Back to Course
Լight modeDark mode

Malware & Ransomware

What is Malware?

Malware is a type of software that can cause damage to your computer system. Malicious software can take over your computer, access your private information, or damage your files and data.

Malware can be malicious, meaning that it has bad intentions and tries to harm you. Malicious software is usually designed to steal personal information, collect your passwords, or even destroy your computer

Unintentional Malware Injection

Malware can also be unintentional, meaning that it was created by a developer or company who did not intend for the malware to contain any harmful features. Unintentional malware often consists of poorly written code that allows hackers to gain access to a user’s information or device.

What Can Malware Do?

Malware can cause problems like:

  • Locking up your computer.
  • Hiding your files, making it hard for you to access your important files.
  • Changing the settings on your computer.
  • Downloading viruses, spyware, and other malware onto your PC.
  • Accessing your computer without your knowledge
  • Stealing data from your hard drive
  • Hijacking your browser or web-based applications
  • Taking over your computer to spy on others using it

Types of Malware

The most common types of malware have been discussed below:

  • Viruses are the most common type of malware, characterized by the ability to replicate and spread themselves to other systems. A virus can spread through email attachments, peer-to-peer file sharing, and other means.
  • Trojans are malicious software that spread through a network. They imitate legitimate programs (such as browsers) and trick users into running them by displaying fake security warnings or pop-ups.
  • Spyware is software that secretly collects information about users’ activities and behaviors on their computers and sends this data back to its developer. Spyware can include adware, which displays ads on web pages when accessed, and scareware, which displays fake alerts similar to those found in antivirus software, trying to trick users into buying more security software.
  • Ransomware is malware that encrypts your files and then demands payment to unlock them. The threat spreads through email attachments and infected websites. Cybercriminals have increasingly used ransomware to extort money from unsuspecting victims. 
  • Adware is advertising software that inserts advertisements into web pages viewed by you or any other person who visits your computer. These ads may be served without your consent or knowledge and are often collected without your knowledge. Adware might also track your browsing behavior online (such as site visits or keywords searched for),which can then be shared with third parties without your knowledge or consent.
  • Scareware is also known as fake antivirus or fake security software. It aims to trick you into thinking your computer has been infected with malware when it has not. Scareware typically pretends to be from legitimate security organizations, even though these companies do not distribute such programs on the Internet nor provide support.

How Does Malware Spread?

Following a malicious attachment or link opening, malware can spread and infect devices and networks. Malicious software can sometimes be found on USB drives. Code in email attachments may direct your machine to download more malware from the internet.

What is Ransomware? 

Ransomware is a type of malware that can encrypt your files and then make them inaccessible unless you pay the cybercriminals who sent it a ransom. The problem is that this isn’t just any old malware—it’s specifically designed to make you pay money by taking control of your computer and holding your files hostage until you pay up.

Ransomware-as-a-Service (RaaS)

Ransomware-as-a-service (RaaS) has become a popular business model in the cybercrime ecosystem. Ransomware-as-a-service allows cybercriminals to easily deploy ransomware attacks without any knowledge of coding or hacking needed.

A RaaS platform offers a range of features that make it easy for criminals to launch an attack with little to no expertise. The RaaS provider will provide the malware code, which the customer(attacker) can customize to fit his needs. After customization, the attacker can deploy it instantly via the platform’s command and control (C&C) server. Often, there is no need for a C&C server; a criminal can store the attack files on a cloud service such as Dropbox or Google Drive.

How to Recover from a Ransomware Attack?

To get out of the mess, you must know how to recover from a ransomware attack. Let’s have a look at quick strategies:

Step #1: Don’t Panic

There’s no need to panic if you get hit by ransomware. While ransomware can be damaging, recovering from an attack is not always impossible. If the files are backed up and no legal issues are involved — for example, if you’re not using pirated software — then the road to recovery may be pretty straightforward.

Step #2: Don’t Pay the Ransom

You don’t need to pay anything. This is due to a few factors:

  • Just keep in mind that you are dealing with a criminal. You won’t always get your data back, even if you pay the ransom.
  • You’re demonstrating the effectiveness of the attacker’s method, which will motivate them to target other firms who will follow your lead and make restitution — it’s a vicious cycle.
  • Dealing with an attack costs twice as much when the ransom is paid. Even if you manage to retrieve your data, the infection will still be present on your servers, necessitating a comprehensive cleaning. In addition to the ransom, you will be responsible for paying for downtime, staff time, device costs, etc.

Step #3: Restore Files from Backups

If you have regular backups of your data stored offsite in case of disaster, you can restore them after the attack. 

Step #4: Stop All Incoming Connections

Ransomware often uses a vulnerability in Internet Explorer or another browser to access your computer. If this happens, immediately disconnect from the Internet by unplugging your modem or turning off the Wi-Fi on your device. 

Step #5: Audit Your Security Practices

A good step is to conduct an audit of your security practices to see what needs to be improved. While it’s essential to make changes that address the immediate problem, it’s also important not to overlook other areas of your network that might be vulnerable. 

Step #6: Change All of Your Passwords

This includes passwords for email and social media accounts and any account compromised by this attack — including financial statements where sensitive information such as credit card numbers may be stored. You should also change passwords for devices connected to the internet that were not infected by ransomware.

Step #7: Call in the Experts

If your organization has been hit by ransomware, call in experts who know how to deal with this type of malware. They can help you assess what happened and determine whether there’s anything more that needs to be done before allowing employees back into the network again (or whether they should even go back in). And they’ll likely have suggestions on how best to protect against future attacks.

How To Protect Yourself Against Malware and Ransomware?

There are ways to protect yourself from malware, but it takes a little effort.

Know the Basics of Email Security

Knowing the basics of email security and authentication and what to look for when picking an email server or provider is essential because attacks are getting more sophisticated and challenging to defend against.

We have explained the basics of email security in a separate module that you’ll come across later.

Only Use Trusted Antivirus and Malware Software

There is a lot of malware and ransomware out there, but you can protect yourself from it by using only the software that the antivirus companies trust. The best way to do this is to use free antivirus software that has been created by people who have a background in computer science and can detect new viruses as they come out.

These companies also have staff members who work full-time on developing new methods of detecting and removing these types of viruses.

Configure Regular Scans and Monitor Settings

You should also automatically run scans every day or on alternate days and monitor your system for new threats. This will ensure that you don’t miss any infections that might be lurking on your computer system. It will also ensure that you don’t click on links or download files from suspicious websites without knowing what they contain or what they could do to your computer system if downloaded onto your device.

Keep a Tight Grip on Your Personal Information

Before you share any personal information online, keep it safe by using 2-Step Verification and strong passwords that can’t be guessed with software or brute force attacks. You should also use an antivirus app on your computer and mobile device to scan files for viruses before they’re opened or saved. Also, don’t open any suspicious links in emails or texts — they can contain malware that can infect your computer or device if clicked on.

Always Update Your Operating System

Make sure you have the latest version of your operating system installed. If a new update is available, it will prompt you with a notification. If you do not install it immediately, an attacker may be able to access your computer and install malware or ransomware. You should also keep your antivirus software up-to-date with the most recent security patches available.

Introduction to Email-Based Attack Vectors >Malware & Ransomware
Course content
Email Authentication Fundamentals