An Overview of Malware - CompTIA Security+ SY0-701 - 2.4

Understanding Malware: Types and Impacts

What is Malware?

• Malware refers to any software that performs harmful actions on a system, such as gathering keystrokes or displaying unwanted advertisements.

• It encompasses various forms of malicious code, including viruses, worms, ransomware, and Trojan Horses that can compromise data integrity.

Categories of Malware

• Different types of malware include rootkits, keyloggers, spyware, bloatware, and logic bombs. Each type has unique methods for infecting systems.

• Malware often works in conjunction; for instance, a worm may exploit vulnerabilities to install additional malware like remote access backdoors.

Infection Methods

• Common infection vectors include clicking malicious links in emails or encountering drive-by downloads from compromised websites.

• Vulnerabilities within applications and operating systems are exploited by malware; hence regular updates are crucial for security.

The Value of Data and Ransomware

Why is Data Valuable?

• Personal data (photos, documents) and organizational information (financial records) hold significant value for attackers.

• Ransomware attacks capitalize on this value by encrypting data and demanding payment for decryption keys.

Characteristics of Ransomware

• Infected systems may still function normally while personal files become inaccessible due to encryption.

• Attackers display messages about the infection on the operating system to prompt victims into paying the ransom.

Preventive Measures Against Malware

Importance of Backups

• Regular backups are essential; they should be stored offline to prevent ransomware from accessing them during an attack.

Keeping Systems Updated

• Always update your operating system and applications to close security vulnerabilities that could be exploited by malware.

Role of Anti-Malware Software