How to Get Rid of Malware and Keep It Out
Malware comes in many guises and disguises, and it’s invading our digital lives at home and at work at an alarming rate.
Broadly defined, malware encompasses any type of malicious code that is typically delivered via email or websites and then installed on systems and servers with the aim of disrupting, disabling or taking control of these computing devices. To dodge detection, cunning cybercriminals hide malware in files, mask it to look like legitimate applications or use other obfuscation techniques to bypass security controls. And just about everyone is vulnerable to these increasingly sophisticated, evasive and insidious threats.
According to the AV-TEST Institute, more than 350,000 new malware and potentially unwanted applications (PUA) appear on the threat landscape every single day. Here’s a perspective on how fast the volume of malware has accelerated in the past nine years. In 2010, there were 47 million malware samples. In 2019, that number has skyrocketed to 902 million and counting.
The Many Flavors of Malware
- Backdoor: Remotely accesses a system or encrypted data by bypassing security mechanisms like encryption
- Banking Trojan: Views or steals banking credentials to access accounts
- Botnet: Takes over a computer and adds it to a network of other hijacked systems to send out large-scale spam campaigns
- Credential stealer: Steals data like contacts, browser passwords and other valuable information
- Crytocurrency miner: Takes over a computer to generate cryptocurrency like Bitcoin
- Downloader: Once installed, it automatically downloads other malware
- Keylogger: Captures keystrokes while the user is typing and is often used to steal credentials, like usernames and passwords
- POS: Compromises a point-of-sale device to steal credit card numbers, debit card and pin numbers, transaction history and more
- Ransomware: Encrypts or locks up files to prevent access until the user pays a ransom to unlock their system
- Remote Access Tool (RAT): Enables remote access tools for broad remote control capability
- Rootkit: Enables unauthorized users to gain control of a system without detection
- Spyware: Hides in the background and records data associated with online activities, such as surfing destinations, passwords, credit card numbers and more
- Virus: Attaches itself to a clean file and infects other files, with the end result of damaging a system’s functions, corrupting files or deleting files
- Worm: Infects networks of devices, either across the internet or a corporate network
Telltale Signs of Malware
How do you know when your system has been infected by malware? Here are some of the warning signs:
- Your applications or your computer crash frequently.
- Pop-ups start showing up on your screen.
- You start getting unusual or scary-looking error messages when you’re carrying out normal tasks.
- Your computer is sluggish.
- You run out of hard drive space.
- Even though you’re not online, there’s a high level of strange and suspicious network activity.
- Your contacts start receiving spam emails from you that you never sent.
- You receive a demand for ransom payments.
How to Remove Malware
- Stop any activities that may put you at risk, like shopping or banking online, and disconnect from the Internet.
- Reboot your machine in safe mode to prevent malware from loading automatically.
- Make sure your anti-malware program is up to date and working properly.
- Run a full anti-malware scan.
- Run specialized ransomware or malware recovery tools.
The malware removal procedure we’ve described is all well and good, but even more important is prevention. Traditionally, users relied on antivirus as their primary security defense. But with the surge in new malware variants that use multiple methods to both escape detection and propagate, antivirus alone doesn’t cut it. According to a recent survey, 73% of attendees at Black Hat, a popular information security conference, believe that old-school antivirus is irrelevant and even obsolete.
It’s apparent that a better defense is required. Security vendors are offering a wide array of anti-malware solutions to detect, deflect and eradicate malware. Some even leverage advanced machine learning, a form of artificial intelligence, to accelerate detection and improve its accuracy. Here are some malware prevention technologies that attack the problem in different ways.
- Network access control monitors unmanaged systems and keeps contaminated devices from connecting to the network and spreading malware.
- Web application firewall prevents cybercriminals from launching malware attacks from websites.
- Database scanning discovers vulnerabilities – such as configuration issues, weak passwords and missing patches – in your databases where you store your most valuable information assets.
- Data loss prevention (DLP) identifies and prevents sensitive information from leaving and getting into the wrong hands after malware has infiltrated.
- Anti-ransomware detects, blocks ransomware and unlocks encrypted files.
- Endpoint detection and response tools continuously record system activities and events taking place on endpoints to detect advanced threats.
Stop Malware by Starting with Strong Email Security
While all of these have their place and are vitally important, ultimately malware starts with the communication tool people rely on every day – email. In fact, more than 90% of attacks begin with email. Cyber criminals exploit human psychology through socially engineered techniques that persuade email recipients to do their bidding, like open an attachment laden with malware, click on a malicious link or share credentials. Credential phishing, which has quadrupled from Q3 2017 to Q3 2018, tricks people into sharing their passwords on a fake online form.
One of the best ways to prevent malware attacks is through ongoing training programs, which are an effective hands-on way to make everyone understand risks. The best programs use real-world attack techniques in emails to teach users how to recognize malicious messages and how not to succumb to them.
Additionally, a strong, multi-layered email security solution can help stop malware in its tracks. Choosing the right solution isn’t always easy. As you evaluate different options, keep these key capabilities in mind:
- Email protection that covers cloud-based email applications, like Microsoft Office 365 and G Suite, as well as on-premises email programs
- Automatic scanning of email traffic to detect spam, malware or phishing attacks that are sent via compromised email accounts
- Machine learning for in-depth analysis of email content like spam to determine whether it’s malicious
- Technologies that block malicious URLs and malicious attachments from getting to user inboxes
- Isolation capabilities url clicks within email based on the riskiness of the user and/or link being clicked
- Threat intelligence that provides detailed descriptions of how malware works to help detect and prevent today’s attacks and future attacks
Want to find out what you can do to strengthen your malware defense? Check out our Email Protection resources.
Subscribe to the Proofpoint Blog