The first computer virus was known as Creeper System. Crafted in 1971 as part of an experiment by American R&D company BBN Technologies, it was, as you might expect, relatively basic. It simply replicated itself until it filled up a computer's entire hard drive.
Those were simpler times.
Today's viruses are far more sophisticated, and most frequently have a purpose wreaking havoc. Mind you, there's still some malware in the wild that's designed exclusively with destruction in mind. More often, however, it's distributed with some other goal in mind.
Usually, said goal involves money.
Stealing personally-identifiable information or login credentials for the purpose of fraud. Redirecting traffic to a criminal's site in order to artificially generate revenue. Infecting a system to serve as a cryptocurrency mining node or part of a botnet.
These are some of the most common driving motivations behind modern malware. The good news is that understanding them is the first step to protecting yourself from them. After all, if you know what criminals are after, you can take action to prevent them from getting it.
In addition to knowing what most frequently motivates the creation and distribution of malicious software, it's important that you know a bit about the software itself. What it is, what it does, what it looks like, and how it spreads. After all, just because hackers are getting craftier, doesn't mean you still can't protect yourself from their techniques.
If you've been following our series up to this point, you're already familiar with ransomware. If you need a refresher, it's basically exactly what it sounds like. Commonly distributed via phishing emails and fraudulent websites, ransomware encrypts your data or device, locking you out until you pay a predetermined fee to the distributor.
Although ransomware has seen a great deal of prevalence in recent years, it still only represents a small slice of the different types of malware floating around the web. In broad strokes, there are several distinct breeds of malware.
Viruses are traditional malicious software. Though they take many forms, they proliferate by modifying or otherwise infecting legitimate files on a host system. They are almost always distributed manually and require user action in order to execute.
Worms are self-replicating viruses, capable of spreading without user action.
Trojans mask themselves as legitimate programs, most frequently appearing as fake antivirus programs or free versions of premium software.
Fileless malware targets system processes, registry keys, installed applications, and scripts. It's particularly difficult to defend against because it piggybacks off trusted software to do its dirty work.
Mobile malware is precisely what it sounds like. Malicious software designed exclusively to target either Android or iOS.
It's also helpful to categorize malware based on purpose and general characteristics:
Adware attempts to foist advertisements on a user, which may occasionally contain additional malicious payloads. These commonly take the form of pop-up ads, but may also take over entire web pages or redirect you. Some adware may also change your homepage.
Spyware is designed to monitor the computer on which it's installed. A criminal may simply use it to monitor someone's software and web activity, or they may attempt to log keystrokes in order to steal account credentials.
Backdoors enable remote, unauthorized access to an infected system. Rootkits are a particularly nasty form of backdoor which allow an attacker to gain 'root' access, meaning they have administrative privileges.
Bots turn infected devices into part of a botnet. Said botnet can then be used to execute a distributed denial of service (DDoS) attack, which overwhelms a target with bogus traffic until it buckles under the pressure. Bots are usually self-replicating worms,
A Crypto Miner is a comparatively benign type of malware that hijacks system resources in order to generate cryptocurrency, eventually generating revenue for whoever controls it.
By far, email is the most common infection vector for all kinds of malware except mobile. That's not particularly surprising, given how easy it is to convince an unwary user to download a malicious attachment or click a malicious link. You shouldn't let your guard down just because you've trained yourself to recognize a phishing email, though.
There are many other ways malicious software might end up on your computer or smartphone:
Text messages. Malicious texts hit many of the same notes as phishing emails, often taking the form of false updates from a smartphone's network operator or a link to a free app. A good rule of thumb is to never open anything you receive via SMS unless you explicitly trust the sender. Even then, you should exercise caution.
Social networks. Bots run rampant on social networks and dating sites, often plying their targets with false promises in an effort to either steal financial details or install malicious software on the target's device. Compromised accounts may also be used in a similar fashion. Exercise mindfulness, and avoid clicking any links sent to you until you can verify they're safe.
Malicious/fake mobile apps. Although openly malicious apps are relatively rare on both the Google Play Store and the iOS App Store, they still exist, commonly in the form of fake apps that feature some form of subscription scam or malicious external links. Read the reviews before you download anything.
Malvertising. Infected ad networks are an incredibly common delivery mechanism for multiple types of malware. Your best bet to avoiding them is to use an ad blocker, selectively disabling it on sites you know for certain you can trust.
Infected websites. A compromised website is perhaps the most difficult attack vector of all to avoid. You have no control over it, and no idea whether or not a site you frequent has been the victim of a cyberattack.
You now have a general idea of how modern malware looks and behaves. You understand the importance of mindfulness in the face of a dangerous, uncertain web. Knowledge and understanding, however, will only take you so far.
To protect yourself against the threat represented by increasingly-sophisticated malware, you need to install the right security software.
Enter the award-winning Bitdefender Total Security.
It's armed with a diverse set of sophisticated tools to help it efficiently protect your data in real-time with a minimal resource footprint, preventing unauthorized changes to your most important files in the process. AI-driven network threat prevention and advanced threat defense analyze and identify suspicious activity, immediately taking action when it determines something may harm your device. Bitdefender's web filtering technology, meanwhile, ensures you'll never have to worry about landing on a harmful website, notifying you of potential danger and blocking known infected or malicious URLs.
You don't need to settle for installing Bitdefender on only a single device, either. By purchasing Bitdefender Family Pack 2020, you can install the software on up to fifteen devices, protecting all but the largest households against today's sophisticated malware. With that said, protecting smartphones and computers against malware isn't going to be sufficient on its own.
You also need to take measures to safeguard smart devices, a topic we'll discuss next time.