Avertium is kicking off October, Cybersecurity Awareness Month, by providing clarity on an often-confused topic: What is the difference between malware, ransomware and phishing attacks? It’s a great question, so let’s dive in.
Malware, ransomware and phishing attacks are nothing new to enterprise and small business cybersecurity teams. With total annual losses in the trillions of dollars, there’s no hiding from their impact: Organizations are continually being challenged to protect themselves against threats that are multiplying and evolving faster than ever.
Here are the basics you need to know about these persistent and increasingly sophisticated forms of cyberattack:
What is Malware?
Malware is an umbrella term, and it’s a sizable umbrella: The amalgamation of “malicious” and “software” is used to refer to any intrusive, unwanted software that is designed to compromise, damage or destroy your computer, device, network, or the data contained within. The most common examples of malware include:
- Fileless malware
Because malware is so broad in its definition and diverse in applications, getting hit by one malware attack can look different from another. A virus might overwrite system files and use your email address book to send copies of itself to new victims. A trojan might hijack your device to assemble an army of bots that conducts DDoS attacks on other targets. Adware might take over the settings on your browser and spam you with full-screen ads, popups and videos.
CSO Online has an analysis of emerging trends that reveals the global impact of malware, including that 94% of malware is delivered via email.
Related Reading: Using Application Whitelisting to Stop Malware
What is Ransomware?
Ransomware is a specific variety of malware that infects target devices, locks or encrypts files and programs to prevent their use, and demands a ransom from you in return for their release. Fees are typically in the hundreds or low thousands of dollars, to make the ransom more palatable than an alternative mitigation and are often demanded in bitcoin.
A malicious link within an email is the most common vector for ransomware. A message may appear to be from a trusted source; however, clicking the link leads you to a site that downloads the attack package.
Ransomware is so lucrative that it has become commoditized. Criminal websites that offer ransomware-as-a-service allow anyone to launch these attacks, with little or no technical knowledge required.
Cybersecurity insurer Coalition reports that ransomware accounts for 41% of reported losses, far ahead of runners-up funds transfer loss (27%) and business email compromise incidents (19%).
Related Reading: How to Leverage Your SIEM to Detect and Respond to Ransomware
What is a Phishing Attack?
Phishing attacks are often a vessel to deliver malware that masquerade as a communication from a trusted or reputable source. This type of cybercrime can come in the form of an email, a phone call (vishing) or text message (smishing). The most common conduit is through email, with 96 percent of phishing attacks in 2019 leveraging the tool.
A phishing attack may look or sound like it’s from a company, friend or family member, even someone within your own organization and contain a request for privileged information, or a link or attachment that results in a malicious download. Common phishing scams seem to come from a bank, credit card company, social media site, or online payment site.
More sophisticated phishing attacks can be a fraudulent invoice, an alert about supposed suspicious activity from your account, a coupon or reward offer, or a fake confirmation notice. Phishing kits allow cyber criminals with limited expertise to spam attacks with authentic-appearing emails or text messages.
The 2019 Verizon Data Breach Investigation Report noted that nearly one-third of all breaches for the reporting period involved phishing.
Learn More About Protecting Your Organization from Common Threats
Damaging malware, ransomware and phishing attacks are very common, and also avoidable. Your enterprise or small business can limit vulnerability and reduce risk by ensuring systems are updated and patched, implementing regular staff training and making cybersecurity awareness an organizational priority.
Avertium assists organizations with developing and managing resources designed to eliminate risks from malware, ransomware and phishing attacks. Contact us to learn more about strategies and solutions that improve your security and compliance stance.
Rising Ransomware Attacks, the Advent of XDR, & What it Means for the Future of Threat Detection and Response
Access this webinar-on-demand for a fast-paced virtual panel discussion to learn about these key topics:
- New threat vectors arising from the remote work model
- Technology countermeasures and their limitations
- Traditional MSSP vs MDR vs a whole new approach