Learn more about malware first
2021 saw a dramatic increase in cyber attacks, with the first half of 2021, recording more cyber intrusions than all of 2020, with malware being a key component of attacks and 2022 is not shaping up to be any different. The term malware signifies a broad category of malicious software that is created to damage, infect, or disrupt a system. Malware refers to viruses, spyware, ransomware, trojan horses or any other form of dangerous software. It is installed into the victim’s computer system without consent and may cause the device to crash. The malicious software can also be used to monitor the victim’s online activity or gain access to confidential data.
A malware attack can have disastrous consequences on the system. It may even destroy the system from its core along with the additional blow of losing precious data. Therefore, it is extremely important to have in place strict security measures that can make early detection possible and decrease the chance of a potential malware attack.
Reported Cybercrimes during the 2021 financial year
- Over 67,500 cybercrime reports, an increase of nearly 13% from the previous financial year.
- Financial losses from cybercrime total more than $33 billion.
- Approximately 25% of reported cyber security incidents affected entities associated with Australia’s critical infrastructure.
- Nearly 500 ransomware cybercrime reports, an increase of nearly 15 % from the previous financial year.
- An increase in the average severity and impact of reported cyber security incidents, with nearly half categorised as ‘substantial’.
Cybercrime reports and average reported loss by organisation size
Self-reported financial losses due to cybercrime in Australia-based cybercrime reports totalled more than $33 billion (AUD). Due to open and complex cybercrime investigations, these figures may not be fully verified by law enforcement and a significant portion are related to cyber-enabled crimes. Small businesses made a higher number of cybercrime reports than in the previous financial year; however, medium businesses had the highest average financial loss per cybercrime report
How to Detect Malware?
Detecting malware at an early stage can save a company from massive amounts of data loss. A Cybersecurity Assessment can also help you understand the status of your system’s health and malware detection. Early detection can also reduce the amount of money and resources spent.
A system may be infected with a type of malware if it is displaying some or all of the characteristics below:
- Your system is displaying error messages repeatedly, is slower than usual, or crashes without any warning messages
- Your system is not shutting down, or restarting as usual
- You are receiving pop-up messages of irrelevant or inappropriate content
- Inappropriate ads are appearing on your screen and interrupting your activity
- You are unable to remove unwanted software
Some other less common signs of a malware attack include:
- Your system battery is draining quicker than usual
- Some icons appear on your toolbar that you did not opt-in for or other changes made to your browser
- Your browser’s homepage changes repeatedly without warning
For detecting the presence of malware in your system, use a reliable anti-malware program and run periodic scans for their timely removal.
Common Types of Malware
There are many different types of malware but most are used to either steal your information, your computer’s resources, or your data. There are six common types of malware that will affect your business:
There is a common misconception that all malware programs are viruses. This is not the case. A virus becomes part of the victim’s system – which means that when other legitimate files are running, the virus file continues to increase its infection. Today, viruses form a small portion of malware that is infecting systems. During the execution process, viruses tend to infect other files too which makes the system extremely hard to clean-up after an attack.
Worms are malicious software that spread into the system. Unlike viruses, worms don’t need a user-action to spread. They can clone themselves and destroy systems. A single worm in a system can cause the entire organisation to suffer.
Trojan is a type of malware that usually spreads either through infected websites or via links in emails. Hackers trick users into downloading Trojan viruses through pop-ups on websites or through other sources. Once the Trojan has downloaded, the system becomes infected and security is compromised.
Ransomware requires the victim to pay a certain “ransom” if they want the malicious software removed from the system. It is one of the most dangerous forms of malware as it spreads very fast and encrypts all files encountered, making them inaccessible to the system owners.
Spyware is a type of malware that makes it possible for hackers to pry on systems. By doing so, hackers can get their hands on private information such as log-in credentials and financial information. Fortunately, spyware does not spread like viruses and worms and is comparatively easier to remove.
06. Hybrid Attack
A Hybrid attack is one of the most dangerous forms of attacks. They are a combination of two or more malware programs. In other words, they have combined features of two malicious software programs. For example, a virus that is initially behaving like Spyware may replicate itself like a Worm and cause irreversible damage to the system under attack.
Ransomware-related Crime Reported to ACSC
During the 2021 financial year, the ACSC received nearly 500 ransomware cybercrime reports which is an increase of nearly 15 % compared with the previous last financial year.
In the 2021 financial year, the ACSC also responded to nearly 160 cyber security incidents related to ransomware. The professional, scientific, and technical services sector and the health sector reported the most ransomware-related cyber security incidents.
How to Prevent an Attack?
There are several preventive measures to avoid a malware attack.
- Save backups of all important files on your system so that you don’t have to worry about losing precious data when you’re fighting a virus
- Make sure that all the software on your system is up to date
- You should have a powerful anti-virus program installed into your system, updated to the latest version
- You and your team should be trained to not open any emails or click on any pop-up messages that randomly appear on your browser
- Use two-factor authentication to enable high-grade protection
- Use strong password combinations and update them regularly
- Educate yourself on safe browsing practices
Comply With the ACSC Essential Eight
ACSC Essential Eight is eight prioritised strategies to help businesses protect themselves against a cyber attack. Aimed at preventing malware delivery, mitigating cyber security incidents, and serving as a baseline for organisations to address different cybersecurity risks and defend their systems online.
The Essential Eight is designed to protect Microsoft Windows-based, internet-connected networks.
The strategies have been designed to complement each other, and to provide coverage across a range of cyber threats and cover 8 areas:
- Application control
- Patch applications
- Configure Microsoft Office macro settings
- User application hardening
- Restrict administrative privileges
- Patch operating systems
- Daily Backups
To guide you in the implementation the ACSC has published a maturity scale that helps measure your business’ alignment with each strategy.
- Level 0 (Immature) – Not aligned with the mitigation strategy (no compliance)
- Level 1 (Intermittent) – Party aligned with the mitigation strategy (low compliance)
- Level 2 (Committed)– Mostly aligned with the mitigation strategy (medium compliance)
- Level 3 (Advanced)– Fully aligned (highly protected) (2)
The ACSC provides a minimum cyber security posture which includes reviewing and enhancing detection, mitigation and response measures.
Our recommendation is to undertake a comprehensive cyber audit to assess your vulnerabilities and cyber gaps.
The results will inform the action and strategy required to mature your cyber security posture as a minimum meet the ACSC Essential Eight requirements but also goes above and beyond.
Protect your Business with KMT
Having strong protection against malware is integral to the safety of your system and business. Using updated anti-virus programs and firewalls is one way to protect yourself, but you should always have a detailed plan of action in case your system is infected.
Combining the experience of a dedicated cyber security team, as well as hands-on security specialists, Kaine Mathrick Tech has one of the most mature and highly credited managed cyber security solutions in Australia.
A comprehensive cyber security strategy and implementation plan will help ensure your business have the most appropriate people, processes and technology to help you mitigate or at worst recover fast from a cyber attack.
Here are some things that may assist you improve your cyber security posture:
- ACSC Annual Cyber Threat Report 2020-21: https://www.cyber.gov.au/acsc/view-all-content/reports-and-statistics/acsc-annual-cyber-threat-report-2020-21
- Malware: https://www.cyber.gov.au/acsc/view-all-content/threats/malware