Roughly 91 of the 229 data breaches submitted to HHS' Office for Civil Rights' breach portal this year are listed as hacking or IT incidents, and another 91 are listed as unauthorized access or disclosure breaches.
Some of these incidents involved malware, a type of malicious software designed to benefit the hacker and harm the computer owner. One way a system can become infected with malware is through email phishing campaigns — in fact, a recent Mimecast report found 13 percent of emails contain harmful content like spam or malware.
Hackers can inject malware into several types of devices and with several different end goals, such as to steal data, compromise computer functions or bypass access controls. Moreover, hackers often deploy malware attacks in such a way that the software goes undetected for long periods of time.
As part of CRN's Cybersecurity Week 2018, the publication spoke with industry leaders about the malware variants causing businesses the most pain this year. Here are eight emerging malware strains CRN identified as the most dangerous:
1. Adaptive malware: These types of programs are able to bypass their target device's threat detection techniques by identifying entry methods it knows the device vendor is unable to detect.
2. Banking trojans: Commonly delivered via macros or exploits within a Microsoft Office document, banking trojans can provide access to a user's banking credentials, browser credentials or bitcoin wallet, and are often used to reap monetary gains.
3. Memory-only malware: Memory-only malware attacks a user's browser to continuously inject malicious programs into different Microsoft Edge processes until the system is restarted. This type of malware generally only damages the browser, but if it is able to go beyond that, it can cause serious damage to a device, such as encrypting the file system.
4. Multi-part malware: This malware downloads in pieces, meaning it is able to make some components of a user's data unavailable as it continues to find high-value parts of the network to maximize ransom payouts.
5. Ransomware: Ransomware is a type of malware that limits or prevents a user's access to their system by either locking the computer's screen or the user's files — often through encryption — until a ransom is paid. It is commonly delivered via remote desktop protocol, a graphical interface used to connect a user to another computer over a network.
6. Remote administration tools: Commonly referred to as RTAs, these malware tools infects a computer through a backdoor or by allowing unauthorized users remote access. These are often free tools developed for legitimate purposes, but hackers can exploit them for malicious use.
7. Scripting malware: This type of program uses PowerShell — a task-based command-line built on the .net framework — or other complex scripting activities on Windows to carry out its damage.
8. System-level malware: This type of malware is able to run underneath the operating system, launching as soon as the machine is turned on, to avoid detection.
To read CRN's full list, click here.