The term “malware” refers to harmful software that disrupts or manipulates an electronic device’s normal operation.1 Malware can infect personal computers, smartphones, tablets, servers and even equipment — basically any device with computing capabilities.
The first form of malware ever developed was the computer virus.2 As technology, computing and software have advanced during the last two decades, so has the sophistication and prevalence of malicious software. Read on to learn more about how malware and ransomware work and what you can do to protect yourself.
How does malware work?
Malware typically infects a machine by tricking users into clicking and/or installing a program that they shouldn’t from the Internet. When the click or installation occurs, the malicious code executes actions that the user doesn’t anticipate or intend, which could include:
- Self-replication in different parts of the file system
- Installing applications that capture keystrokes or commandeer system resources, often running without the user being aware, while slowing the system down considerably
- Blocking access to files, programs or even the system itself, sometimes forcing the user to make a payment to regain access
- Bombarding a browser or desktop with ads
- Breaking essential system components and rendering a device inoperable
Execution can be triggered by a number of user actions, but the most common trigger is a click, typically on a link or pop-up. The descriptions might say something provocative like, “Claim your prize” or “Your account has been compromised. Please log in and verify recent charges.” Many times, a pop-up will be displayed immediately after clicking the link, such as, “Your system is infected! Click here to run a scan.” The next click often triggers the download of a malicious payload, even if the user doesn’t select one of the options and instead tries to close the program using the corner X.
Malware can also be disguised as a program or app that claims to convert PDFs, unzip files, find product discounts or provide caller ID functionality on a smartphone. But once the program is downloaded, it begins making unauthorized changes on the system: monitoring user behavior, displaying pop-ups, changing search engine results, adding icons to a desktop or redirecting popular sites.
Malware can be delivered in several different forms, depending on the intention of the person who developed it.
- A computer virus is designed to reproduce itself and spread from one file or program to another, and, less frequently, to other computers on a network.
- Trojan horses masquerade as harmless programs, but when activated, they damage their host computer. Unlike a virus, a Trojan horse does not replicate itself; instead, this malware usually attempts to steal files or passwords.
- Computer worms replicate themselves to spread through a network. A computer worm will spread across computer networks, as opposed to viruses that usually spread from file to file on a single computer.
- Spyware infects and operates on a user’s computer to monitor user activity and extract information. For instance, while spyware runs on a machine, the hacker can monitor the programs used and sites visited while tracking keystrokes to determine login and password information.3
- Logic bombs are concealed in programs and can either be triggered by a user’s action or released at a predetermined time. They can crash a system or wipe a hard drive.
Ransomware is a relatively new form of malware that locks a user’s computer and then demands a ransom payment to restore access. Ransomware can be delivered to a computer if a user clicks on a link that contains malware.4
Similar to certain email phishing scams, this form of malware relies on fear—that is, the fear that a user has engaged in illegal activity online. By posing as a law enforcement agency, a ransomware purveyor can intimidate and coerce a user while seeming legitimate.
In other instances, ransomware will simply lock down a user’s entire machine, including important files and programs, and demand a payment. Ransomware may not only withhold access to a machine, but also threaten to delete files unless payment is made.
Protecting your devices from malware
Given the prevalence of malware (especially among apps) in recent years, anti-malware software has become common, and most new computers and mobile devices are bundled with device security and/or anti-malware software at the time of purchase. As malware and viruses most commonly infect PCs, you should be sure your Windows machine has the following:
- Antivirus software
- An active firewall
- A strong password
- A BIOS password
Beyond these measures, be sure that you avoid downloading apps or programs from suspicious or unknown websites. Likewise, don’t click suspicious ads or popup ads. Finally, treat emails that request sensitive information with caution, even if they appear to be from a familiar source.