Malware vs. Viruses: Understanding the Threat Landscape
There is a misconception about what malware and viruses are. Many people use it interchangeably, however, they are two different things. Malware is any malicious software that has a goal to harm someone’s data or systems. The virus is just a type of malware.
In this article, we will discuss malware, viruses, and their variations, address common questions, and provide you with some insights on how to protect your infrastructure.
The Frequent Misuse of Malware and Virus Terminology
The confusion between malware and viruses arises from various factors. One of them is media representations in TV and movies. In some movies, the term virus has been used to describe any form of malicious software. For instance, in the 1995 movie Hackers, the virus was used broadly to refer to various cyber threats.
Furthermore, the internet contains a significant amount of misinformation, including on technical websites. Therefore, as technical professionals, we must represent information accurately.
All of these things contribute to a lack of clear understanding of the terms malware and viruses and their broader context.
Here we are to explain it the right way.
The Difference Between Malware and a Virus
We’ve already clarified that a virus is just one type of malware, and malware is a broader term used to describe various malicious software. Common questions about malware and viruses can be found under the FAQ section at the end of the article.
How viruses are spread? Viruses can be spread via email attachments, file-sharing networks, Internet downloads, removable media, and software packages.
How is malware spread? Different types of malware are spread the same way as viruses. Additionally, phishing and social engineering are two of the most common types of attacks. Phishing and social engineering involve tricking people into revealing their sensitive data by impersonation. Phishing attacks are delivered through emails, SMS; voice, and QR scam codes. For example, impersonating a CEO and calling HR to request payroll lists. Does it sound legitimate or not?
Types of Malware
There are various types of malware. In this section, we will address the most common ones.
Viruses
Viruses are malicious programs that attach themselves to legitimate files and executable programs and replicate themselves when executed. One of the first viruses to emerge in the market was Melissa (1999). It was attached to Word documents and spread via email. When opened, it infected documents and sent them to people in the user’s address book.
Trojans
Trojans (The Trojan Horse) appear as legitimate software but contain hidden malicious code. Trojans do not replicate like viruses but provide a backdoor to attack the victim’s machine. The story of the Trojan Horse in the movie Troy has also become a metaphor for trojans malware. Have you watched the movie?
Worms
Worms are a type of malware that spreads and replicates across networks without user intervention. One of the first worms, ILOVEYOU (2000), was spread as an email attachment with the subject ‘ILOVEYOU,’ which is how it got its name.
Once executed, it infected the computer, overwriting files and sending copies to the victim’s email contacts. Sounds similar to viruses? It does, but the difference is that viruses require user intervention, whereas worms don’t.
Ransomware
Ransomware encrypts files and machines in your infrastructure, and attackers demand payment for the decryption key. Ransomware is one of the most common attacks nowadays. WannaCry made headlines in 2017 when it infected thousands of computers in over 150 countries.
It exploited vulnerabilities in Windows systems. Since COVID started and with the shift to remote work, new ransomware has been appearing almost every week.
According to our Ransomware attacks survey, major data breaches in 2022 cost their victims an average of $4.35 million, a 2.6% rise from the 2021 average of $4.24 million. Additionally, 14.1% of ransomware victims lost data, and 6.6% had to pay the ransom.
Spyware
Spyware collects information about a user’s online activities, often without their knowledge, and sends his data to a remote server. A spyware attack sounds dirty. Does it?
Adware
Adware is a type of malicious software that displays unwanted ads and often redirects you to untrusted websites.
Keylogger
Keyloggers record what users are typing on the keyboard (credit card information, credentials) and send it to attackers. Keyloggers are a monitoring tool that, in most cases, are associated with criminal activity.
RAM scrapers
RAM scrapers are a type of malicious activity where attackers steal information from the RAM, such as credentials and credit card numbers.
Botnet
A botnet is a network of infected computers that work together to launch DDoS or other types of attacks and are controlled by an attacker.
Rootkits
Rootkits hide in the root of the operating system and provide attackers with access to it.
These are some types of malware. Additionally, there are variations of them.
Types of Viruses
There are also various types of viruses. One of the questions that usually pops up is if all viruses are considered malware. The answer is yes, all viruses are a type of malware, but not all malware are viruses. Here are some types of viruses:
File infector viruses
File Infector viruses attach themselves to executable files and can infect others when executed.
Boot sector virtuses
Boot sector viruses target the boot sector of the operating system and execute when the operating system boots.
Macro viruses
Macro viruses are found in documents and spreadsheets. They exploit macros in applications like Microsoft Word and Excel. It is recommended to turn off macros.
Polymorphic and metamorphic viruses
There are also polymorphic and metamorphic viruses. Polymorphic viruses change their code each time to infect a new host, making it very difficult to detect. On the other hand, metamorphic virus rewrites their code with each infection making it also very difficult to detect.
There are other types of viruses, including web scripting viruses, browser hijackers, resident viruses, direct action viruses, multipartite viruses, and more.
Is It Necessary to Have Both Antivirus and Malware Protection?
While it can be conflicting to have two antivirus programs running simultaneously, having antivirus and malware protection on the same machine is recommended. The reason lies in the difference between malware and viruses.
Does an antivirus remove malware? Antiviruses are designed to detect and remove viruses, not malware. That being said, standard antiviruses may not provide full protection for other types of malware threats.
However, with some security vendors, their capabilities extend to other types of malware.
How to Protect Against Malware and Viruses
Several different methods help protect against malware and viruses. As a fundamental rule, we should ensure that we have a proper understanding of IT security.
Keep your operating systems updated to the latest version. This is one of the most important criteria, as many attacks occur due to unpatched operating systems.
Install antivirus software on your computer. Antivirus programs offer real-time protection, which helps detect viruses while you work.
Don’t use pirated software; they are often packaged with malware and backdoors, which can help attackers remotely access your system. Always purchase commercial software.
According to our Cyber Security Report, almost 40% of attacks are delivered via phishing emails. We often see viruses or other types of malware integrated into different file types, including Word, Excel, PDF, and archives.
Ensure that you have ongoing cybersecurity training in your company. Your IT department and end users should be trained in how to handle phishing emails, social engineering, and anything suspicious.
At Hornetsecurity, we have developed Security Awareness Training that helps you simulate different types of attacks that usually come from phishing emails. Find out why cybersecurity training is an imperative for your employees.
Keep your operating systems updated to the latest version. Ensure the installation of all types of updates, as even we humans can pose a threat to our system.
To properly protect your cyber environment, use Hornetsecurity Security Awareness Service, Spam & Malware Protection, and Advanced Threat Protection to secure your critical data.
We work hard perpetually to give our customers confidence in their Email Encryption, and Email Archiving strategies.
To keep up to date with the latest articles and practices, pay a visit to our Hornetsecurity blog now.
Conclusion
Malware and viruses are very often used to refer to the same thing, however, they are not. The virus is just a type of malware among many others. There are different variations of malware including viruses, worms, trojans, adware, spyware, ransomware, and more.
Additionally, there are different types of viruses as well. That includes file infector viruses, boot sector viruses, macro viruses, polymorphic, metamorphic, and others.
In order to protect your infrastructure against viruses and malware, it is recommended to have both antivirus and malware protection installed on your machine.
FAQ
No, it is not. A virus is just one type of malware among many others.
Malware refers to various malicious software used to infect and harm victim data and systems. It is spread in different ways, mostly through phishing and social engineering attacks.
A virus is a type of malware that attaches itself to files and folders.
A Trojan is a type of malware, and both Trojans and viruses are different categories of malicious software (malware).
Malware and spam are two different things. Malware is a broad term used for various types of malicious software, including viruses, Trojans, ransomware, spyware, and more. Spam is one of the ways malware is spread, mostly via emails.