Protecting your business from malware

Malware (malicious software) is software intended to infiltrate and damage or disable computers. Malicious software attacks have existed for decades and according to the 2014 Information Security Breaches Survey, commissioned by the Department for Business, Innovation and Skills, more than 25% of UK SMEs suffered a virus or other malicious software attack in 2013.

There are two main types of malware. Software viruses are executable files loaded onto your computer either without your knowledge or when run you remain unaware of their effects. Macro viruses use the macro facilities found in many types of software to achieve the same effect.

To cause damage, malware must get onto one of your computers and then be executed. Like a physical virus, just because you suffer no ill effects it doesn’t mean you don’t have an infection. And, you can infect and damage others by unknowingly passing on the malware.

Spyware and worms

Some malware is designed to remain unnoticed, for example, spyware, malware designed to steal information about your computer activity. It can work in many ways, from creating pop-up advertisements to stealing your bank login details by taking screen shots of sites you visit and even logging the keys you type.

A worm is malware designed to spread automatically to other computers. Usually, your computer suffers no ill effects until after the worm has been passed on.

Malware can get into your network in many ways. It can be brought in deliberately by users – perhaps in the guise of games software or surreptitious copies of software you haven’t legally purchased. Users can also be tricked into downloading malware by malicious websites, while such sites can use bugs in your browser software to download and install malware without your knowledge. Another common route is through email attachments.

Protective measures

There are three things you can do to protect your business from malware. The first – and most important – is to show self-discipline and remain risk aware. Always exercise caution before opening attachments, clicking on links in emails or visiting unfamiliar websites.

The second is to make sure your software is up to date, with all security patches applied. Much malware is designed to exploit known flaws to achieve infection without your knowledge (what you can’t see, you can’t stop).

Finally, antivirus and intrusion detection software can sense when an infection is about to take place and prevent it. You can find out more about this on our securing networks and intrusion detection pages.