What is Malware

Malware is a software designed to allow an outside party access to a computer without the knowledge of the computer owner. A type of malicious cyber activity, malware cost the U.S. economy somewhere between $57 billion and $109 billion in 2016 in outright theft of proprietary or sensitive data, intellectual property, the resulting ransom, and from lost productivity, according to a 2018 report from the U.S. Council of Economic Advisors. The wide range of the damage estimate should be noted; given the nature of cybercrime and malware, it is often hard to detect and may not be detected until many years after it does its damage, if ever. Malware and other cyber-attack methods lead corporations and individuals to spend billions of dollars on cybersecurity per year. A 2016 estimate has such spending by businesses alone to exceed $100 billion by 2020. Malware is a portmanteau of “malicious” and “software.”

Breaking Down Malware

Malware refers to a category of software designed specifically to obtain access to a computer without the knowledge of the owner of the system. It is thus differentiated based on the intent of the creator.

Malware comes in a variety of forms, with the most well-known type called a virus. Other types of malware include Trojans, bots, spyware, and ransomware. Viruses and worms make copies of themselves and attempt to infect other computers; spyware seeks to capture and transmit sensitive information; and ransomware locks out the computer owner from the device until money in the form of Bitcoin is paid.

Malware: Most Common Method

The most common way that malware is able to infect a computer is through file downloads. A computer user may open an email attachment thinking that it is from a trusted source, only to download a malware file instead. Malware may also be downloaded from websites if a user clicks on a link, or by sharing files with outside parties, such as through a peer-to-peer (P2P) network. The malware may be an executable file, meaning that it won’t be activated until it is opened on a computer. To increase the odds of the file being activated, malware designers may disguise the file as being something benign.

Malware is most commonly created in order to make money. One way this is done is by stealing information found on a computer, such as credit card information or other sensitive or confidential material. The malware creators may also ransom the information stolen by demanding payment in exchange for not making the information public, or, if the software takes control of a computer, for returning access to the owner. Malware creators may sell the information to third-parties rather than try to collect money from the owners of infected computers directly.

Malware: Increasing Threats via Software

The rise in the number of devices relying on software – from cell phones and computers, to cars and televisions – has increased the threat posed by malware. The emergence of the “internet of things”, in which computerized devices including everyday objects, are connected to the internet, means that outside parties can use malware to gain access to sensitive information by first attacking the weakest link in the security chain. Devices that were once not computerized, such as refrigerators, are turned into smart devices by connecting them to the internet, but with software not designed with security in mind.

Protecting computers from malware is a multibillion-dollar industry. Individuals and businesses seeking protection from malware can purchase software that blocks known threats. Corporate information technology (IT) departments may limit the computer administrative rights of employees, making it more difficult for them to accidentally download programs that may be harmful. While protective software can help reduce threats, educating employees on how to recognize ways that malware may infect a computer is also important. For example, educating employees on how to recognize potentially harmful website links or suspicious download files from unknown email senders can reduce the threat of malware.