What Is Malware?

What Is Malware?

Malware, short for malicious software, is a program or file that is designed to damage or exploit a computer, network, or server.

Malware has existed for nearly as long as computer systems. Over the years, it’s undergone a tremendous evolution in both form and function. The first computer viruses were simple experiments, quirky bits of software that did little beyond displaying a text popup or two. 

Modern malware is an entirely different beast. As the weapon of choice for most threat actors, it’s used for everything from extortion to data exfiltration, service disruption, and simple destruction. Whether as toxic code snippets, self-replicating apps, or criminally oriented software-as-a-service platforms, malware reaches virtually every corner of today’s threat landscape. 

Diversity is malware’s greatest strength—and the core of the threat it represents to businesses. 

Types of Malware

Malware is as diverse as it is ubiquitous. Nearly every user and business have encountered it in one form or another. These are the most common types of malware. 

Viruses

Malicious software which infects a program, file, or device. When a user accesses the payload containing a virus, it alters their system’s operation in some way, frequently spreading to other devices on the network in the process. Some viruses also accept commands from their developer, providing a threat actor with more direct control over infected systems. 

Worms

Worms are essentially autonomous viruses. They spread and replicate without requiring input from the user or their original creator. 

Trojans

Seemingly legitimate software that contains malicious code that a threat actor might use to gain remote access to or even seize complete control of a user’s computer system. 

Rootkits

Rootkits provide a threat actor with privileged access to an infected system while actively avoiding detection by traditional antivirus software.

Spyware

Spyware is malicious software that collects data on user activity in the background and transmits that data back to a threat actor. Keyloggers are a prevalent and insidious form of spyware, frequently leveraged to compromise user accounts. 

Adware

A comparatively benign form of malware, adware floods an infected system with advertisements to generate revenue for criminals. These ads, however, may contain payloads for additional malware. 

Ransomware

Ransomware is a form of malware that locks a victim out of their account, device, or data until they meet a ransom demand. As one of the most widespread and damaging forms of malware, ransomware can typically also exfiltrate data and wipe devices.

Crytojackers

Cryptojacking malware drains system resources and may cause system slowdown and hardware damage by mining cryptocurrency in the background. 

Fileless

Fileless malware relies on native system tools and exploits rather than existing as a payload anchored to a file or app. 

Malware-as-a-Service

A relatively new business model in which criminals bundle the functionality of their malware into a SaaS platform which is then marketed to other threat actors. 

How to Protect Your Organization from Malware

Carelessness represents the most common delivery vector for malware, ranging from phishing emails to careless file and application downloads. Protecting your systems and data from malware requires a comprehensive, multi-layered approach that includes employee training, corporate cybersecurity policies, and advanced protection tools.

CylanceGUARD for Malware Protection

As a human-centric subscription-based 24x7x365 Managed XDR service, CylanceGUARD® provides the expertise and support businesses need to prevent and protect against malware attacks. CylanceGUARD combines the comprehensive expertise embodied by BlackBerry Cybersecurity Services with AI-based Endpoint Protection (EPP) through CylancePROTECT®, continuous authentication and analytics through CylancePERSONA, and on-device threat detection and remediation through CylanceOPTICS®. In short, CylanceGUARD provides business with the people and technology needed to protect the enterprise from the modern threat landscape.
LEARN MORE

Related Resources:

Resource Icon Data Loss Prevention (DLP) Resource Icon Endpoint Security Resource Icon Endpoint Protection Platforms (EPP) Resource Icon Endpoint Detection and Response (EDR) Resource Icon Extended Detection and Response (XDR) Resource Icon Identity and Access Management (IAM) Resource Icon Managed Detection and Response Resource Icon Managed XDR Resource Icon MITRE ATT&CK Framework Resource Icon Mobile Threat Defense (MTD) Resource Icon User and Entity Behavior Analytics (UEBA) Resource Icon Zero Trust Architecture Resource Icon Zero Trust Network Access (ZTNA) Resource Icon Zero Trust Security Resource Icon Security Information and Event Management (SIEM) Resource Icon Secure Access Service Edge (SASE)
More Resources