Malware is code that is designed to maliciously disrupt the normal operation of, or cause harm to, a network or user’s computer, phone, tablet, or other devices. There is a wide range of different malware categories, including but not limited to worms, trojans, spyware, and keyloggers. These terms are often used interchangeably, and a growing number of malware variants now incorporate a blend of different techniques. The vast majority of today’s malware is focused on making money for the malware authors. This is typically done by stealing confidential data such as usernames, passwords, credit card details, or other financial particulars. This sensitive information is then used to launch further attacks on individuals and businesses or is sold to other malicious actors. It is designed to bypass security systems and avoid detection, making it extremely difficult for security teams to ensure that users and the wider business are not adversely impacted.
There are a number of different ways that malware is distributed, resulting in infected devices. These include: a malicious file attached to a phishing email, a malicious URL link in the body of an email, a drive-by download, an infected USB device, direct network intrusion through exploitation of open ports on perimeter firewalls, or, a vulnerability in the device’s operating system or installed applications.