The different cybersecurity threats and how MSPs can prevent them

Illustration: Ram Prasath

cover

The internet is rife with a multitude of digital risks that threaten to compromise our personal lives and the integrity of our businesses. Ransomware, phishing bots, trojan horses…the risks posed by malware steadily increase each day.

The internet is rife with a multitude of digital risks that threaten to compromise our personal lives and the integrity of our businesses. Ransomware, phishing bots, trojan horses…the risks posed by malware steadily increase each day. 

But before we start talking about how we can protect ourselves from malware, let’s look at a fundamental question.

What is malware?

The word ‘malware’ can be thought of as a combination of ‘malicious’ and ‘software’. The purpose of malware is simple: it attacks vulnerable users and tries to gain access to critical information or data that could be leveraged against them. There are different types of malware, and are deployed differently, depending on their purpose. 

The most common types of malware are downloadable applications that are shared through suspicious emails. These emails make the unsuspecting users click links which trigger a download into their system. These types of malware can be avoided only if a user doesn’t doesn’t manually download the file. So, in theory it seems like a fairly simple problem to solve. However, in reality, there are too many scammers out there right now, and they’re starting to appear more “authentic”, every day. This makes it increasingly difficult for the layman to distinguish between what is legitimate and what’s fake and risky. 

To understand this more comprehensively, let’s first take a look at the different types of malware. Then, we will see some of the ways in which it spreads.

What are the different types of malware?

Depending on how the malware enters your system and how it infects it, there are broadly eight different types of malware. 

1. Viruses

Viruses are the most commonly known form of malware to the average user. A virus comes bundled with a seemingly innocent-looking software, and once you’ve given it consent, it starts to execute the harmful code that is embedded within it. This can cause a lot of issues for the computer, and can even affect the larger network in which it operates - provided that other users also respond to the malicious software in exactly the same way—by downloading it and then executing it on their systems. Again, a key to keep in mind is that one of the ways to protect yourself against viruses is to not download applications from untrusted sources - since they do not affect your PC unless you give them explicit consent.

2. Spyware

Spyware is a type of malware which literally allows somebody to ‘spy’ on your computer. Depending on the type of spyware, there can be a remote user who gets access to all of the files, folders, and programs on your computer, or it can be a keylogger, which records every single key you type and when. As you may imagine, there are a variety of disturbing uses for spyware - including observing people through unseemly means, stealing their precious data, as well as recording their passwords through the keys they press on a particular website. Spyware don’t require user permission to be installed on to a computer, making them much harder to protect against. 

3. Trojan Virus

Taken from the Greek story where the Greeks used a Trojan horse to sneak into Troy and defeat their army, this type of malware actually presents itself as a helpful program or software at first glance. Once the user allows this particular virus to be installed, it completely disrupts their system by overloading the system with useless processes, showing them more ads even when they aren’t connected to the internet, and so on. One thing that must be kept in mind with trojan viruses is that, much like other viruses, they need user permission to be installed - so users should be extremely careful about what they install on their computers.

4. Ransomware

This type of malware is called ransomware since it holds a certain piece of data as a hostage, and demands a certain ransom to release that data. This may sound strange at first glance—how can you hold data hostage? The user first downloads the ransomware, and gives it permission to be installed into the computer. Once this happens, the ransomware encrypts a certain file or folder that is essential for the user. Once the user finds out that essential data has been taken hostage, they often receive a conveniently timed email from a “data-recovery service” that can help recover your data for “a fee”. This data recovery service is just the hacking group responsible for the ransomware, and the fee is nothing more than the ransom itself.

5. Adware

Adware is a wide category, with types of different forms and severities. The basic type of adware just shows you an ad (or several ads) of a particular company or product, while more advanced forms of adware show you ads based on the data they steal from the browsers and other applications you’re using on your computer. Regardless of the complexity of the adware, it can still slow your system down to a crawl, so it’s important to make sure that you run scans to ensure your system’s health as and when you can. 

6. Worms

Worms are a particularly dangerous type of malware since they require no input or acknowledgement from the user’s end. In fact, this type of malware is called worms precisely because they can proliferate quickly and are usually small in size. Still, it would be wise not to discount the kind of system resources worms can eat up when they infect a particular system. Also, when it comes to worms, it is important to know that they can spread across systems sharing the same network as well - so the first thing to do when you’ve identified a worm in your system is to make sure it isn’t connected to the internet or the home LAN.

7. Scareware

Scareware uses annoying pop-up ads to scare the user and clean your disk or remove the virus that is now in your system. Ironically enough, the very thing that is notifying you that your system is infected, is the thing that is infecting your system. Scareware does nothing but create a false sense of panic so that a user falls into the trap of downloading something that will end up harming their system. As a rule of thumb, you should disregard anything that tells you that your computer has low disk space or is already infected. These types of notifications, though rare, will pop up in the system tray as opposed to separate windows while browsing the internet.

8. Fileless Malware

A particularly sneaky type of malware is called fileless malware because it can infect your computer without having a particular file on your computer, thus being able to survive any antivirus checks or scans that are conducted on your system. How is it able to do this? Typically, this type of malware operates in much the same way as trojan viruses; you’ll have a seemingly innocent software that you will install on your computer, and in the process the installation software will alter the registry on your system, thus making it susceptible to a wide range of attacks. Because it leaves a very tiny (or no) footprint on your system, this type of malware is the toughest to detect and remove.

How do you identify the presence of malware?

If you’re not sure whether your system has malware, there are some telltale signs that you can check for, to verify whether you have any or not. Here are some signs you can look out for:

1. Unfamiliar browser homepage or desktop: Often, you may find that your web browser’s homepage has changed to something you’ve never visited in your entire life. Or, there could be new softwares and programs opening up during startup that you never installed in the first place. This is a definite sign that there is malware in your system - and most likely it will be adware or trojan viruses.

2. System running slower than usual: One of the ways in which malware affects your system is by overloading its resources by running fraudulent programs whose whole purpose is to eat up the available resources. This is why, if you find that your computer is suddenly running much slower than it used to - for no apparent reason - it could mean that your computer has malware. 

3. Unusual pop-ups even when offline: A characteristic of adware is that it starts showing unnecessary ads, even when your system is not connected to the internet. This is because it already contains all the files that it needs to display the ads - and you’ll find that it redirects you to a particular website as well, even if you’re offline. If this is happening when you use your PC, it is likely that you have malware. 

4. Unexpected low storage warnings: Yet another way in which malware operates is by replicating itself, in the case of worms and spyware. So, it could happen that one particular bit of malware has started multiplying in your system, and no matter what happens, you are powerless to stop it - and it continues till you run out of disk space. 

5. Inappropriate Messages and Pictures as Pop-ups: As with the standard online browsing experience, malware displays annoying and sometimes inappropriate visual images and text that you often find when you’re browsing the web. But the key difference here is that it happens all on your system. If this is happening to you, it’s definitely a case of malware.

How do you remove malware once and for all? 

If you’ve detected that your device or your client’s device has been infected, getting rid of malware can be a frustrating process. But  there are various ways to ensure that you can get your system back to the way it used to be. The steps you need to follow are: 

1. Do a clean/safe Boot without logging in: by doing a clean boot you are ensuring that no programs except for the absolutely essential ones are running at the time that your computer is starting up. Thus, you can diagnose the issue. 

2. Turn off the internet (in case it’s on): Most computers start up with the internet turned off in case you’re doing a safe boot. If that’s not the scenario for you, make sure to turn off the internet before you continue. 

3. Delete temp files: You have to delete all the temporary files in your computer, and your browser as well. This will make sure that any malware’s data imprint is no longer stored on your computer.  

4. Scan your activity monitor: If you have any unrecognized processes still operating during a safe boot, it’s an indicator that there’s malware that’s managed to avoid your countermeasures. This is usually a good time to start taking more comprehensive measures.

5. Use anti-Malware software: Once you’ve completed the steps above, you should run your anti-malware software to check for any signs of malware. Perform deep scans to thoroughly remove any threats from your device.

6. Check Your browser for signs of malware: There is still a small chance that you may have some malware in your browser. Open it once, just to be sure, and check that everything is the way it is supposed to be before you continue to the next step.

Thanks to the amount of research that has been done into different types of malware and how they affect the systems of average users, we have a lot of information on how to handle these attacks. The rule of thumb, however, is to exercise extreme caution when you’re browsing the internet, and to check twice, maybe even thrice, before you commit to installing something into your system. Other than that, you’ll learn the tricks of the trade as you go along, so there’s no need to be worried at all.   

SUGGESTED STORIES

0
Cover
Mapping Your Calendar: 24 MSP Events to Attend in 2024

Discover key events for 2024, to unlock success in the MSP world! Mark your calendars to power your MSP journey with expert insights and networking.

7 minutes