Malware

Malware, or malicious software, is any program or file that is intentionally harmful to a computer, network or server. Types of malware include computer viruses, worms, Trojan horses, ransomware and spyware. These malicious programs steal, encrypt and delete sensitive data; alter or hijack core computing functions and monitor end users’ computer activity.

What does malware do?

Malware can infect networks and devices and is designed to harm those devices, networks and/or their users in some way. Depending on the type of malware and its goal, this harm may present itself differently to the user or endpoint. In some cases, the effect malware has is relatively mild and benign, and in others, it can be disastrous.

No matter the method, all types of malware are designed to exploit devices at the expense of the user and to the benefit of the hacker – the person who has designed and/or deployed the malware.

How do malware infections happen?

Malware authors use a variety of physical and virtual means to spread malware that infects devices and networks. For example, malicious programs can be delivered to a system with a USB drive, through popular collaboration tools and by drive-by downloads, which automatically download malicious programs to systems without the user’s approval or knowledge.

How to prevent malware infections

There are several ways users can prevent malware. In the case of protecting a personal computer, users can install anti-malware software.

Users can prevent malware by practicing safe behavior on their computers or other personal devices. This includes not opening attachments from strange email addresses that may contain malware disguised as a legitimate attachment — such emails may even claim to be from legitimate companies but have unofficial email domains.

Users should update their anti-malware software regularly, as hackers continually adapt and develop new techniques to breach security software. Security software vendors respond by releasing updates that patch those vulnerabilities. If users neglect to update their software, they may miss out on a patch that leaves them vulnerable to a preventable exploit.

In enterprise settings, networks are larger than home networks, and there is more at stake financially. There are proactive steps companies should take to enforce malware protection. Outward-facing precautions include the following:

  • Implementing dual approval for business-to-business (B2B) transactions
  • Implementing second-channel verification for business-to-consumer (B2C) transactions.

Business-facing, internal precautions include the following:

  • Implementing offline malware and threat detection to catch malicious software before it spreads;
  • Implementing allow list security policies whenever possible; and
  • Implementing strong web browser-level security.
Tool to Analyze suspicious files, domains, IPs and URLs to detect malware and other breaches
Skip to content