Question

Write five pages of technology paper on virus that is causing lost or damage of information and data.

Answer 1

Viruses and damaging malware

There are numerous new viruses which attack computers every day. Being connected to worldwide network has many advantages; however, it opens computers to many serious risks. Damages may differ greatly but the majority of viruses affects operational software, misuses Internet connection and damages stored data. There are many different types of viruses and, often, data loss is just a side effect of some larger damage done to your operational system.

The most dangerous are the attacks targeted to steal and damage business data. Imagine the value of client databases, technical inventions, industrial information essential for manufacturing or financial transactions' history of companies. Where there is serious monetary value, there is also a strong interest to acquire this information. What could be more convenient for hackers than to create a faulty impression of failures in operational system in order to hide their real intentions and cover tracks?

If your computer is damaged badly by viruses and malware, you may install operational system and programs easily if you have installation disks available. The same goes to your original data. Making regular backups of your data and having them available after severe virus damages may have really high value.

What is a computer virus?

Think of a biological virus – the kind that makes you sick. It’s persistently nasty, keeps you from functioning normally, and often requires something powerful to get rid of it. A computer virus is very similar. Designed to replicate relentlessly, computer viruses infect your programs and files, alter the way your computer operates or stop it from working altogether.

In 2013, the botnet virus Gameover ZueS was discovered to use peer-to-peer downloading sites to distribute ransomware and commit banking fraud. While tens of thousands of computer viruses still roam the internet, they have diversified their methods and are now joined by a number of malware variants like worms, Trojans, and ransomware.

How does a computer virus find me?

Even if you’re careful, you can pick up computer viruses through normal Web activities like:

• Sharing music, files, or photos with other users

• Visiting an infected website

• Opening spam email or an email attachment

• Downloading free games, toolbars, media players and other system utilities

• Installing mainstream software applications without thoroughly reading license agreements

What does a computer virus do?

Some computer viruses are programmed to harm your computer by damaging programs, deleting files, or reformatting the hard drive. Others simply replicate themselves or flood a network with traffic, making it impossible to perform any internet activity. Even less harmful computer viruses can significantly disrupt your system’s performance, sapping computer memory and causing frequent computer crashes.

What are the symptoms of a computer virus?

Your computer may be infected if you recognize any of these malware symptoms:

• Slow computer performance

• Erratic computer behavior

• Unexplained data loss

• Frequent computer crashes

How to protect against computer viruses

When you arm yourself with information and resources, you’re wiser about computer security threats and less vulnerable to threat tactics. Take these steps to safeguard your PC with the best computer virus protection:

• Use antivirus protection and a firewall

• Get antispyware software

• Always keep your antivirus protection and antispyware software up-to-date

• Update your operating system regularly

• Increase your browser security settings

• Avoid questionable Web sites

• Only download software from sites you trust.

• Carefully evaluate free software and file-sharing applications before downloading them.

• Don't open messages from unknown senders

• Immediately delete messages you suspect to be spam

An unprotected computer is like an open door for computer viruses. Firewalls monitor Internet traffic in and out of your computer and hide your PC from online scammers looking for easy targets. Products like Webroot Internet Security Complete and Webroot Antivirus provide complete protection from the two most dangerous threats on the Internet – spyware and computer viruses. They thwart threats before they can enter your computer, stand guard at every possible entrance of your computer and fend off any computer virus that tries to open, even the most damaging and devious strains.

While free antivirus downloads are available, they just can't offer the computer virus help you need to keep up with the continuous onslaught of new strains. Previously undetected forms of polymorphic malware can often do the most damage, so it’s critical to have up-to-the-minute, guaranteed antivirus protection.

What is malware?

Malware is shorthand for malicious software. It is software developed by cyber attackers with the intention of gaining access or causing damage to a computer or network, often while the victim remains oblivious to the fact there's been a compromise. A common alternative description of malware is 'computer virus' -- although there are big differences between these types of malicious programs.

What was the first computer virus?

The origin of the first computer virus is hotly debated. For some, the first instance of a computer virus -- software that moves from host to host without the input from an active user -- was Creeper, which first appeared in the early 1970s, 10 years before the actual term 'computer virus' was coined by American computer scientist Professor Leonard M. Adleman.

SECURITY

• Garmin's outage, ransomware attack response lacking as earnings loom
• FBI warns of new DDoS attack vectors: CoAP, WS-DD, ARMS, and Jenkins
• Best security keys in 2020: Hardware-based two-factor authentication for online protection
• Best password managers for business in 2020: 1Password, Keeper, LastPass, and more
• Cyber security 101: Protect your privacy from hackers, spies, and the government
• Phone privacy settings: Securing your iPhone and Android phone (ZDNet YouTube)
• Top 6 cheap home security devices in 2020 (CNET)
• What are IT pros concerned about in the new normal? (TechRepublic)

Creeper ran on the Tenex operating system used throughout ARPANET -- the Advanced Research Projects Agency Network -- and jumped from one system to another, displaying a message of "I'M THE CREEPER : CATCH ME IF YOU CAN!" on infected machines, before transferring itself to another machine. For the most part, when it found a new machine, it removed itself from the previous computer, meaning it wasn't capable of spreading to multiple computers at once.

While Creeper wasn't created for malicious purposes or performing any activity beyond causing mild annoyance, it was arguably the first example of software operating in this way.

Shortly afterward, a new form of software was created to operate in a similar way -- but with the aim of removing Creeper. It was called Reaper.

Alternatively, some believe the title of the first computer virus should go to one called Brain, because unlike Creeper, it could self-replicate itself without the need to remove itself from a previous system first -- something many forms of malicious code now do.

The Morris Worm

The Morris Worm holds the notorious distinction of the first computer worm to gain mainstream media attention -- because, within hours of being connected to the early internet, it had infected thousands of computers. The damage of the lost productivity is estimated to have cost between $100,000 and $10,000,000.

Like Brain and Creeper before it, the Morris worm isn't classed as malware, because it is another example of an experiment gone wrong.

SEE: Cybersecurity in an IoT and mobile world (ZDNet special report) | Download the report as a PDF (TechRepublic)

The software was designed to try to find out the size of the burgeoning internet with a series of scans in 1988, but mistakes in the code led to it running unintended denial of service operations -- sometimes multiple times on the same machine, rendering some computers so slow they became useless.

As a result of the Morris Worm, the internet was briefly segmented for several days in order to prevent further spread and clean up networks.

What is the history of malware?

While Creeper, Brain and Morris are early examples of viruses, they were never malware in the truest sense.

Malware and the malicious code behind it is designed specifically to cause damage and problems on computer systems, while those described above found themselves causing issues by accident -- although the results were still damaging.

With the birth of the web and the ability to connect to computers around the globe, the early 90s saw internet businesses take off as people looked to provide goods and services using this new technology.

However, as with any other form of new technology, there were those who looked to abuse it for the purposes of making money -- or in many cases, just to cause trouble.

In addition to being able to spread via discs -- both floppy and CD-Rom varieties -- the increased proliferation of personal email allowed attackers to spread malware and viruses via email attachments, which has been especially potent against those without any sort of malware protection.

Various forms of malicious software caused trouble for the computer users of the 1990s, performing actions ranging from deleting data and corrupting hard drives, to just annoying victims by playing sounds or putting ridiculous messages on their machines.

Many can now be viewed -- in safe mode with the actual malware removed -- at the Malware Museum on the Internet Archive.

Some of the attacks may have looked simple, but it was these that laid the foundations for malware as we know it today -- and all the damage it has caused around the world.

Casino Disk Destroyer - a form of malware in the 90s - made victims play a game of chance before it destroyed content on the disk.

Image: Internet Archive

What are the different types of malware?

Like legitimate software, malware has evolved over the years and comes equipped with different functions depending on the goals of the developer

Malware authors will sometimes combine the features of different forms of malware to make an attack more potent -- such as using ransomware as a distraction to destroy evidence of a trojan attack.

What is a computer virus?

At its core, a computer virus is a form of software or code that is able to copy itself onto computers. The name has become associated with additionally performing malicious tasks, such as corrupting or destroying data.

While malicious software has evolved to become far more diverse than just computer viruses, there are still some forms of traditional viruses -- like the 15-year-old Conficker worm -- that can still cause problems for older systems. Malware, on the other hand, is designed to provide the attackers with many more malicious tools.

What is trojan malware?

One of the most common forms of malware -- the Trojan horse -- is a form of malicious software that often disguises itself as a legitimate tool that tricks the user into installing it so it can carry out its malicious goals.

Its name, of course, comes from the tale of ancient Troy, with the Greeks hidden inside a giant wooden horse, which they claimed was a gift to the city of Troy. Once the horse was inside the city walls, a small team of Greeks emerged from inside the giant wooden horse and took the city.

Just as the Greeks used a Trojan Horse to trick Troy into letting troops into the city, Trojan malware disguises itself in order to infiltrate a system.

Image: Getty

Trojan malware operates in much the same way, in that it sneaks into your system -- often disguised as a legitimate tool like an update or a Flash download -- then, once inside your system, it begins its attacks.

Once installed in the system, depending on its capabilities a Trojan can then potentially access and capture everything -- logins and passwords, keystrokes, screenshots, system information, banking details, and more -- and secretly send it all to the attackers. Sometimes a Trojan can even allow attackers to modify data or turn off anti-malware protection.

The power of Trojan horses makes it a useful tool for everyone from solo hackers, to criminal gangs to state-sponsored operations engaging in full-scale espionage.

What is spyware?

Spyware is software that monitors the actions carried out on a PC and other devices. That might include web browsing history, apps used, or messages sent. Spyware might arrive as a trojan malware or may be downloaded onto devices in other ways.

For example, someone downloading a toolbar for their web browser may find it comes packed with spyware for the purposes of monitoring their internet activity and computer use, or malicious adverts can secretly drop the code onto a computer via a drive-by download.

In some cases, spyware is actively sold as software designed for purposes such as parents monitoring their child's internet use and is designed to explicitly be ignored by antivirus and security software. However, there are various instances of such tools being used by employers to spy on the activity of employees and people using spyware to spy on their spouses.

• Android malware spies on smartphones users and runs up their phone bill too
• Hacking group used Facebook lures to trick victims into downloading Android spyware
• Hackers are using hotel Wi-Fi to spy on guests, steal data

What is ransomware?

While some forms of malware rely on being subtle and remaining hidden for as long as possible, that isn't the case for ransomware.

Often delivered via a malicious attachment or link in a phishing email, ransomware encrypts the infected system, locking the user out until they pay a ransom -- delivered in bitcoin or other cryptocurrency, in order to get their data back.

SEE: Ransomware: An executive guide to one of the biggest menaces on the web

It might sound simple, but ransomware works: cybercriminals pocketed over $1 billion from ransomware attacks during 2016 alone, and a Europol report describes it as having "eclipsed" most other global cybercriminal threats in 2017.

Ransomware demands a payment in return for returning encrypted files.

Image: Malwarebytes

What is wiper malware?

Wiper malware has one simple goal: to completely destroy or erase all data from the targeted computer or network. The wiping could take place after the attackers have secretly removed target data from the network for themselves, or it could could be launched with the pure intention of sabotaging the target.

One of the first major forms of wiper malware was Shamoon, which targeted Saudi energy companies with the aim of stealing data then wiping it from the infected machine. More recent instances of wiper attacks include StoneDrill and Mamba, the latter of which doesn't just delete files, but renders the hard driver unusable.

One of the most high profile wipers of recent times was Petya ransomware. The malware was initially thought to be ransomware. However, researchers found that not only was there no way for victims to retrieve their data via paying the ransom, but also that the goal of Petya was to irrecoverably destroy data.

What is a computer worm?

A worm is a form of malware that is designed to spread itself from system to system without actions by the users of those systems.

Worms often exploit vulnerabilities in operating systems or software, but are also capable of distributing themselves via email attachments in cases where the worm can gain access to the contact book on an infected machine.

SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)

It might seem like a basic concept, but worms are some of the most successful and long-lived forms of malware out there. The 15-year-old SQL slammer worm is still causing issues by powering DDoS attacks, while the 10-year-old Conficker worm still ranks among the most common cyber infections.

Last year's Wannacry ransomware outbreak infected over 300,000 computers around the world -- something it did thanks to the success of worm capabilities which helped it quickly spread through infected networks and onto unpatched systems.

What is adware?

The ultimate goal of many cybercriminals is to make money -- and for some, adware is just the way to do it. Adware does exactly what it says on the tin -- it's designed to maliciously push adverts onto the user, often in such a way that the only way to get rid of them is to click through to the advert. For the cybercriminals, each click brings about additional revenue.

In most cases, the malicious adverts aren't there to steal data from the victim or cause damage to the device, just sufficiently annoying to push the user into repeatedly clicking on pop-up windows. However, in the case of mobile devices, this can easily lead to extreme battery drain or render the device unusable due to the influx of pop-up windows taking up the whole screen.

Adware displays intrusive pop-up adverts which won't disappear until they're clicked on.

Image: iStock

What is a botnet?

A botnet -- short for robot network -- involves cybercriminals using malware to secretly hijack a network of machines in numbers, which can range from a handful to millions of compromised devices. While it is not malware in itself, these networks are usually built by infecting vulnerable devices.

Each of the machines falls under the control of a single attacking operation, which can remotely issue commands to all of the infected machines from a single point.

By issuing commands to all the infected computers in the zombie network, attackers can carry out coordinated large-scale campaigns, including DDoS attacks, which leverage the power of the army of devices to flood a victim with traffic, overwhelming their website or service to such an extent it goes offline.

Other common attacks carried out by botnets include spam email attachment campaigns -- which can also be used to recruit more machines into the network -- and attempts to steal financial data, while smaller botnets have also been used in attempts to compromise specific targets.

Botnets are designed to stay quiet to ensure the user is completely oblivious that their machine is under the control of an attacker.

As more devices become connected to the internet, more devices are becoming targets for botnets. The infamous Mirai botnet -- which slowed down internet services in late 2016 -- was partially powered by Internet of Things devices, which could easily be roped into the network thanks to their inherently poor security and lack of malware removals tools.

What is cryptocurrency miner malware?

The high profile rise of bitcoin has helped push cryptocurrency into the public eye. In many instances, people aren't even buying it, but are dedicating a portion of the computing power of their computer network or website to mine for it.

While there are plenty of instances of internet users actively engaging in this activity on their terms -- it's so popular the demand has helped to push up the price of PC gaming graphics cards -- cryptocurrency mining is also being abused by cyber attackers.

There's nothing underhanded or illegal about cryptocurrency mining in itself, but in order to acquire as much currency as possible -- be it bitcoin, Monero, Etherium or something else -- some cybercriminals are using malware to secretly capture PCs and put them to work in a botnet, all without the victim being aware their PC has been compromised.

One of the largest cybercriminal cryptocurrency networks, the Smominru botnet, is thought to consist of over 500,000 systems and to have made its operators at least $3.6 million dollars.

Typically, a cryptocurrency miner will deliver malicious code to a target machine with the goal of taking advantage of the computer's processing power to run mining operations in the background.

The problem for the user of the infected system is that their system can be slowed down to almost a complete stop by the miner using big chunks of its processing power -- which to the victim looks as if it is happening for no reason.

The rise of cryptocurrency has led to a rise in criminals using malware to mine it via compromised systems.

Image: iStock

PCs and Window servers can be used for cryptocurrency mining, but Internet of Things devices are also popular targets for compromising for the purposes of illicitly acquiring funds. The lack of security and inherently connected nature of many IoT devices makes them attractive targets for cryptocurrency miners -- especially as the device in question is likely to have been installed and perhaps forgotten about.

Analysis by Cisco Talos suggests a single system compromised with a cryptocurrency miner could make 0.28 Monero a day. It might sound like a tiny amount, but an enslaved network of 2,000 systems could add the funds up to $568 per day -- or over $200,000 a year.

How is malware delivered?

In the past, before the pervasive spread of the World Wide Web, malware and viruses would need to be manually, physically, delivered, via floppy disc or CD Rom.

In many cases, malware is still delivered by using an external device, although nowadays it is most likely to be delivered by a flash drive or USB stick. There are instances of USB sticks being left in car parks outside targeted organisations, in the hope that someone picks one up out of curiosity and plugs it into a computer connected to the network.

However, more common now is malware that is delivered in a phishing email with payloads distributed as an email attachment.

The quality of the spam email attempts vary widely -- some efforts to deliver malware will involve the attackers using minimal effort, perhaps even sending an email containing nothing but a randomly named attachment.

In this instance, the attackers are hoping to chance on someone naive enough to just go ahead and click on email attachments or links without thinking about it -- and that they don't have any sort of malware protection installed.

SEE ALSO: What is phishing? Everything you need to know to protect yourself from scam emails and more

A slightly more sophisticated form of delivering malware via a phishing email is when attackers send large swathes of messages, claiming a user has won a contest, needs to check their online bank account, missed a delivery, needs to pay taxes, or even is required to attend court -- and various other messages which upon first viewing may draw the target to instantly react.

For example, if the message has an attachment explaining (falsely) that a user is being summoned to court, the user may click on it due to the shock, opening the email attachment -- or clicking a link -- to get more information. This activates the malware, with the likes of ransomware and trojans often delivered in this way.

If the attackers have a specific target in mind, the phishing email can be specifically tailored to lure in people within one organisation, or even just an individual. It's this means of delivering malware which is often associated with the most sophisticated malware campaigns.

However, there are many other ways for malware to spread that do not require action by the end user -- through networks and through other software vulnerabilities.

What is fileless malware?

As traditional malware attacks are being slowed by prevention tactics including the use of robust anti-virus or anti-malware systems, and users are becoming cautious of unexpected emails and strange attachments, attackers are being forced to find other ways to drop their malicious payloads.

NEXT

One increasingly common means of this is via the use of fileless malware. Rather than relying on a traditional method of compromise like downloading and executing malicious files on a computer -- which can often be detected by anti-virus software solutions -- the attacks are delivered in a different way.

Instead of requiring execution from a dropped file, fileless malware attacks rely on leveraging zero-day exploits or launching scripts from memory, techniques that can be used to infect endpoints without leaving a tell-tale trail behind.

This is achieved because the attacks uses a system's own trusted system files and services to obtain access to devices and launch nefarious activity -- all while remaining undetected because anti-virus doesn't register wrongdoing.

Exploiting the infrastructure of the system in this way allows the attackers to create hidden files and folders or create scripts they can use to compromise systems, connect to networks, and eventually command and control servers, providing a means of stealthily conducting activity.

The very nature of fileless malware means not only is it difficult to detect, but difficult to protect against by some forms of antivirus software. But ensuring that systems are patched, up to date, and restricted users from adopting admin privileges, can help.

Do only Windows PCs get malware?

There was a time when many naively believed that it was only Microsoft Windows systems that could fall victim to malware. After all, malware and viruses had concentrated on these, the most common computer systems, while those that used other operating systems were free of its grasp. But while malware still remains a challenge for Windows systems -- especially those running older, even obsolete versions of the OS -- malware is far from exclusive to Microsoft PCs

Mac malware

For many years, a myth persisted that Macs were completely immune to malicious infection. Over the course of the 90s, there were some forms of malware that did infect Macs, despite primarily being designed for Windows systems. The likes of Concept and Laroux were about to infect Macs using Microsoft office programs.

However, by the mid-00s, attackers had started building forms of malware specifically designed to target Apple Macs, and now, while Windows machines bear the brunt of computer and laptop based malware attacks, Macs are now regular targets for cybercrime.

It's now normal for backdoors trojans, compromised software downloads, and ransomware attacks targeting Mac systems to be uncovered by cybersecurity researchers.

What is mobile malware?

The rise of smartphones and tablets over the last decade has fundamentally changed our relationship with the internet and technology. But, like any form of new technology, criminals soon realised that they could exploit smartphones for their own illicit gain -- and these mobile devices not only contain vast amounts of personal information, they can even allow hackers to monitor our location.

If there's a type of malware that can infect computers -- be it a trojan, ransomware, information stealer, or pop-up adware -- then criminals have been working on malware threats that can carry out the same tasks on smartphones.

SEE ALSO: Online security 101: Tips for protecting your privacy from hackers and spies

The amount of data carried on mobile devices makes them an even more valuable target for hackers, particularly if a sophisticated hacking group, or a state-backed espionage operation is looking to compromise a particular target for the purposes of spying.

The inherent abilities of a smartphone mean it's ultimately possible, with the use of the right malware, for those groups to physically locate targets or even listen into conversations and take photos of them using the microphone and camera capabilities built into phones.

Unfortunately, many people still don't realise their mobile phone is something that can fall victim to cyberattacks -- although they can be protected by good user practice and mobile antivirus software.

What is Android malware?

Android phones suffer the majority of malware attacks on smartphones, with Google's larger share of the mobile market and the open nature of the ecosystem making it an attractive target for cyber criminals.

Attackers can infect their targets by tricking them into downloading malicious applications from third-party stores and malware has often found its way into the official Google Play application market place.

However, while the Google Play store has been used by hackers to distribute Android malware, more sophisticated campaigns will socially engineer selected targets into downloading malware for the purposes of espionage onto their device.

Android malware is known to pose as legitimate apps inside the Play Store - this one is disguised as a cleaner which tells the user they need to download an additional malicious update.

Can my iPhone become infected by malware?

When it comes to iPhone, the ecosystem is much more heavily protected against malware due to Apple's closed garden approach to applications.

However, while malware on iPhones is rare, it isn't an unknown entity -- hacking gangs have found ways to compromise the devices of selected targets in espionage campaigns, such as those who exploited the Trident vulnerabilities to install Pegasus spyware to spy on human rights activists in the Middle East.

What is Internet of Things malware?

As the rise of malware on mobile devices has demonstrated, if something is connected to the internet, it's a potential avenue of cyberattacks.

So, while the rise of Internet of Things connected devices has brought a number of benefits to users -- in industry, the workplace and at home -- it too has opened doors for new cyber criminal schemes.

The rush to jump on the IoT bandwagon means that some devices are rushed out with little thought put into cybersecurity, meaning it remains relatively simple for hackers to infect connected devices, ranging from industrial control systems, to household products to even children's toys.

One of the most common means in which the insecurity of IoT devices is exploited is with malware attacks that secretly infect products and rope them into a botnet.

Devices like routers, smart lighting systems, VCRs, and surveillance cameras can all easily become infected and the eventual damage can be spectacular -- as demonstrated by the online chaos caused by the Mirai botnet DDoS attack.

The network of Mirai-infected devices consisted largely of IoT products and was so powerful that it brought large swathes of the internet grinding to a halt, slowing down or outright preventing access to a number of popular services.

While devices infected with Mirai continued to operate as normal, that wasn't the case for those who found their IoT products infected with BrickerBot, a form of IoT malware that resulted in Homeland Security's Cyber Emergency Response Team (CERT) issuing new warnings. Devices infected with BrickerBot have their storage corrupted, leading them to be completely unusable and irrecoverable.

Just like mobile phones can be turned into surveillance devices by hackers, the same can be said of internet-connected cameras in the home. There has already been a number of instances where IoT camera security has been found to be so basic that malware has infected large numbers of devices.

Unlike mobile phones, IoT devices are often plugged in and forgotten about, with the risk that the IoT camera you set up could become easily accessible to outsiders -- who could potentially use it to spy on your actions, be it in your workplace or in your home.

Such is the extent of the security worry with the IoT, police have warned about the threats posed by connected devices, while government bodies are working towards ways of legislating IoT devices sooner rather than later, so we're not left with a toxic legacy of billions of devices that can easily be infected with malware.

Everyday objects are increasingly being connected to the Internet of Things - and they're an attractive target for malware.

Image: iStock

Malware as a tool for international cyber warfare

With malware's offensive capabilities evident, it's no wonder it has become a common tool in the murky world of international espionage and cyber warfare.

It's especially useful for those involved in the game of geopolitics because currently, unlike the case with conventional weapons, as yet there are no rules or agreements detailing who can and can't be targeted by cyber weapons.

That attribution of attacks remains so difficult also makes cyber espionage a crucial tool for nation-states who want to keep their activities under wraps.

Stuxnet is generally regarded as the first instance of malware designed to spy on and subvert industrial systems and in 2010 it infiltrated Iran's nuclear program, infecting uranium centrifuges and irreparably damaging systems. The attack slowed down Iran's nuclear ambitions for years.

SEE: Can Russian hackers be stopped? Here's why it might take 20 years (TechRepublic cover story) | download the PDF version

While no state has officially taken credit for the attacks, it's believed Stuxnet was the work of US and Israeli cyber forces.

Since that first instance of publicly reported malware attacks by nation states, cyber warfare has become a tool used by governments around the world. It's widely suspected that nation-state actors were behind attacks against a Ukrainian power plant, but it isn't just physical systems and infrastructure which are targets for cyber warfare.

Meanwhile, actors on all sides of diplomatic divides continue to undertake cyber espionage campaigns against potentially useful targets.

How do you protect against malware?

Some of the most basic cybersecurity practices can go a long way to protecting systems -- and their users -- from falling victim to malware.

Simply ensuring software is patched and up to date, and all operating system updates are applied as quickly as possible after they're released, will help protect users from falling victim to attacks using known exploits.

Time and again, delays in patching have led to organisations falling victims to cyberattacks, which could've been prevented if patches had been applied as soon as they were released.

One of the reasons the UK's National Health Service was so badly impacted by the WannaCry outbreak was because, despite warnings that they should be applied, vast swathes of systems hadn't been patched weeks after a security update for protecting against the EternalBlue exploit was available.

It's also common for cyber espionage campaigns to leverage exploits for which fixes have long existed and still successfully compromise targets -- because nobody bothered to apply the patches. The lesson to be learned here is that sometimes it might seem time-consuming and inconvenient to apply patches -- especially across a whole network -- but it can prove to be an effective barrier against malware.

Installing some form of cybersecurity software is also a useful means of protecting against many forms of attack. Many vendors will update their programs with new threat intelligence, which is applied to scan for and detect new malware on a weekly or even daily basis, providing as much protection as possible from malware, should something attempt to break into the system.

For example, visitors to watering-hole sites should be protected from attacks, while suspicious or dangerous files received via email can be quarantined.

User training should also be offered in order to ensure everyone using your network is aware of the cyber threats they could face on the internet.

Teaching users about safe browsing and the dangers of phishing emails, or to be wary of what they download and click on, can help prevent threats from getting to the point of even being downloaded. Users take a lot of criticism from some as a weakness in cybersecurity, but they can also form the first line of defence against malware attacks.

Data loss is a serious problem for businesses of all sizes— losing files means losing time and money to restore or recover information that is essential to your business. Data loss occurs when data is accidentally deleted or something causes data to become corrupted. Viruses, physical damage or formatting errors can render data unreadable by both humans and software. Losing files and documents often has a lasting impact on your company’s financial health.

Some lost data is recoverable, but this process often requires the assistance of IT professionals and costs time and resources your business could be using elsewhere. In other instances, lost files and information cannot be recovered, making data loss prevention even more essential. You can minimize your business’s potential for data loss by understanding what leads to data loss. Read on for the ten most common causes of data loss, how to prevent them, and tricks for recovering data if the loss does occur.

Effects of Data Loss on Businesses

Data loss is a major inconvenience that disrupts the day-to-day function of any information-based business. When important files and documents are lost, your business must spend time and resources recreating or recovering these files to fill the gaps left by loss. While you may be able to locate hard copies of information, these may not be as up-to-date as the digital copies that were lost. Data loss caused by corruption or viruses poses particular problems as the extent of data loss caused can sometimes be difficult to determine. It can be costly for your business to weed out and repair damaged files.

Data loss also sets back productivity timelines and can cause you to lose customers if it is accompanied by security breaches. When sensitive data is stolen or compromised, your company must disclose this to clients, causing you to lose their trust and respect. Even if your company can recover from the data loss, you will need to spend time rebuilding client relationships.

The inconvenience of data loss can have even bigger implications for your business when a large amount of data is lost:

• 94 percent of companies that experience severe data loss do not recover
• 51 percent of these companies close within two years of the data loss
• 43 percent of these companies do not reopen again
• 70 percent of small firms go out of business within a year of a large data loss incident

Leaving data unprotected is an expensive risk to take — A 2014 study revealed that 20 percent of companies who experienced data loss from outages said it cost them between $50,000 and $5 million.

10 Common Causes of Data Loss

Data loss can be caused by many different factors, and each poses a unique problem for data recovery. Hard drive crashes account for the highest percentage of data loss, but human errors and issues with software follow closely behind. According to data from Kroll Ontrack:

• 67 percent of data loss is caused by hard drive crashes or system failure
• 14 percent of data loss is caused by human error
• 10 percent of data loss is a result of software failure

Awareness of the types of data loss and the risks associated with losing data is essential for preventing data loss that can be a major cost to your business.

1. Human Error
2. Viruses & Malware
3. Hard Drive Damage
4. Power Outages
5. Computer Theft
6. Liquid Damage
7. Disasters
8. Software Corruption
9. Hard Drive Formatting
10. Hackers and Insiders

1. Human Error

Humans are not infallible — we all make mistakes and sometimes they’re big ones. For businesses, these mistakes can result in the unintentional deletion of data files or sections of text. Without realizing it, employees can overwrite important files or delete information that is essential to your business. Human error can also play a role in many other main causes of data loss, including hard drive damage, liquid spills, software corruption and hard drive formatting.

One important measure to prevent human error in data handling is proper training. Ensure your employees understand how data processing within your company works and how your backup systems function. This can be as simple as knowing if the documents they are working with will be backed up automatically or if they must manually save files while they are working.

Mistakes from human error can also be minimized through several software means. Automation minimizes the amount of human interaction with data, which reduces the risk of deletion or overwriting. An optimized workflow will also leave little room for human error to occur while saving employees time and making mistakes easier to spot. Backup systems should also be used to preserve previous data states.

Recovering accidentally deleted or overwritten data can sometimes be as simple as searching through the computer’s Recycle Bin. Other times, you may be able to access previously saved versions of a document. When lost data is not as easy to retrieve, file recovery software can be a great tool. File recovery software scans your computer’s hard drive to identify and restore lost data.

2. Viruses and Malware

Most people think of viruses when you ask them what causes data losses. For businesses, viruses can steal and delete swaths of data or bring business operations to a crawl, destroying company functionality. A computer often gets a virus from an email-based attack or through phishing that tempts an employee to click on a corrupted link. This link then allows the virus or malware to enter the computer system to damage or steal files.

Guard against malware with appropriate anti-virus software. Keep your anti-virus systems constantly updated and regularly run scans to catch viruses before they can do any serious damage. Just in case a malicious program wrecks your data, be sure to make regular system backups as well. Often backed up data is the only way to recover lost data from malware or viruses.

3. Hard Drive Damage

The majority of data losses occur due to hardware malfunctions, with the primary perpetrator being the hard drive. Hard drives are the most fragile parts of computers, and around 140 thousand hard drives crash every week. Of these crashes, 60 percent are due to mechanical issues and 40 percent are a result of human misuse or mishandling, including dropping or jostling a computer or laptop. Hard drives can also be damaged if a computer overheats, typically caused by overuse or a build-up of dust in the computer.

However, as with any machine, a hard drive will wear out over time and will eventually stop working. Below are some signs to watch out for that indicate a hard drive may be failing:

• The hard drive frequently crashes
• The computer is unusually hot
• The hard drive experiences issues while booting up
• Processing speeds continually slow
• The computer freezes frequently
• The computer makes clicking or grinding noises
• Files will not open or become corrupted randomly

To prevent hard drive malfunctions, be sure to work with your device appropriately and keep your computer away from excessive dust. You can also ensure that a random malfunction doesn’t destroy your data by regularly backing up your hard drive on an external drive or cloud server.

SSDs or solid state drives are also emerging as an alternative to traditional HDDs or hard disk drives. SSDs do not have any moving parts, so they are more durable for handling than HDDs. SSDs are also less likely to malfunction or crash, meaning you are less likely to lose data. However, computers with solid state drives also tend to be more expensive than those with standard hard drives and may not be financially feasible for every business. Taking preventative measures to protect your computer’s data is essential regardless of the type of hard drive it has.

You may be able to recover lost data from a hard drive damage by removing the hard drive from the computer and connecting it to another computer to see if any files are not damaged. If the hard drive is entirely corrupted, you can try to retrieve data using data recovery software. However, it is often best to contact a professional to help you recover data lost from a crashed hard drive.

4. Power Outages

Power outages can interrupt business operations substantially, shutting software systems down without warning. Not only can this result in the loss of unsaved data, but it can also cause existing files to be corrupted due to improper shutdown procedures. Sometimes, entire programs may be rendered non-functional by a poorly timed power outage. If a computer shuts down while it is writing to the hard drive system, it may never start up again.

Even if you do not lose data during a power outage, the improper shutdowns can have lasting impacts on computer hard drives. If power outages or surges happen frequently, the lifespan of a hard drive will be greatly reduced and it will be more likely to crash.

The best way to protect against these problems is by making regular, automatic system backups. Backups are often the only way to recover lost data from a power outage. Your business should also use surge protectors to help prevent possible damage from power surges. Having a generator or backup battery system can also allow you to save or back up business data during a power outage.

5. Computer or Laptop Theft

In the modern workplace, more and more people are becoming mobile. This often means they are working from laptops or smartphones rather than PCs. Laptop theft is a serious risk and can happen anywhere if a laptop is left unattended. According to a study by Kensington:

• 25 percent of IT theft occurs in cars or other transportation vehicles
• 23 percent takes place in the office
• 15 percent happens in airports or hotels
• 12 percent occurs in restaurants

On top of losing data, laptop theft also poses the threat of a data breach. In fact, stolen or lost devices accounted for over 40 percent of all data breaches from 2005 to 2015. If employees in your company store or access sensitive information on portable devices, you should have a means of remotely wiping data from those laptops or tablets. You should also ensure that crucial data stored on laptops is backed up to a safe location.

For computers in your office building, ensure that they are kept in locked rooms that only employees authorized to use them have access to. When closing your business overnight, be sure to have a secure lock-up procedure so that you do not invite thieves to steal computers or other valuables.

If your business uses laptops that contain valuable information, you should consider installing anti-theft software on these devices. This software allows you to track a laptop that has been stolen so that law enforcement may be able to retrieve the stolen device. Anti-theft software often includes the option of a remote wipe if there is valuable data stored on the laptop.

6. Liquid Damage

Spilling coffee or water on your laptop or computer can cause a short circuit, making it difficult to recover your computer, let alone the data stored inside. If your computer somehow gets completely submerged, the situation is even moreserious. Sometimes a computer may seem to work fine after a spill, but the internal damage can have lasting effects that cause the computer to short circuit in the future. Acidic drinks, like coffee, pose a particular risk as they can corrode the inside of a computer if a spill is not cleaned up properly.

To minimize the chance of such damage, keep liquids away from business computers and try to keep laptops stored in water-resistant cases. Your company can also implement policies that require drinks to be kept in spill-proof containers or designate specific areas where employees can have beverages. Remind your employees how important it is to keep your equipment clean and safe from accidental damage.

If a spill does occur, act quickly to minimize the damage. Shut the computer off and dry it as much as you can. You should also take the computer apart with the help of a technician to be sure none of the internal components are wet. Allow all parts of the computer to dry completely before putting it back together or turning it on. Cleaning up a spill as soon as it happens can reduce the risk of damage and data loss. However, you should also back up all data on the device in case it short circuits down the road.

7. Disasters

From tornadoes to fire,disasters can happen when you least expect them and have devastating impacts on your business.They can destroy your computer, your data and even your business entirely. To minimize the effects of a disaster and ensure you can carry on, back up your data on a weekly basis and store files in a secure location.

Natural disasters can cause irreparable damage to a business if data is not backed up:

• 93 percent of companies that lost their data center for 10 or more days from a disaster filed for bankruptcy within one year
• 50 percent of companies that lost data management due to a disaster filed for bankruptcy immediately
• 30 percent of businesses that experience a severe fire go out of business within a year
• 70 percent of businesses that experience a severe fire go out of business within five years

Because natural disasters can destroy a company’s technology entirely, it is often not possible to recover data lost due to a disaster. This is why it is so crucial to back up data in a remote location that cannot be compromised by a local disaster.

8. Software Corruption

Unexpected or improper software shutdowns may seem innocent on the surface but can cause serious issues for your data. Improper shutdowns can corrupt your data or delete your progress, wasting time and losing valuable data.When software is corrupted it may not be able to run again, meaning you cannot access data stored in that software.

While software corruption can sometimes be the result of power outages or other uncontrollable factors, it is important to implement procedures for properly shutting down software after each and every use.Be careful when powering down your computer and shut off any programs first. Use diagnostic programs carefully to ensure they don’t interrupt software processes.When your employees consistently save documents during editing and follow safe shut down procedures, they reduce the risk of business data loss from software corruption.

9. Hard Drive Formatting

Accidental formatting of your hard drive can cause you to lose data instantly. Employees can format a hard drive by accident if they misunderstand system prompts or error messages. Reformatting can also occur during system updates and result in data loss. While accidentally reformatting a hard drive can lead to panic when files and documents can no longer be accessed, you can often recover lost data from hard drive formatting by running a data recovery software.

10. Hackers and Insiders

In recent years, hacking and data breaches have become a much more common problem, making good cybersecurity measures essential.Unauthorized guests in your network can cause serious damage to your data, deleting and stealing any data they wish. They can even damage entire network processes if they have sufficient access to your system. Minimize the potential for such losses by using firewalls in your system to keep out hackers.

Hackers can gain access to your data in a variety of ways. Here are some things you should avoid so that your system is not vulnerable to hackers:

• Using servers with poor security
• Not having adequate firewalls
• Using passwords that are easy to guess

The unfortunate truth is that data is sometimes stolen or compromised by employees themselves or other insiders. Consider implementing different levels of permission for employeesto prevent insiders from accessing high-level data. Also, try to keep an eye open for signs of malicious activity.

In many instances, data stolen by hackers or insiders cannot be recovered. It is essential that you take action to prevent cyber attacks and back up your data frequently.

How to Prevent Data Loss

The most effective way to prevent business data loss is to back up all of your files and documents. Backing up data means that you have at least one additional copy of all important data. For the most effective backup plan, store your backups in a physically separate location to prevent the risk of data loss from physical destruction or theft.

Cloud storage is also an effective means of backing up data as it stores data remotely and is easily accessed from any device through the Internet. Cloud storage often has more space than a traditional server and does not pose risks of crashing. According to Small Business Trends, 78 percent of small businesses are projected to use cloud storage to back up their data by 2020. While cloud storage eliminates the possibility of theft or physical damage, data can still be lost in the cloud if it is accidentally deleted, overwritten or stolen by hackers.

No matter how you choose to back up your data, it is essential to make sure your data is backing up properly before a catastrophic data loss occurs. No one wants to realize after a data loss that files did not write correctly to the backup server and are corrupted. Perform periodic tests of backed up data to ensure your documents are properly formatted and there is enough space to store your files in your backup destination. Backups should be performed frequently so that minimal data is lost should your main system for data storage go down.

In addition to the ever-crucial backup, here are some other techniques to avoid business data loss:

• Partition your hard drive:Partitioning a hard drive means creating separate program and data zones. This means that if the program portion of a hard drive crashes, you may be able to recover the data because it is stored in a separate location.
• Perform disk defragmentation: The process of saving and deleting files naturally creates gaps on the hard drive that other files are then filled into. When data is split into segments for storage it takes longer for the computer to access the data and also makes file corruption more likely if the hard drive crashes. Defragmentation arranges files more contiguously to lower the risk of data loss and speed up computer processing time.
• Use anti-virus software: Anti-virus software is essential to prevent viruses and malware from infecting your computer. Be sure to keep anti-virus software updated so it runs properly and effectively.
• Keep your computer clean and dry: Dust or moisture collecting in a computer can cause the hard drive to crash or computer to overheat. Store all computers and laptops in dry, ventilated areas.
• Keep computers in a safe location: Computers should be kept stationary and in a location where they are not likely to be jostled or damaged. Keeping your computers out of the way will also reduce the risk of theft.
• Control employee access: All employees working with company data should be properly trained about confidentiality or how data can be shared. It is in the best interest of your company to control who can access different levels of data to protect from accidental or intentional data loss.