Attacks

Malware

What is malware?

Malware is software written to damage, spy on or remotely control a system. It covers viruses, trojans, ransomware, spyware and loaders whose only purpose is to fetch further malicious code.

Malware reaches your devices through a small number of recurring routes. An attachment or link in an email, a macro in an office document, meaning a small program embedded in a file, a fake download page for a well-known program, a USB stick of unclear origin, an internet-facing service with a missing update, or stolen credentials for a remote maintenance account. In every case a single device is enough as a starting point, from which the attacker moves onward through the network.

The everyday signs are quiet ones. Antivirus software has been switched off on one machine or keeps reporting detections, programs start up that nobody installed, colleagues receive emails from your company that nobody sent, accounts get locked out, or a computer is busy overnight. Current malware is built to remain unnoticed for as long as possible, so a calm screen is no evidence of a clean network.

If you suspect an infection, follow a simple order. Disconnect the device from the network by unplugging the cable and switching off the wireless connection, so the malware cannot spread further. Change passwords from a different, uninvolved device. Avoid do-it-yourself cleaning while the machine keeps running, because that destroys the traces needed to understand the incident and to judge any reporting duty. An infected system is rebuilt from scratch and restored from a verified backup.

Prevention rests on a few building blocks that work together. Current updates close the holes through which malware arrives without any human help. Antivirus software with behavioural detection and central analysis, often called EDR, reports suspicious behaviour even for unknown threats. A day-to-day account without administrator rights limits what a malicious program can do. Macros from the internet are blocked, and backups are kept separate from the network. The IT Check examines patch levels, antivirus, permissions and backups together, because any one of these measures carries little weight on its own.

All terms in the knowledge base

From the term to practice

Where does your business actually stand?

The IT Check reviews your IT across 8 audit areas with more than 100 individual checks and delivers documented findings with a prioritised action plan. From 1,299 € excl. VAT. The first call takes 20 minutes and carries no charge.

Book a first call