We have been asked for a cheat sheet to quickly explain some of the terms our staff and other companies staff are using are when explaining your workstation is infected:
Common types of Malware designed to harm your computer, such as viruses, worms, Trojan horses and rootkits.
- A computer virus is a program that attaches itself to an application or “host file” and then spreads by making copies of itself. Some type of human action (e.g. opening an attachment) is always required for a virus to take effect. Once a virus gets onto your computer it might modify, delete, or steal your files, make your system crash, or take over your machine.
- A computer worm is like a virus, but it infects other computers all by itself, without human action and without a host file. It usually infects other computers by sending emails to all the names in your email address book.
- A Trojan horse is a program that tricks you into running it by appearing useful or harmless. However, once it is run it damages your computer, usually by providing “back door” access to the computer. This allows hackers to control or use your computer, destroy or steal files, install viruses or spyware, or run arbitrary programs.
- A rootkit is a program that allows an intruder to gain access to your system without your knowledge by hiding what it is doing on the system. The intruder can then install difficult-to-detect back doors into your system to seize control.
Everyone is aware of Malware and cyberattacks today. The media covers every credit card breach and every security loophole discovered. But the reality for many businesses is that the blame for security breaches lies inside the office. Criminals in faraway countries may design and launch the attacks, but their success is often due more to human error than technology.
While your business can and does implement technology to limit the companies vulnerability to a wide variety of attacks, technology isn’t your only line of defense. Numerous studies indicate that cyberattacks are often successful because company employees let the attackers in.
A 2014 study conducted by IBM found that in 2013, human error was involved at some level in more than 95 percent of security incidents. The most common “mistake” was an employee clicking on a malicious email link that compromised the corporate defenses in some way.
The very best defense today is employee vigilance. We cannot stress enough that each employee with access to company resources be aware of Malware and that you company have an email policy that helps employees determine unsafe emails.