The most common malware attacks of 2018
It was a busy year for malware. We saw an increase in malware targeting businesses, an increase in ransomware, and even a return of some “retro” malware. Here’s a look at the most common malware attacks of 2018 and what we can learn from them.
Ransomware
Ransomware continued to be a major problem in 2018. This type of malware encrypts a victim’s files and then demands a ransom be paid in order to decrypt them. It’s often spread through phishing emails or malicious websites.
In 2018, we saw a number of high-profile ransomware attacks, including:
• The WannaCry attack that hit the UK’s National Health Service
• The NotPetya attack that affected companies like Maersk, Merck, and FedEx
• The SamSam attack that targeted US municipalities
• The Bad Rabbit attack that hit organizations in Russia and Ukraine
Businesses were the most common target of ransomware attacks in 2018, but we also saw attacks against individuals and even governments. The WannaCry attack, for example, affected over 200,000 computers in 150 countries.
While ransomware attacks can be devastating, there are some steps you can take to protect yourself. First, make sure you have backups of your important files. That way, if your files are encrypted, you can restore them from your backups. Second, be careful about the emails you open and the websites you visit. Avoid clicking on links or opening attachments from unknown senders. And, be sure to keep your security software up to date.
Malware Targeting Businesses
We also saw an increase in malware attacks targeting businesses in 2018. These attacks are often aimed at stealing sensitive information, such as customer data or intellectual property.
One of the most common types of business-targeting malware is “crypter” malware. This type of malware is used to encrypt other malware, making it harder for security software to detect and remove.
In 2018, we saw a number of high-profile business-targeting malware attacks, including:
• The Petya/NotPetya attack that hit companies like Maersk, Merck, and FedEx
• The Bad Rabbit attack that targeted Russian and Ukrainian organizations
• The Olympic Destroyer attack that disrupted the 2018 Winter Olympics
These attacks show that businesses need to be vigilant about security. They should have security measures in place to protect their data, such as intrusion detection systems and firewalls. They should also educate their employees about security risks and how to avoid them.
Retro Malware
While most malware is designed to target the latest versions of Windows or macOS, we did see a resurgence of “retro” malware in 2018. This type of malware is designed to target older versions of Windows, such as Windows XP.
One of the most notable retro malware attacks of 2018 was the “BadRabbit” attack that hit Russia and Ukraine. This attack used an old version of the “CIA Hacking Tool” to spread malware to the computers of organizations in those countries.
What can we learn from these attacks?
There are a few things we can learn from the most common malware attacks of 2018. First, ransomware is still a major problem. Businesses need to be especially careful about this type of malware. Second, we saw an increase in malware attacks targeting businesses. These attacks can be very damaging, so businesses need to have good security measures in place. Finally, we saw a return of some “retro” malware. This shows that even old versions of Windows can be vulnerable to attack..Citation
The different strategies used to defend against malware
Malware, short for malicious software, is any software used to disrupt computer operations, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software. “Malware” is a broad term used to refer to a variety of forms of hostile or intrusive software.
There are four primary types of malware:
Viruses: A virus is a type of malware that self-replicates by inserting itself into other programs or files. Once a virus infects a computer, it can spread to other computers by attaching itself to emails, downloads, or other files that are shared.
Worms: Unlike viruses, worms do not need to attach themselves to other programs in order to spread. Instead, they can spread themselves by creating copies of themselves and sending those copies to other computers on a network.
Trojan Horses: A trojan horse is a type of malware that masquerades as a legitimate program or file in order to trick users into downloading or installing it. Once it has been downloaded or installed, a trojan horse can allow attackers to gain access to a computer and perform malicious actions.
Spyware: Spyware is a type of malware that collects information about a user without their knowledge or consent. It can be used to track a user’s online activity, collect sensitive information, or take control of a user’s computer.
Adware: Adware is a type of malware that displays advertising on a user’s computer. It can be used to redirect a user’s web browser to unwanted websites, display unwanted pop-up ads, or collect information about a user’s online activity.
There are a variety of different strategies that can be used to defend against malware. Below are some of the most common:
Antivirus Software: Antivirus software is a type of security program that can be used to detect and remove malware from a computer. It works by scanning a computer for known types of malware and removing any that it finds.
Firewalls: A firewall is a type of security system that can be used to block or restrict access to a computer network. It can be used to prevent malware from spreading to other computers on a network.
Intrusion Detection Systems: An intrusion detection system (IDS) is a type of security system that monitors a computer network for suspicious activity. It can be used to detect and prevent malware from spreading on a network.
Network segmentation: Network segmentation is a security technique that involves dividing a computer network into smaller segments. This can help to prevent malware from spreading across a whole network.
Web Filtering: Web filtering is a security technique that involves blocking access to websites that are known to be malicious. It can help to prevent users from accidentally downloading or installing malware.
There are a variety of other strategies that can be used to defend against malware. Some of these include: training users not to open email attachments from unknown sources, disabling auto-run features on computers, and using application whitelisting.
Visit malwarezero.org to learn more about malware. Disclaimer: We used this website as a reference for this blog post.