Phishing and Malware: Viruses, Trojans, Worms, and Ransomware | Cybersecurity Insights #15

June 12, 2019 posted by

Hello again! Josh here from Absolute. In our last episode, we saw all kinds of cyber threats. In this episode we'll see
how those threats can get to the goods. Let's look at phishing, the most common tool cyber criminals
use to get access to our systems. We've all seen it; the email from your bank or a company you patron asking you for information. "Please update your account,
or profile, or membership or something…" The logos, the font styles, they look real. And there's a button staring back at you. What is it about people and buttons? There's this unmistakable urge to click. And now that you've scratched
that itch and you've clicked, the attacker gets a toehold
to push malware, ransomware, or even grab control of the device directly. Phishing is the most widely
used weapon for cyber-attacks for one, single, very important reason. It works. It exploits our most basic instincts: curiosity, cooperation,
trust, and a willingness to share and help. And when we fall for these deceptions, we were likely to play host to some unwelcome guests in our IT environment: Malware. Malware is a smashed word coming from malevolent (meaning bad) and software, from the word software. Malware tends to come in four forms: 1) Viruses 2) Worms 3) Trojans and 4) Hostage-takers, or ransomware. Viruses are aptly named,
because they infect the system and interact with normal processes to either get the user
to do something to give access, or to disable the system
in some way to make it unusable Worms are designed
with the expressed intent to replicate and spread to other systems. Like viruses, these pesky malware corrupt the host system, but are tailored for reproduction and thus they're more damaging. Compounding the sadism, we have Trojans. These malware look
like approved apps and software, like a printer driver, so they're not easily detected by antivirus. Once installed, they replicate and forge onward to other resources playing the same trick. And by now, most of us have heard of the
last of these weapons: Ransomware. The malware designed to lock your files and data until you pay a fee – usually in the form of cryptocurrency – so it can't be traced. But the good news, of course, is that no phishing scam, or malware is effective without an existing vulnerability. Once again, we see why persistent endpoint visibility and control is so essential. Unless we can see our
trouble-spots and quickly remove risk, we are bound to fall victim to these attack vectors. In our next episode, we'll continue looking at notorious threats: Botnets. Be sure to subscribe and I'll see you next time.

No Comments

Leave a Comment

Your email address will not be published. Required fields are marked *