Page Content

Tutorials

Load more

Advantages And Disadvantages Of Malware & Types Of Malware

CCNA
Hemavathi
Author: Hemavathi
6 min.read

In this article we will talk about malware, how it works, why it is important, advantages and disadvantages of Malware, its applications and its types.

Malware

Malware
Malware

A portmanteau of “malicious software,” malware refers to any software that is purposefully created to damage a computer system, interfere with its functionality, or obtain unauthorized access to data, a network, or a computer system. Malware is used by cybercriminals for a number of evil objectives, such as extorting money, stealing confidential data, or just wreaking havoc.

How Malware Works?

Malware accomplishes its malevolent objectives by taking advantage of flaws in programs or systems. Through popular vectors like email or online browsing, it frequently targets endpoints (hosts like laptops, workstations, servers, IP phones, and employee-owned devices under a BYOD policy). Once compromised, an endpoint can serve as a gateway for a threat actor to obtain sensitive data and vital system components like servers. Additionally, malware can take CPU cycles, memory, disc space, and network bandwidth, possibly preventing authorised users from accessing resources.

Also Read About What is Virtual Router Redundancy Protocol & How VRRP Works

Why Malware is Important?

Since malware poses a serious and widespread danger to network security, it is imperative to comprehend and take precautions against it.

  • Widespread Impact: By erasing data, interfering with processes, or stealing private information, malware can result in extensive harm.
  • Threat to Critical Infrastructure: Cybercriminals have the know-how and resources to spread malware that can destroy vital systems and infrastructure.
  • Data Exfiltration: Threat actors may use a hacked endpoint as a means of obtaining sensitive data and vital internal systems, which could result in data exfiltration.
  • Denial of Service (DoS): Certain malware types have the ability to use up network resources, resulting in Denial of Service(DoS) situations.

Types of Malware

Malware comes in various common forms:

Viruses

  • Description: Malicious software that infiltrates other programs and uses a computer to carry out particular, undesirable, and frequently dangerous tasks. By putting copies of itself into computer files, it “infects” them (typically other executable programs).
  • Propagation: In order for viruses to proliferate, human intervention is necessary. By reading email attachments, downloading software from the Internet, or connecting a USB drive to a computer, they rely on users to spread the malicious application software to further victims.
  • Adverse Effects: Viruses frequently cause harmful side effects, sometimes on purpose and other times accidentally.
  • Variants: Types include file viruses and boot sector viruses, which conceal themselves in the boot sector and load the operating system.

Worms

  • Description: Self-replicating malware that propagates from system to system on a network without human intervention. It installs copies of itself in the memory of compromised systems and runs arbitrary code.
  • Propagation: By taking advantage of weaknesses, worms spread to and infect other systems independently.
  • Impact: A computer may fail as a result of a worm replicating itself so frequently.

Trojan Horses

  • Description: Malware that does not replicate itself, concealed and bundled within other genuine software or masquerading as a game, utility, or program.
  • Mechanism: The Trojan horse secretly installs itself on the user’s computer once they download and open an infected file or application, allowing it to attack the end device from within. It can make alternatives to popular apps, track login attempts, record user credentials, or change how an application behaves.
  • Propagation: Trojan horses may only propagate by means of user involvement, including accessing USB drives, downloading software, or opening email attachments.

Spyware

Description: Malware that gathers personal information from users, such as their keyboard input or browsing history, and frequently displays intrusive pop-up ads.

Also Read About What is ICMP and How it Works and Types of ICMP Messages

Advantages and disadvantages of malware

Advantages and disadvantages of malware
Advantages and disadvantages of malware

Advantages

From the standpoint of a threat actor, malware has the following benefits:

  • Covert Infiltration: Trojan horses give hackers the ability to conceal harmful code inside of software that seems authentic, fooling consumers into installing it.
  • Automated Propagation: Worms have the ability to propagate automatically over networks, infecting several systems without the need for human intervention, allowing for rapid and extensive compromise.
  • Resource Depletion: Malware variations can be made to create Denial-of-Service conditions by using memory, disc space, CPU cycles, and network bandwidth.
  • Data Collection/Theft: Trojan horses have the ability to track login attempts and obtain user credentials. Spyware primarily seeks to gather personal information about users.
  • Persistent Access: Threat actors can obtain sensitive data and vital systems by using compromised endpoints as a persistent point of access.

Disadvantages

The dangers of malware are serious for network defenders:

  • Data Loss and Service Disruption: Malware can make systems lag or crash, which can result in expensive network disruptions, lost productivity, and the loss or theft of important data and assets.
  • Endpoint Compromise: Endpoints are especially vulnerable, and an infected endpoint can jeopardise the security of an entire network.
  • Challenge in Detection: When a new virus is identified, there is frequently a lag (referred to as a “zero-day” period) until security solutions (such as antivirus software) have updated signatures to detect it. During this time, hosts are at danger.
  • Resource Consumption: Malware has the ability to deplete system and network resources, affecting authorised users and services.
  • Risk of human contact: Since many malware kinds, particularly Trojan horses and viruses, depend on human contact, raising user awareness and training is an essential but difficult part of defence.

Applications

Network security uses a range of tools and techniques to lessen malware attacks:

Antivirus and Anti-Malware Software

These programs are installed on computers to safeguard them, check them for Trojan horses, worms, and viruses, and stop infections in the future. Keeping this program updated, including with the most recent definitions of viruses and malware, is essential.

Cisco Advanced Malware Protection (AMP)

Endpoints are protected by this host-based program, such as Cisco AMP for Endpoints. File transfers that would install malware can be blocked by network-based antimalware features, like those on Next-Generation Firewall (NGFW) platforms, which can also save copies of files for subsequent examination.

Content Security Appliances

  • Tools such as the Cisco Web Security Appliance (WSA) and Cisco Email Security Appliance (ESA) give users of an organisation fine-grained control over their web and email usage.
  • Cisco ESA: Examines, records, and deletes malicious emails, including those that contain malware and are part of phishing scams.
  • Cisco WSA: Offers total control over Internet access and blocks malware by combining powerful malware protection, application visibility and control, URL filtering, malware scanning, web application filtering, and acceptable use policy controls.

URL Filtering

Often present in WSA and NGFWs, this capability analyzes URLs in web requests, classifies them, and then filters or rate-limits traffic according to rules. It can prohibit access to domains known to harbour malware by using reputation scores from security organisations like Cisco Talos to inform its conclusions.

Intrusion Prevention Systems (IPS)

IPS devices can block or reroute unwanted traffic in addition to actively scanning for inappropriate activity and recognised signatures of typical assaults, such as viruses and worms. Using anomaly detection, Next-Generation IPS (NGIPS) can identify odd traffic patterns that might point to the spread of malware.

Application Visibility and Control (AVC)

AVC enables a thorough examination of application layer data to detect programs and protect against malware attacks that exploit random port numbers.

Endpoint Security Policies

Putting in place “bring your own device” (BYOD) policies to make sure staff-owned devices have the bare minimum of security features, like virus detection software and the most recent patch revision levels, before they can be connected to the network.

User Awareness and Training

To stop users from unintentionally introducing malware, it is essential to educate them about the dangers of email and online browsing, social engineering attacks (such as phishing), and safe software acquisition techniques. Users should exercise caution while downloading software from unidentified sources because illicit channels are often the main source of viruses.

Device Hardening

Patching security flaws and updating programs and systems on a regular basis helps prevent malware from taking advantage of them.

Also Read About Why Network Security Assets Is Important & Its Applications

Previous article
Basic Arithmetic Operators in R Programming with Example
Next article
The Rules of Operator Precedence in R With Code Example
Hemavathi
Hemavathihttps://govindhtech.com/
Myself Hemavathi graduated in 2018, working as Content writer at Govindtech Solutions. Passionate at Tech News & latest technologies. Desire to improve skills in Tech writing.

About Us 

Contact Us

Privacy Polacy

Disclaimer

© G Solutions

Index