Malwares: what are the risks for businesses?

The term “malware” is a contraction of “malicious software”. Malware encompasses any type of malicious code sent by e-mail and installed on computing devices with the aim of taking control and stealing essential business data.

An increase in e-mail attacks is predicted for the year 2024, an evolution supported by the emergence of malware escaping detection thanks to artificial intelligence. Hackers are successfully masking this malware and obfuscating code to circumvent existing security measures. This threat is becoming increasingly difficult to counter.

What are the different types of malware?

According to a Fortinet survey, 78% of companies believe they are protected from malware, yet 50% are actually victims. In fact, there are different types of malware.

• Polymorphic malware: This malware modifies its code from target to target in order to bypass security measures.
• Metamorphic malware: This malware rewrites its code with each infection. They are almost impossible to identify and remove.
• Trojan horses (Remcos Trojan) or Remote Access Tool (RAT): This attack consists in stealing sensitive data, often even banking data, by gaining extensive remote control capabilities.
• Ransomware as a service: Ransomware encrypts and blocks files, preventing access until the user pays a ransom to unlock the system. Ransomware as a service, on the other hand, is the business of renting out this malware to other cybercriminals.
• Noise generation: This type of malware consists in adding an inconspicuous element (code or text) inside files sent by e-mail to modify the fingerprint of a known threat.
• Cryptojacking: This malware takes over computer devices to generate fake cryptocurrency, often masquerading as Bitcoin.

A few examples of malwares

Cybercriminals embed malware in OneNote attachments (January 2023)

By making macros inactive by default within the Office suite, Microsoft has considerably reduced the vulnerability of its office suite. However, since last December, cybercriminals have been spreading OneNote attachments designed to trigger the execution of malware.

Cyber espionage operations against the Ukrainian government (February 2023)

Malicious actors used REMCOS TROJAN (or Trojan Horse) in cyber espionage operations targeting Ukrainian government entities. These attacks were carried out through phishing campaigns, discreetly breaking into highly secure state systems. Often during political wars, chaos and misinformation reign. This facilitates the use of malware or advanced phishing. Attacks go undetected, due to the detour of attention caused by the media.

Hamas collective cyberattacks (October 2023)

A collective of hackers affiliated to Hamas has deployed malware to destroy all the data of their Israeli targets. The software is called “wiper”, well known to cyber defense services, programmed to render all files unusable on any type of workstation by writing new data over them.

Ransomware attack on the Loiret departmental council (November 2023)

In early November 2023, the Loiret departmental council suffered a ransomware attack to which employees were given 12 days to respond by paying the demanded ransom. Following an in-depth investigation, it was concluded that the attack originated from the Lockbit hacker group. This cybercriminal collective also targets several hospitals, town halls and SMEs. It is known for managing malware leased to other hackers (malware or ransomware as a service).

What impact does malwares have on companies?

Malware represents a major threat to businesses of all sizes. Their direct and indirect impact is considerable. These include data loss, financial loss, theft of sensitive information and operational disruption. Cyber attacks also affect the company’s reputation and the confidence of employees and customers. The direct effects are linked to business interruption and loss of sales, while the indirect impacts affect the reputation and image of the targeted organization.

Beyond the immediate damage, malware can cause long-term disruption, resulting in lost revenue and high recovery and insurance costs. Ransomware is a particularly virulent form of malware, capable of bringing computer systems to a complete halt, forcing companies to pay a ransom to regain access to their software. Effective prevention and detection of malware, particularly through advanced cybersecurity solutions, is therefore essential to protect digital assets and ensure business continuity.

What prevention strategy should be put in place to protect your messaging system?

Employee training and awareness: To guarantee the best possible security for your e-mail system, employee training is crucial. Strict security policies and regular maintenance of IT systems are also essential to prevent potential cyber-attacks.

Advanced security solutions: On the other hand, you need to implement advanced solutions to anticipate and block threats. Not to mention the importance of continuous innovation in the field of e-mail security to stay one step ahead of the various malware that are spreading.

This continued growth in malware presents challenges, and with a combination of advanced solutions like Altospam’s Mailsafe (anti phishing, anti spearphishing, anti malware and anti ransomware), businesses can strengthen their security and guard against emerging threats. Keeping abreast of new trends and adapting quickly is essential to protect data and systems against malware attacks.