There’s no better motivator for checking your own security than another organisation experiencing a breach. In recent years, major malware attacks have broken relationships with customers and clients, breached data security laws, and cost companies across the world billions in damages. While the big companies are the ones who make the news, however, attackers don’t discriminate – and your business could be next.

Cybersecurity shouldn’t just be something that’s done in response to news events or trends. Malware poses a risk to organisations at all times, and extreme diligence is required to keep up with new threats to your data. This is particularly true when your business uses a multitude of different devices, from desktops to laptops to mobile phones. Here then is a rundown of how to keep your devices safe from malware – and why effective cybersecurity is so important.

What is malware?

Malware is the term for any malicious software. This software is often installed and run surreptitiously on your computer in order to reap some financial reward, either by stealing files or hijacking your device, and using it to complete other tasks.

What most people think of viruses is actually malware, with a virus being just one kind of malware. Other common types of malware include worms, spyware, trojans, and ransomware. Different types of malware are categorised by how they are downloaded, how they operate, and the effects they have on infected devices.

Antivirus vs anti malware

Antivirus software such as Norton or McAfee will usually protect against many kinds of malware, and not just viruses, although the level of this protection varies depending on the software you use. Similarly, some companies use ‘anti malware’ to distinguish their software as offering higher protection than standard antivirus software.

You may use one or both types of software depending on the features they offer. For example, it’s common to use one antivirus software for active threat protection, but another piece of software to perform scans, or to perform scans with both. As different software providers have different databases of threats that are updated at different times, one may recognise a threat than another misses.

What does malware do?

There are endless different forms of malware, and they can all be harmful. Malware can spy on your private information, lock your documents and data, show you intrusive ads, or use your device to mine cryptocurrencies without your knowledge. All types of malware are also likely to slow down your devices and reduce their lifespan.

Malware is malicious software, that can cause harm in many ways, including:

• Causing a device to become unusable or locking you out;
• Deleting, stealing or encrypting data;
• Taking control of your devices to attack other organisations;
• Obtaining credentials which allow access to your organisation’s systems or services that you use;
• Mining cryptocurrency;
• Using services that may cost you money.

As malware has become very profitable for cyber criminals, they now use a wide variety of tactics in order to infect more and more devices. Malware is most likely to infect your device when you visit illegitimate websites, download media or applications from the web, open links or attachments in phishing emails, or plug in unknown removable devices into your computer.

How to protect your devices from malware

Helping employees learn what to look for, what not to do, and what to do both proactively and in the event of a cyber-attack/malware infection will significantly reduce the risk of cyber related incidents to your organisation.

While there’s no surefire way to avoid malware, making sure your employees take a few simple precautions to protect their devices will go a long way towards minimising the risk.

Whenever you use any of your devices, adopt the following rules:

• Don’t open or download unexpected attachments. Attachments from addresses or names you don’t recognise could contain malware. Be particularly suspicious of any files with a .exe or .bat extension (Windows) or a .dmg or .sh extension (Mac), as these are executables used to install and run software.
• Don’t plug in removable devices you can’t trust. You should avoid using USB drives at all wherever possible, as they are a common infection vector. But definitely don’t plug one in that you’ve found somewhere! It’s not uncommon for cybercriminals to deliberately leave infected USB drives near businesses in order to infect their systems.
• Avoid suspicious and illegitimate websites. Many businesses avoid using web filters as they can be more trouble than they’re worth. However, this puts the onus on individuals not to browse to untrustworthy sites. Make sure to type URLs in properly, and try to only visit websites you recognise where possible.
• Only install applications from official application stores. Software listed in official app stores such as the Apple App Store or Windows Store has been tested to ensure it is safe. Where software is only available from a website, ensure it is the official website of the software provider, and consult your IT department or service provider where possible.
• Keep your operating system, software and antivirus software up to date with the latest patches! System and software updates often exist to fix security issues, and often in response to new malware that exploits those vulnerabilities. Failing to install updates in a timely fashion increases the risk that malware will exploit your outdated software and infect your devices.

Finally, if you are ever in doubt or think you may have encountered malware, don’t hesitate to ask your IT support team for help. To learn more about our managed cybersecurity and how to keep your devices safe from malware, get in touch with the team at Sota today.