Threatware (malware, spyware) is a category of malicious computer programs designed to harm computers. The programs are spread by cybercriminals to wreak havoc and gain access to sensitive information. They include trojan horses, adware, rootkits, ransomware, worms, and keyloggers. Recently, ransomware has been in the news as hackers are using it to hold IT systems and data hostage.
Ransomware attacks on JBS Foods, Colonial Pipeline, and other major organizations made headlines earlier this year. Hackers exploit security weaknesses and hold the data of companies, governments, and organizations hostage, at times demanding tens of millions of dollars in payment.
Read deeper on the Colonial Pipeline hack on eSecurityPlanet
How does threatware spread?
Threatware can spread in different ways. Here are the most common:
- Opening an email attachment with malware
- Downloading free or legitimate software that secretly contains threatware
- Visiting a website infected with malware
- Clicking a pop-up window or a fake error message that initiates a threatware download
If successful in infecting a network, threatware can spread quickly to devices like computers. Some malware types start encrypting files several days after being downloaded, while others download in segments to try and trick antivirus software.
4 ways businesses can defend against threatware
1. Limit File-Sharing
Some sites and applications allow users to easily share files but offer little protection against threatware. Malware might be disguised as a movie, a game, or a program. Be extra careful when exchanging or downloading files.
2. Use Antivirus Software
Antivirus software detects, prevents, and eliminates malicious software in a computer. It scans files for malware before opening them. The software should be set to automatically update and perform regular scans so operating systems work efficiently.
3. Run Software Updates Regularly
Software updates are crucial because they often include patches to security holes. They remove outdated features and improve the stability of software. Outdated software is susceptible to malware infections and cyber concerns like ransomware.
4. Avoid Clicking Strange Links or Downloading Unknown or Unsolicited Files
Stop visiting unknown websites and clicking random links. Clickbait links (eye-catching links leading to websites) are sometimes used in phishing attacks, driving users to a different page where they unknowingly install malware or enter their personal information. Also, downloading files on unfamiliar sites–like pirated music videos or movies–can infect a system.
What to look for in threatware protection software
- Anti-threatware protection: this may seem obvious, but an antivirus must have anti-malware protection tools that monitor and secure the entire attack chain. It should offer file protection and automatic file recovery.
- Exploit prevention: this protects a network by minimizing exploits in vulnerable applications, identifying malicious behavior in a system, and safeguarding critical processes in web browsers.
- Cybersecurity and data protection: combining cybersecurity and data protection in a single, central platform reduces the security vulnerabilities linked to having multiple vendors supporting many tools across a system.
- Backup and recovery: the threatware protection software should have extensive backup and recovery features to help get your business back up and running quickly.