Security

Malware – Definition and meaning

4 min read 4.058 views

What is Malware? What is malware? Find out more about types of malware, typical damage scenarios and tips for effective protection in companies and at home.

Basics and definition of malware

Malware encompasses various types of software developed to undesirably influence IT systems: it can manipulate data, disrupt processes or obtain unauthorised information. The term is made up of the words "malicious" and "software" and describes numerous threats - including viruses, worms, Trojans, ransomware, spyware and adware. Private individuals as well as companies and public institutions are repeatedly targeted by such attacks. The underlying objectives range from financial incentives and industrial espionage to targeted sabotage.

Types and functionality of malware

The functionalities of malware are multi-layered and are constantly being further developed in order to undermine security mechanisms. The most common variants include

Viruses: Attach their malicious code to files and only activate themselves when a user opens or executes the infected programme. They are dependent on the user passing them on.
Worms: Use network connections to spread independently to other systems without requiring user interaction.
Trojans: Disguise themselves as legitimate software, but bring unrecognised, harmful functions to the system.
Ransomware: Encrypts data and demands a ransom for its decryption - often in cryptocurrencies.
Spyware: Obtains targeted information about usage habits and sensitive data and sends it to third parties.
Adware: Displays unwanted adverts and usually tracks activities on the computer to create profiles.

The most common infection paths include manipulated email attachments, downloads from unofficial sources, compromised USB sticks and security vulnerabilities in regularly used applications. Phishing campaigns and social engineering specifically exploit human behaviour to infiltrate malware or facilitate its spread.

Practical examples and potential damage

One striking example is the "Emotet" Trojan. Emotet entered the IT infrastructure of numerous companies via deceptively genuine emails, spread automatically in networks and enabled criminals to download further malicious programmes. The damage caused in Germany alone was in the hundreds of millions.

Ransomware attacks such as the WannaCry attack in 2017 showed how quickly malware can spread globally: Tens of thousands of systems worldwide were encrypted in a short space of time. Hospitals, transport companies and public authorities in particular were affected and had to temporarily shut down operations completely. Many of those affected paid the ransom demanded but were unable to regain access to their data despite paying.

Such incidents not only lead to high financial losses, but can also impair the functionality of central organisations for days and permanently damage public trust. Small and medium-sized companies with limited protective measures are particularly vulnerable, but large international corporations and public authorities also face cybercriminals.

Protective measures and recommendations

Effective protection against malware requires a combination of technical infrastructure, organisation and sensitised employees:

Regular updates: continuous updating of operating systems, applications and protection software closes known vulnerabilities promptly.
Anti-virus software: Modern security programmes detect current threats at an early stage and eliminate many malware threats on first contact with the system.
Backups: Routine and verified data backups enable recovery in the event of damage - regardless of whether the attack involves encryption or data manipulation.
Sensitisation: Regular security training makes employees aware of typical attack strategies such as phishing or suspicious websites.
Access management: Restricted rights and graduated security levels prevent malware from spreading unhindered.
Network segmentation: Structuring networks into individual areas reduces the risk of malware spreading across systems.

However, if an incident does occur, infected devices should be isolated immediately and compromised access blocked. Experienced IT specialists - both internal and external - should be involved in order to analyse the causes and prevent consequential damage. In serious cases, co-operation with law enforcement authorities and IT forensic experts will help to further clarify the situation and preserve evidence.

Conclusion

Protection against malware requires continuous efforts on several levels. In addition to technical prevention, the security awareness of all users is crucial. Those who rely on tried-and-tested protective measures and regularly inform employees create the basis for an effective defence against a wide range of threats.

Frequently asked questions

What is malware and how does it differ from other types of software?

Malware refers to malicious software that has been developed to damage or manipulate IT systems. Unlike regular software, which is created for useful purposes, malware aims to steal data, disrupt systems or cause financial damage. The different types of malware include viruses, worms, Trojans and ransomware, each of which uses different methods to carry out their malicious functions.

How does ransomware work and what effects does it have?

Ransomware is a special type of malware that encrypts data on a computer or network and demands a ransom for decryption. The impact is often devastating, as affected companies and organisations may no longer have access to critical data. This can lead to financial loss, business interruption and a long-term loss of customer confidence.

What types of malware are there and how do they differ?

There are different types of malware that differ in their mode of operation and purpose. Viruses attach themselves to files and require user interaction to become active. Worms spread independently via networks, while Trojans disguise themselves as legitimate software. Ransomware encrypts data and demands a ransom, spyware secretly collects information and adware displays unwanted adverts. Each type has its own dangers and methods of distribution.

How can you protect yourself effectively against malware?

Effective protection against malware requires several measures. Regular updates of operating systems and applications close security gaps. The use of antivirus software recognises and eliminates many threats. Regular backups are also essential in order to be able to restore data in the event of damage. Raising employee awareness of phishing and other attack methods is also crucial to minimise the risk of infection.

What are the most common infection paths for malware?

Malware often enters systems via various infection paths. The most common are manipulated email attachments that trick users into opening infected files. Downloads from unofficial sources and the use of compromised USB sticks are also common methods. In addition, cyber criminals use phishing campaigns and social engineering to exploit user trust and infiltrate malware.

What role do updates play in combating malware?

Updates play a crucial role in the fight against malware, as they close known security gaps in software. Many malware variants exploit vulnerabilities in outdated programmes to infiltrate systems. By regularly updating operating systems, applications and anti-virus software, the likelihood of malware successfully penetrating is reduced, which significantly improves the protection of the IT infrastructure.

How do you recognise whether a computer is infected with malware?

There can be many signs of a malware infection. These include sudden system slowdowns, unexpected error messages or the appearance of unknown programmes. Access to files may also be restricted or unexplained network activity may occur. Regular scanning with anti-virus software can help to detect and remove malware at an early stage before it can cause major damage.

Name	`PHPSESSID`
Description	Stores the user's current session ID.
Host	jobriver.de
Lifetime	Session
Type	HTTP

Name	`jobriver_consent`
Description	Stores your cookie consent decision.
Host	jobriver.de
Lifetime	365 days
Type	HTTP

Name	`jr_lang`
Description	Stores the selected language so the site is shown in your preferred language.
Host	jobriver.de
Lifetime	365 days
Type	HTTP

Provider	Website operator (first party)
Privacy policy	https://jobriver.de/en/privacy

Name	`_ga`
Description	Used to distinguish individual users.
Host	jobriver.de
Lifetime	2 years
Purpose	Tracking
Type	HTTP

Provider	Google
Description	Google LLC, the parent company of all Google services, is a technology company that offers various services and is engaged in developing hardware and software.
Address	Gordon House, Barrow Street, Dublin 4, Ireland
Privacy policy	business.safety.google/privacy
Cookie policy	policies.google.com/technologies/cookies

Name	`_fbp`
Description	Used by Meta to display a range of advertising products, e. g. real-time bidding from third-party advertisers.
Host	jobriver.de
Lifetime	3 months
Purpose	Marketing
Type	HTTP

Provider	Meta Platforms
Description	Meta Platforms, Inc. (formerly Facebook, Inc.) is a technology company that operates social networks, messaging services and advertising technologies.
Address	4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Privacy policy	facebook.com/privacy/policy
Cookie policy	facebook.com/privacy/policies/cookies