Search

Malware (malicious software) is a general term for software used to interfere with a computer, gather sensitive information, or gain access to a protected information system. This type of software is created and used by cybercriminals and other malicious actors, even governments, to intentionally harm an information system. 

The most recognizable types of malware are computer viruses , but there are other types such as ransomware , trojans , adware, spyware and worms . Each type of malware has its own way of functioning, so the damage caused by each of them is of different degree. 

Despite the fact that there are certain definitions and divisions of malware, the categories cannot be definitively distinguished, so it often happens that one malware performs activities that are characteristic of other types of malware. 

Malware is distributed in a variety of ways. Most users download malware themselves, but as installed programs and devices communicate on the internet in different ways due to their activity, they sometimes have different vulnerabilities that attackers can take advantage of. In most cases, these vulnerabilities are addressed by software and hardware vendors, so it is important to regularly install software and device updates. 

Malware can perform a variety of operations, ranging from redirecting users to fake websites to destabilising the entire system. A special type of malware are keyloggers, which record keyboard strokes and send the records to third parties. Also, there is a type of malware that has the ability to send several thousand emails from an infected computer. Here are some other common types of malware:

• A virus is a type of malware that replicates itself in existing files, programs, and even the operating system  itself. It usually modifies the contents of files or deletes them, which can cause the system to crash if a virus deletes a system file;
• A trojan is a type of malware that, when installed, performs operations that are defined by the attacker, most often deleting or modifying data, but it can often damage the entire system. They usually look like regular and useful installation files, so that is how they got their name;
• Adware (advertising software) is a type of malware that automatically displays advertisements when searching the internet when it infects the system, which brings revenue to the person who created it;
• Spyware (spying software) is a type of malware that collects data from an infected system and passes it on to a third party, usually the one which created it. With this malware, unauthorised persons can gain access to passwords  , personal data, correspondence, etc;
• A worm is a type of malware that replicates itself. This means that if one computer within the system is infected, it is very likely that all computers connected to it will be infected after a certain time. It most often damages the network and the system by slowing down the flow of data in the network. Worms are independent malware, i.e. unlike viruses, they do not have to be linked to an existing program to be transmitted.

Organisations nowadays face one of the biggest security problems and forms of cybercrime, a form of malicious software called ransomware. This form of malware encrypts  files on anything from a single computer all the way up to an entire network, including servers , so that the files cannot be accessed without a decryption key. The attackers then ask for payments in cryptocurrency to provide targets with the decryption key, usually within a short time frame to put more pressure on the targets. 

Some ransomware infections start with clicking on what looks like an innocent attachment that, when opened, downloads the malicious files and begins the encryption process. Larger ransomware campaigns use software exploits and flaws, cracked passwords and other vulnerabilities to gain access to organisational systems using weak points such as internet-facing servers or remote-desktop logins to gain access. The attackers will secretly hunt through the network until they control as much as possible – before encrypting all they can.

Victims of ransomware attack can often be left with few choices; they can either regain access to their encrypted files by paying a ransom to the criminals behind the ransomware, restore files from backups or hope that there is a decryption method freely available.

Small and medium-sized businesses are commonly targeted by ransomware because they tend to have poorer security standards and practices compared to larger corporations.

It is not always easy to recognise malware, as it often happens that users are initially unaware that their device/system is infected. Sometimes malware activity can be noticed due to spontaneous deterioration of system performance. The average user certainly cannot completely remove malware on their own without the use of specific anti-malware software. These programs monitor the system, scan the files downloaded from the internet and email, and if they find any malware, they quarantine it or delete it, depending on the settings. 

However, it is not enough to just install a specific application  that will scan and remove malware - it is also important that users do not install untrusted applications, click on suspicious links, open suspicious emails or visit unreliable websites.

Data backup Digital hygiene Malware Damage Cybercrime Device reset System restore

Hyper-realistic software-manipulated video or audio content, falsely depicting the target’s behavior or speech with the goal of damaging the target’s reputation, degradation of dignity.

Development of Artificial Intelligence (AI) has enabled manipulation that can perfectly mimic reality. This has serious and terrifying implications for the future of fake news and disinformation, as fake content will be more and more difficult to identify.
 

Among other consequences, the spread of fake news has undermined public trust in professional journalism, and it remains to be seen how the media and broader society will cope with  hyper-realistic disinformation. 

https://www.forbes.com/sites/chenxiwang/2019/11/01/deepfakes-revenge-porn-and-the-impact-on-women/?sh=45ed6ff1f53f

Digital hygiene Damage Reputation Tactic

Identity manipulation or misuse of personal data is a serious threat with potentially far-reaching consequences.

There are different forms of identity manipulation and fraud utilising unlawful collection of data, including data leaking, and database hacks, and information dumps, for example. 

The most common reasons for identity manipulation include theft, misrepresentation and cover-up of criminal activity.

Digital evidence Digital hygiene Damage Reputation Identity

Intentional optimization of inaccurate and malicious information on internet search engines (i.e. Google), with the objective of causing damage to the target’s dignity and reputation.

 

Search result indexing can be manipulated using large-scale, coordinated search requests containing inaccurate or malicious information. These search requests and results are up-ranked so that they are the first visible option when the target is searched.  
 

The wife of a former German President filed charges against Google in 2012, claiming the company’s search algorithm resulted in the broad dissemination of  information about her past as a sex worker.

 

Digital hygiene Browser Damage Reputation

Intentional optimization of inaccurate and malicious information on internet search engines (i.e. Google), with the objective of causing damage to the target’s dignity and reputation.

The criminal justice system does not explicitly prohibit this or identify it as a criminal act. From a technical viewpoint, Google bombing does not imply the misuse or manipulation of personal data. Rather it is seen as a misuse of the (Google) search engine. In certain cases, this type of assault can be prosecuted via Unauthorised Access to Computer, Computer Network or Electronic Data Processing (art.302 of the Criminal Code ). In this case, criminal charges, together with collected evidence  (screenshot  of the search results, analysis of the search optimization,etc), should be filed with the police.

For harm suffered in the form of damage to reputation and dignity, compensation may be claimed through civil legal proceedings initiated via a lawsuit. Before initiating this type of lawsuit, the identity of the perpetrator as well as evidence substantiating the claim of identity manipulation and resulting harm must be provided.

Because tools to modify search engine algorithms are widely available, almost anyone can alter search results. For this reason it is quite difficult to prevent or protect yourself from Google bombing.

Google has developed an extension for their search engine - Google Meet Bomb Guard that allows users to block all uninvited participants and generic gmail accounts from organized Google Meet groups.

Take a look at other available search engine extensions  that can help prevent this type of assault. 

Digital evidence Digital hygiene Browser Damage Report to platform Reputation