Log in

Security

Malware

What is malware?
By continuing to use our website, you acknowledge the
use of cookies.Malware, short for malicious software, refers to any intrusive
software developed by cybercriminals (often called hackers)
Privacy Statement Change Settings
to steal data!
andContact
damage or Cisco
destroy computers and
computer systems. Examples of common malware include
viruses, worms, Trojan viruses, spyware, adware, and
ransomware. Recent malware attacks have exEltrated data in
mass amounts.

Watch malware overview (02:06)

:
 Watch malware overview (02:06)

Explore Secure Endpoint

What is the intent of malware?

Malware is developed as harmful software that invades or

corrupts your computer network. The goal of malware is to
cause havoc and steal information or resources for monetary
gain or sheer sabotage intent.

Intelligence and intrusion

ExEltrates data such as emails, plans, and especially sensitive
information like passwords.

Disruption and extortion

Locks up networks and PCs, making them unusable. If it
holds your computer hostage for Enancial gain, it's called
ransomware.

Destruction or vandalism
Destroys computer systems to damage your network
infrastructure.

Steal computer resources

Uses your computing power to run botnets, cryptomining
:
 programs (cryptojacking), or send spam emails.

Monetary gain
Sells your organization's intellectual property on the dark
web.

How do I protect my network against

malware?

Typically, businesses focus on preventative tools to stop

breaches. By securing the perimeter, businesses assume
they are safe. However, some advanced malware will
eventually make their way into your network. As a result, it is
crucial to deploy technologies that continually monitor and
detect malware that has evaded perimeter defenses.
SuQcient advanced malware protection requires multiple
layers of safeguards along with high-level network visibility
and intelligence.

Product

Cisco Umbrella
ETectively protect your users against malware in
minutes with fast, Uexible, cloud-delivered security.

Explore Umbrella
:
 Product

Secure Email
Rapidly detect, quarantine, investigate, and
remediate cyberattacks that target your email.

Explore Secure Email

Product

Secure Firewall
Improve security with intelligent control points,
uniEed, dynamic policies, and threat visibility.

Explore Secure Firewall

How do I detect and respond to

malware?

Malware will inevitably penetrate your network. You must

have defenses that provide signiEcant visibility and breach
:
 detection. To remove malware, you must be able to identify
malicious actors quickly. This requires constant network
scanning. Once the threat is identiEed, you must remove the
malware from your network. Today's antivirus products are
not enough to protect against advanced cyberthreats.

Learn how to update your antivirus strategy

Inside Cisco Talos Threat Hunters

What does it mean to be a threat hunter? Learn more about

how Talos Threat Hunters investigate and defend against
today's most damaging threats.

Watch video (12:00)

7 types of malware
:
 Virus
Viruses are a subgroup of malware. A virus is malicious
software attached to a document or Ele that supports macros
to execute its code and spread from host to host. Once
downloaded, the virus will lie dormant until the Ele is opened
and in use. Viruses are designed to disrupt a system's ability
to operate. As a result, viruses can cause signiEcant
operational issues and data loss.

Worms
A worm is a type of malicious software that rapidly replicates
and spreads to any device within the network. Unlike viruses,
worms do not need host programs to disseminate. A worm
infects a device through a downloaded Ele or a network
connection before it multiplies and disperses at an
exponential rate. Like viruses, worms can severely disrupt the
operations of a device and cause data loss.

Trojan virus
Trojan viruses are disguised as helpful software programs.
But once the user downloads it, the Trojan virus can gain
access to sensitive data and then modify, block, or delete the
data. This can be extremely harmful to the performance of
the device. Unlike normal viruses and worms, Trojan viruses
are not designed to self-replicate.

Spyware
Spyware is malicious software that runs secretly on a
computer and reports back to a remote user. Rather than
simply disrupting a device's operations, spyware targets
sensitive information and can grant remote access to
:
 predators. Spyware is often used to steal Enancial or
personal information. A speciEc type of spyware is a
keylogger, which records your keystrokes to reveal
passwords and personal information.

Adware
Adware is malicious software used to collect data on your
computer usage and provide appropriate advertisements to
you. While adware is not always dangerous, in some cases
adware can cause issues for your system. Adware can
redirect your browser to unsafe sites, and it can even contain
Trojan horses and spyware. Additionally, signiEcant levels of
adware can slow down your system noticeably. Because not
all adware is malicious, it is important to have protection that
constantly and intelligently scans these programs.

Ransomware
Ransomware is malicious software that gains access to
sensitive information within a system, encrypts that
information so that the user cannot access it, and then
demands a Enancial payout for the data to be released.
Ransomware is commonly part of a phishing scam. By
clicking a disguised link, the user downloads the
ransomware. The attacker proceeds to encrypt speciEc
information that can only be opened by a mathematical key
they know. When the attacker receives payment, the data is
unlocked.

Fileless malware
Fileless malware is a type of memory-resident malware. As
the term suggests, it is malware that operates from a victim's
computer's memory, not from Eles on the hard drive.
:
 Because there are no Eles to scan, it is harder to detect than
traditional malware. It also makes forensics more diQcult
because the malware disappears when the victim computer
is rebooted. In late 2017, the Cisco Talos threat intelligence
team posted an example of Eleless malware that they called
DNSMessenger.

What are the beneEts of advanced

malware protection?

Advanced malware can take the form of common malware

that has been modiEed to increase its capability to infect. It
can also test for conditions of a sandbox meant to block
malicious Eles and attempt to fool security software into
signaling that it is not malware. Advanced malware protection
software is designed to prevent, detect, and help remove
threats in an eQcient manner from computer system.

Types of advanced malware protection

Related security topics

Malware protection best practices

Explore how these 10 best practices can protect your
business against malware attacks.
:
 See best practices

What is a Erewall?
A Erewall decides whether to allow or block speciEc
traQc based on security rules.

Explore firewalls

What is phishing?
Phishing attacks are the practice of sending fraudulent
communications that appear to come from a reputable
source.

Explore phishing

What is cybersecurity?
Cybersecurity is the practice of protecting systems,
networks, and programs from digital attacks.

Explore cybersecurity

What is network security?

Network security is the protection of the underlying
networking infrastructure from unauthorized access,
misuse, or theft.

Explore network security

:
 What is ransomware?
Ransomware is a type of malicious software or
malware. It encrypts a victim's data, after which the
attacker demands a ransom.

Explore ransomware

Report

Security Outcomes Report,

Volume 3: Achieving Security
Resilience
We asked 4700 security professionals from 26
countries to share success factors to boost
security resilience.

See the success factors

Quick Links -
About Cisco

Contact Us
:
 Careers

Connect with a partner

Resources and Legal -

Feedback

Help

Terms & Conditions

Privacy Statement

Cookies

Accessibility

Trademarks

Supply Chain Transparency

Sitemap

© Cisco Systems, Inc.

: