Malicious software is any software that brings intentional harm to a computer system. Malicious software can take part in a wide variety of forms which could steal protected data, delete documents, or add unwanted software.
Types of Malware
- Adware is a type of malware that automatically delivers advertisements. Common examples of adware include pop-ups on websites and additional programs that are included with free software. Another example of Adware would be unwanted pop-ups in your browsers or a browser add-on that sends your searches through their search engine.
- Bots are software programs created to automatically perform specific operations. An example of a Bot would be the Mirai Botnet that was linked to the Dyn DNS DDOS (Denial of Service attacks of October 2016). It is believed that millions of Internet of Things devices (routers, web cameras, DVRs, etc.) that were infected with malware were used to disrupt the internet for thousands, if not millions of people. The best way to ensure your devices does not become infected is to make sure they are not directly accessible from the Internet. You should also change the default password of any Internet of Things device. You should also keep the device's software up-to-date.
- Ransomware is a form of malware that essentially holds your computer system or data for ransom. The malware restricts user access to the computer either by encrypting files on the hard drive or locking down the system and displaying messages that force the user to pay the malware creator to remove the restrictions and regain access to their computer. Ransomware that encrypts files tend to target the following file formats: 3fr, accdb, ai, arw, bay, cdr, cer, cr2, crt, crw, dbf, dcr, der, dng, doc, docm, docx, dwg, dxf, dxg, eps, erf, indd, jpe, jpg, kdc, mdb, mdf, mef, mrw, nef, nrw, odb, odm, odp, ods, odt, orf, p12, p7b, p7c, pdd, pef, pem, pfx, ppt, pptm, pptx, psd, pst, ptx, r3d, raf, raw, rtf, rw2, rwl, srf, srw, wb2, wpd, wps, xlk, xls, xlsb, xlsm, xlsx
- Rootkit is a type of malicious software designed to allow remote access or control of a computer without being detected by users or security programs. Rootkits are extremely difficult to detect and remove. If a computer is infected with a rootkit, the safest way to remove the software, is to reinstall your computer.
- Spyware is a type of malware that functions by spying on user activity without their knowledge
- A Trojan is a type of malware that disguises itself as a normal file or program to trick users into downloading and installing malware.
- A computer worm is a standalone malware program that replicates itself in order to spread to other computers. It can replicate itself over a computer network and usually, it doesn't require any interaction from the user. A good example is the Worm: Win32 Conficker otherwise known as Downup, Downadup and kiddo.
At time of this article (November 11, 2016), there are over two hundred different ransomware malware. The list of ransomware keeps growing every day. The best defense against ransomware is to ensure that you have good backups, don't open files or links from untrusted sources and keep your computer's software up-to-date.
Detecting Malware Infections and What To Do
If you noticed that you're unable to open any of the file types listed above or that you have new files in some directories such as readme.txt or howtodecrypt.txt, then you're probably infected.
If you think your computer might be infected with malware, shut down the computer immediately. If you're lucky, you might be able to stop the infection before it infects all your files. After your computer is turned off, immediately contact the DECS Support Office at 517-353-8891. How your computer is handled will be decided on a case by case basis. It may be necessary to restore local files if there is a backup available. This is one reason why you should save all your files onto our network drives.