: Not all malware is detectable via signature-based analysis. Inspection of potentially malicious content within an isolated environment can enable the detection of zero-day threats before they reach corporate systems.
  • 遠端存取資安防護: The COVID-19 pandemic normalized remote work, expanding the corporate digital attack surface. Some malware variants, such as ransomware, use the remote desktop protocol (RDP) and virtual private networks (VPNs) as a primary infection vector, making secure remote access solutions vital for corporate cybersecurity.
  • Web Application and API Protection (WAAP): Exploitation of vulnerabilities in web applications and web APIs is a common method for gaining initial access to corporate environments. Blocking these attacks requires modern WAAP solutions that provide comprehensive protection for an organization’s Internet-facing assets.

Preventing malware attacks requires solutions that provide coverage for all potential malware infection vectors. Effectively deploying, monitoring, and managing these solutions requires a cybersecurity platform that offers centralized management and automation.

Prevent Malware Attacks with Check Point

Malware trends can change rapidly, learn more about the modern cyber threat landscape in Check Point’s 2021 Cyber Attack Trends Report. You’re also welcome to  報名參加免費示範 of Harmony Endpoint to learn how it can help to protect your organization against malware attacks.

×
  反映意見
本網站使用cookies來實現其功能以及分析和行銷目的。 繼續使用本網站即表示您同意使用cookies 。 欲了解更多信息,請閱讀我們的cookies聲明