When cybersecurity professionals talk about “malware,” that term tends to be a catch-all word for wide-reaching types of malicious software used to breach devices and business networks. Years ago, the same general term was called aa “computer virus.” While these and other insider jargon represent legitimate ways of articulating the weaponry used by hackers, the evolving methods used to deploy malware have eye-raising implications.
Recent reports of the scammers using a phone number that appears to originate from the Department of Health in Highlands County, Florida, could have ties to malware deployment. By understanding how malware delivery has evolved and the unique criminal strategies used, your knowledge could empower you to deter an otherwise devastating data breach.
The earliest malware, Creeper, originated in the 1970s. It moved from one computer to another but was seemingly unable to spread like today’s viruses. Creeper could reportedly only infect one device at a time. Not designed to be malicious, its limited deployment rendered it relatively harmless regardless.
But when malware such as Brain and the Morris Worm were unleashed, their self-replicating abilities were the equivalent of an electronic pandemic. The Morris Worm could inflict upwards of $100,000 in damage. These early forms of malware quickly became more refined and are commonly understood by the following categories.
Trojans: Taking their name comes from the fabled Greek Trojan Horse, this type of malicious software is disguised as something legitime. Once inside a device or network, it carries out its purpose.
Spyware: This type of malware monitors device user actions. It can slip past subpar antivirus software.
Worms: These are designed to spread from system to system without users taking a specific action.
Ransomware: Ranked among the most financially devastating types of malware, this malware aids cybercriminals in taking control of complete networks and digital assets. Online thieves then require a Bitcoin payment to release control back to the owner.
Wipers: With the goal of destroying all of your digital assets, this malware literally wipes servers clean. Businesses that get stung by wipers can lose everything.
According to resources such as CSO Online, cybercriminals spend as little as $500 to spread malware via email, $183 for spyware, and $1,000 for major ransomware deployments. The average cost of falling victim to a malware attack runs upwards of $3.86 million.
In terms of deployment, early malware relied on now-defunct Floppy Discs being inserted into computers. Other methods include physical delivery from USB drives or a CD, among others. But today, digital thieves widely weaponize electronic messaging such as email, social media posts, texts, and others. Once someone downloads a file or clicks on a link, the malware takes root in the device or network. But the question remains unanswered, how are malware and deployment-related to getting an unusual phone call from a Florida health agency?
As technology has been incrementally used for nefarious purposes, criminals devised increasingly more complex schemes. Sophisticated scams may leverage multiple communication platforms. For instance, digital thieves may have penetrated your residential router, deposited malware, and now just need one or two bits of information to access bank accounts. A phone call from a seemingly legitimate source could give them the final data needed.
Cybercriminals are now able to mine personal data from social media and professional platforms to put together electronic messages and make phone calls that seem legitimate. They’re looking to secure otherwise protected data so they can deliver malware and make organizations pay.
As a leader in cybersecurity, SemTech IT Solutions urges our valued Winter Park and Central Florida community members not to offer callers personal information. Hang up and dial agencies directly and call our experienced team to harden your business defenses against malware and other threats.