Top malware threats of 2021 and ways to protect your device in 2022
Tue 21 Dec 2021 | Finnbarr Toesland
Cyber attackers have seized on the changing business ecosystem over the last 18 months and found new ways to bypass cyber barriers at companies of all sizes. As cyber threats evolve, enterprises are faced with difficult protecting network perimeters, with even one misstep having the potential to cause major financial and reputation damage.
From ransomware to viruses and spyware and scams; a diverse range of malicious software threats are becoming increasingly challenging to keep on top of effectively. The ransomware as a Service (RaaS) model has grown rapidly over the past year, due in part to its relatively high success rate and ease of use. This subscription model allows affiliates to make use of ransomware products to execute cyber-attacks and then earn a percentage of the ransom payment.
While RaaS is not a new concept, the shifting technological landscape at businesses due to COVID were working from home and new ways of operating are common, have created unexpected vulnerabilities.
So-called Trojan viruses have also shot up in recent years and are particularly challenging to combat as they are usually disguised as being safe and helpful pieces of software. These viruses have the power to extract sensitive data, once the user downloads the software.
One of the most long-standing Trojans is called Dridex. This virus works slowly but surely collecting credentials once it has been downloaded and then takes full control over the device, which makes it very difficult to effectively combat once it has been discovered.
Spyware software can wreak havoc on businesses and individuals in a very short amount of time. This software operates on a device without the user knowing and gathers extremely sensitive information that can be used to hack bank accounts or steal the identity of a user. There is no question that the shift to online financial services has made this particular piece of malware incredibly effective for hackers that want to gain access to password locked accounts.
Highly sophisticated malware products are constantly being developed, leaving cyber security professionals scrambling to address these threats before they impact users. LemonDuck it’s a piece of malware that is most widely known for its botnet and cryptocurrency mining objectives. Well this software does use device resources for conventional bot and mining activities, it also has the power to spread itself via emails and steal the credentials of users.
When LemonDuck enters a device it not only removes all other pieces of malware but it also stops new infections to ensure it has sole control. Most concerning be, this piece of software can be hard to discover as there is no ransomware payment demanded and unless it is discovered can continue in the background for a great deal of time.
There is not a one-size-fits-all solution to protecting yourself or a business from all the cyber threats in existence today. But the first step should typically be to undertake a cyber security review to ensure no unforeseen vulnerabilities are missed.
For businesses, all employees need to be comprehensively trained to understand the new cyber threats they could encounter. It almost goes without saying that cutting-edge cybersecurity software should be implemented across the enterprise, too.
If the worst is to happen and a cyber attack is successful, having a clear recovery plan is vital. Creating a solid backup will enable a company to recover as quickly as possible in the aftermath of any breach.
Individuals should try their hardest to approach emails or text messages that appear unusual with some scepticism and not to click on any suspicious links. Unique and strong passwords, that are not reused for multiple accounts, and turning on multi-factor authentication are powerful ways to limit the possibilities of being compromised by malicious actors.
Written by Finnbarr Toesland Tue 21 Dec 2021