Malware

Malware (a shorthand for malicious software) refers to any software designed to specifically harm or exploit a computer, network, server, or client. The earliest forms of proto-malware appeared in the 1960s, but at this time, most infectious programs were only experiments or lighthearted pranks that were written and spread by researchers or computer enthusiasts.

By the 1970s and 1980s, malicious programs began to appear. In 1986 the first Trojan appeared, and in 1988 a worm called the “Morris Worm” infected a significant number of computers connected to ARPANET (a precursor to the internet), severely crippling the network in less than 24 hours. This release marked a turning point in malware legal precedent when its author, Robert Morris, became the first convinced malware author.

Since those early days, malware attacks have only grown more sophisticated, especially following the advent of broadband internet. According to Cybersecurity Ventures, losses due to cybercrime, including malware, are expected to reach $10.5 trillion annually by 2025, compared to $3 trillion in 2015.

How Malware Works

There are many different kinds of malware, but generally, malware can be categorized in one of two ways.

First, malware can be categorized based on how it spreads. Some of the most common malware families often categorized in this way are:

  • Viruses are possibly the most commonly encountered type of malware, and are usually contained within an executable file that, once opened, will infect clean computer files. In turn, these infected files will continue to spread to other clean files. Much like their biological namesakes, Viruses spread quickly within a system, corrupting files, damaging essential functionality, and sometimes locking users out of their computers altogether.
  • Worms are standalone malware that can self-replicate and rapidly spread between computers over networks, either locally or on the internet.
  • Trojans cannot reproduce themselves, so they rely on subterfuge and disguise to trick victims into downloading and using them. Trojans often try to remain hidden and will often create backdoors in security to allow other malware to enter.

Other forms of malware are more often categorized based on what they aim to do once they’ve infected a victim’s computer. Some of the most common malware families categorized in this way are:

  • Spyware which hides in the background processes of a system, secretly gathering personal data such as passwords, credit card numbers, banking details, and other valuable information.
  • Ransomware which encrypts important files and demands payment from its victims for a decryption key used to unlock them. Ransomware can also include sophisticated Ransomware-as-a-Service (RaaS) attacks run by well-organized cybercriminals.
  • Botnets which are entire networks of hijacked computers forced to work together by a remote attacker. Botnets are commonly used to steal data, send out spam, or even launch crippling denial-of-service attacks.

Autonomous Response to critical malware alerts

VMRay + Palo Alto Networks       JOINT WEBINAR