Last update: 06.21.2019
At first, we called all malware “computer viruses.” Yet just as it is in the real world, not all ailments are viruses. People suffer from bacterial infections and chemical imbalances, autoimmune diseases, trauma, and genetic disorders, whereas computers and mobile devices get trojan infections, worms, and even more exotic maladies. Thus, the term was born – malware, a word combining “malicious” and “software.”
What is it, how does it work, and how do you protect against it? That’s what we’re here to discuss.
So, what is malware exactly?
Generally speaking, malware is any type of code that was created with malicious intent. Usually, the goal is financial: stealing sensitive financial details to funnel money out of your bank account, stealing corporate secrets to enrich competitors or personal data for social engineering schemes like identity theft.
However, some types of malware have other purposes – for example, governments may use it to sabotage important infrastructure, as was the case with the Stuxnet worm that managed to destroy much of Iran’s uranium enrichment effort in 2010.
Worms are also developed to form botnets, which are networks of infected devices hackers can control remotely and carry out DDoS attacks. These can bring down specific websites or even kill the internet of entire countries.
There’s no reason to believe that malware has a set list of things it does or doesn’t do. As more of our lives move online, malware will be there to exploit us each step of the way.
A history of digital disease
Anyone who knows a thing or two about human nature will not be surprised to learn that malware is almost as old as computing itself. So why is it that we don’t hear much about the infections plaguing early devices?
Put simply, there wasn’t much benefit you could gain from “computer viruses,” as they were known back then. Before the advent of the modern web, which profoundly increased the importance and value of data, malware was more of a stunt. This is obvious from some of the more famous examples – the 1971 Creeper worm, for instance, which spread through ARPANET and did nothing but display a message: “I’m the creeper: catch me if you can.” Cute.
Some of the examples of early malware were malicious, but still had no benefit for the people behind them. The first (or second, depending on who you ask) trojan, for example, PC-Write Trojan (1986), would enter the system disguised as something benign and then proceeded to delete all files.
Many viruses from the late ‘80s and into the ‘90s were significant because they were experiments that laid the conceptual and technical groundwork for the devastating malware of the 2000s. Worms like Conficker and Stuxnet, trojans like Zeus, and Ransomware like Cerber or WannaCry.
What are the different types of malware?
Whatever you’re using for malware protection, the threats picked up by a malware scanner usually fall into one of the following categories
They usually infect executables (.exe) and begin working once the user runs the file. While Influenza and other biological viruses multiply by infiltrating healthy cells, computer viruses proceed to infect other “healthy” files and rely on users to unknowingly distribute them.
Worms are similar to viruses, but they don’t need to piggyback on a file to get into your system. They “burrow” their way into your computer from a connected network without you even noticing it. Unlike some other malware types, worms are usually silent – they have bigger fish to fry than your lowly computer. By compromising networks with thousands of devices, worms create botnets that bend to the will of faraway cybercriminals.
Like the legendary Trojan horse which the title refers to, trojans get into your system by posing as a seemingly harmless or useful file. Once inside, the trojan can wreak havoc or open a “backdoor” for a third-party to access your system.
The new star in the world of malware. Ransomware sabotages your device in some way and demands ransom (usually in the form of Bitcoin) to fix it. WannaCry is a famous example: in 2017, this cryptoworm infected 200,000-300,000 devices across the world, encrypting all data and demanding money for decryption.
Adware is code designed to push ads onto your screen. These usually come in the form of unwanted (and awfully annoying) browser popups, which can sometimes be difficult to close. With so many ways to sneak advertising onto websites nowadays, the system-wide adware of the 2000s has become quite rare. Adware is more subtle now and prays on less tech-savvy users.
Spyware is designed to monitor how you use your computer, usually in an effort to steal sensitive financial information. For example, a keylogger records everything you type on your keyboard, including all of your most important passwords.
Is my computer ill?
Adware may be loud and annoying, but it’s the silent predator that does the most damage. Only by hiding from you can malware seriously affect your bank balance. Ransomware is an exception to this, but overall, if malware makes using devices difficult, users tend to search for a cure – and they usually find it, too.
How do you find malware that doesn’t want to be found, though? Well, there are things you should look out for, such as:
- A drop in performance. Among other things, if you feel your computer’s been “thinking” too much, crashing, or freezing recently, it may indicate that something invisible is eating up its resources. Look at your Task Manager (Activity Monitor, for Mac users) to see whether some suspicious process is consuming your CPU or RAM.
- An inexplicable lack of disk space. If just recently your computer was full of space and suddenly it has all but disappeared, this is something to look into. Some malware expands uncontrollably and takes up a large chunk of your digital real estate.
- Internet much slower than before. This one’s tricky: some malware types will eat through your bandwidth by connecting to distant servers and sending/receiving lots of data. The issue is it can be a bit difficult to figure out if that’s what’s happening – you’ll have to go through your list of connections. Or just use an anti-malware scanner.
- Your browser is being weird. Has your homepage changed or do you suddenly find yourself surrounded by mysterious add-ons? You’d better call the medics.
- Your anti-malware software is being weird. If your scans are failing or the app is unable to update itself, you may have some sort of malware sabotaging your ability to fight it. An easy way to tell you’re compromised, but sadly difficult to solve – you may have to rely on other software.
- OS updates not working. Same idea – updates patch vulnerabilities, preventing malware from infecting you.
You might say these are not discrete symptoms, and you’d be right. Some malware won’t give you any heads up on its workings. It will work quietly with minimal hardware and network resources, sometimes not doing anything at all until the time comes. Thus you shouldn’t rely on a reactive approach to security.
Preventive measures are the best defense
You need to make sure malware never gets into your system in the first place.
The most important step to that end is software updates. Most of the malware people encounter relies on unpatched vulnerabilities – it’s a race between cybercriminals and software developers. Unless you update regularly, security holes remain and the race is pointless.
Make sure you have good anti-malware (anti-virus) software. There are lots of scams in the cybersecurity space, so don’t fall for great deals with no information to back their utility. Read a few top 10 lists on the web, read some online discussion forums – this will give you an idea on the good and bad.
Practice browser discipline: use anti-tracking and anti-script plugins like Ghostery or uBlock Origin. Sure, these will stop some features from working on legitimate websites, but they will also prevent you from becoming a victim of the poor security measures used on some websites. You should be particularly careful on websites of ill-repute, such as torrent sites or porn sites.
And for god’s sake, don’t assume your iPhone or Android can’t get infected.
Following all this advice won’t stop 100% of infections, but it will get you damn close. Cybercriminals are not focusing on the tech-savvy users. Their blanked approach works a lot better on mere mortals.
VPN against malware – a misconception
The marketing departments of VPN service providers have been very successful snake oil salesmen. If they are to be believed, VPNs can do anything from stopping malware to giving soothing backrubs. And while VPNs are indeed powerful tools in your online security arsenal, their purpose is not to contain the spread of malware.
VPN services encrypt your traffic and can, therefore, protect you from hackers on public wifi. They also hide your IP address and make you anonymous online, which can save you from trouble with the law, repressive governments, digital sleuths, and other unsavory characters.
What VPNs cannot do is somehow stop you from clicking a malicious link or distinguish malicious traffic from regular traffic. Neither can they scan your hard drive in search of suspicious files.