What is malware and how to protect against it?

At first, we called all malware “computer viruses.” Yet just as it is in the real world, not all ailments are viruses. People suffer from bacterial infections and chemical imbalances, autoimmune diseases, trauma, and genetic disorders, whereas computers and mobile devices get trojan infections, worms, and even more exotic maladies. Thus, the term was born – malware, a word combining “malicious” and “software.”

What is it, how does it work, and how do you protect against it? That’s what we’re here to discuss.

So, what is malware exactly?

Generally speaking, malware is any type of code that was created with malicious intent. Usually, the goal is financial: stealing sensitive financial details to funnel money out of your bank account, stealing corporate secrets to enrich competitors or personal data for social engineering schemes like identity theft.

However, some types of malware have other purposes – for example, governments may use it to sabotage important infrastructure, as was the case with the Stuxnet worm that managed to destroy much of Iran’s uranium enrichment effort in 2010.

Worms are also developed to form botnets, which are networks of infected devices hackers can control remotely and carry out DDoS attacks. These can bring down specific websites or even kill the internet of entire countries.

There’s no reason to believe that malware has a set list of things it does or doesn’t do. As more of our lives move online, malware will be there to exploit us each step of the way.

A history of digital disease

Anyone who knows a thing or two about human nature will not be surprised to learn that malware is almost as old as computing itself. So why is it that we don’t hear much about the infections plaguing early devices?

Put simply, there wasn’t much benefit you could gain from “computer viruses,” as they were known back then. Before the advent of the modern web, which profoundly increased the importance and value of data, malware was more of a stunt. This is obvious from some of the more famous examples – the 1971 Creeper worm, for instance, which spread through ARPANET and did nothing but display a message: “I’m the creeper: catch me if you can.” Cute.

Some of the examples of early malware were malicious, but still had no benefit for the people behind them. The first (or second, depending on who you ask) trojan, for example, PC-Write Trojan (1986), would enter the system disguised as something benign and then proceeded to delete all files.

Many viruses from the late ‘80s and into the ‘90s were significant because they were experiments that laid the conceptual and technical groundwork for the devastating malware of the 2000s. Worms like Conficker and Stuxnet, trojans like Zeus, and Ransomware like Cerber or WannaCry.

What are the different types of malware?

Whatever you’re using for malware protection, the threats picked up by a malware scanner usually fall into one of the following categories

Is my computer ill?

Adware may be loud and annoying, but it’s the silent predator that does the most damage. Only by hiding from you can malware seriously affect your bank balance. Ransomware is an exception to this, but overall, if malware makes using devices difficult, users tend to search for a cure – and they usually find it, too.

How do you find malware that doesn’t want to be found, though? Well, there are things you should look out for, such as:

• A drop in performance. Among other things, if you feel your computer’s been “thinking” too much, crashing, or freezing recently, it may indicate that something invisible is eating up its resources. Look at your Task Manager (Activity Monitor, for Mac users) to see whether some suspicious process is consuming your CPU or RAM.
• An inexplicable lack of disk space. If just recently your computer was full of space and suddenly it has all but disappeared, this is something to look into. Some malware expands uncontrollably and takes up a large chunk of your digital real estate.
• Internet much slower than before. This one’s tricky: some malware types will eat through your bandwidth by connecting to distant servers and sending/receiving lots of data. The issue is it can be a bit difficult to figure out if that’s what’s happening – you’ll have to go through your list of connections. Or just use an anti-malware scanner.
• Your browser is being weird. Has your homepage changed or do you suddenly find yourself surrounded by mysterious add-ons? You’d better call the medics.
• Your anti-malware software is being weird. If your scans are failing or the app is unable to update itself, you may have some sort of malware sabotaging your ability to fight it. An easy way to tell you’re compromised, but sadly difficult to solve – you may have to rely on other software.
• OS updates not working. Same idea – updates patch vulnerabilities, preventing malware from infecting you.

You might say these are not discrete symptoms, and you’d be right. Some malware won’t give you any heads up on its workings. It will work quietly with minimal hardware and network resources, sometimes not doing anything at all until the time comes. Thus you shouldn’t rely on a reactive approach to security.

Preventive measures are the best defense

You need to make sure malware never gets into your system in the first place.

The most important step to that end is software updates. Most of the malware people encounter relies on unpatched vulnerabilities – it’s a race between cybercriminals and software developers. Unless you update regularly, security holes remain and the race is pointless.

Make sure you have good anti-malware (anti-virus) software. There are lots of scams in the cybersecurity space, so don’t fall for great deals with no information to back their utility. Read a few top 10 lists on the web, read some online discussion forums – this will give you an idea on the good and bad.

Practice browser discipline: use anti-tracking and anti-script plugins like Ghostery or uBlock Origin. Sure, these will stop some features from working on legitimate websites, but they will also prevent you from becoming a victim of the poor security measures used on some websites. You should be particularly careful on websites of ill-repute, such as torrent sites or porn sites.

And for god’s sake, don’t assume your iPhone or Android can’t get infected.

Following all this advice won’t stop 100% of infections, but it will get you damn close. Cybercriminals are not focusing on the tech-savvy users. Their blanked approach works a lot better on mere mortals.

VPN against malware – a misconception

The marketing departments of VPN service providers have been very successful snake oil salesmen. If they are to be believed, VPNs can do anything from stopping malware to giving soothing backrubs. And while VPNs are indeed powerful tools in your online security arsenal, their purpose is not to contain the spread of malware.

VPN services encrypt your traffic and can, therefore, protect you from hackers on public wifi. They also hide your IP address and make you anonymous online, which can save you from trouble with the law, repressive governments, digital sleuths, and other unsavory characters.

NordVPN ‣

9.6 / 10

Flawless privacy practices, advanced security features, and reliable geo-unblocking capabilities make NordVPN the undisputed industry leader. Whatever your needs, this VPN has you covered – all starting from just $3.30/month.

• Excellent security
• Great server list
• Awesome for Netflix
• Good for torrenting

• Very easy to use
• Affordable prices

Visit NordVPN

What VPNs cannot do is somehow stop you from clicking a malicious link or distinguish malicious traffic from regular traffic. Neither can they scan your hard drive in search of suspicious files.