What is a malicious program designed to transfer from one computer to another in any possible means?

This page provides an overview of the most common malware applications. For specific steps you can take to protect against malware, see our Protect Against Viruses & Security Threats pages.

Table of Contents Show

What is Malware?
Types of Malware
Facts about Malware
How do I know if I have Malware on my computer?
Browser crashes & instabilities
Poor system performance
Advertising

What is Malware?

Malware is a catch-all term for various malicious software, including viruses, adware, spyware, browser hijacking software, and fake security software.

Once installed on your computer, these programs can seriously affect your privacy and your computer's security. For example, malware is known for relaying personal information to advertisers and other third parties without user consent. Some programs are also known for containing worms and viruses that cause a great deal of computer damage.

Types of Malware

Viruses which are the most commonly-known form of malware and potentially the most destructive. They can do anything from erasing the data on your computer to hijacking your computer to attack other systems, send spam, or host and share illegal content.
Spyware collects your personal information and passes it on to interested third parties without your knowledge or consent. Spyware is also known for installing Trojan viruses.
Adware displays pop-up advertisements when you are online.
Fake security software poses as legitimate software to trick you into opening your system to further infection, providing personal information, or paying for unnecessary or even damaging "clean ups".
Browser hijacking software changes your browser settings (such as your home page and toolbars), displays pop-up ads and creates new desktop shortcuts. It can also relay your personal preferences to interested third parties.

Facts about Malware

Malware is often bundled with other software and may be installed without your knowledge.
For instance, AOL Instant Messenger comes with WildTangent, a documented malware program. Some peer-to-peer (P2P) applications, such as KaZaA, Gnutella, and LimeWire also bundle spyware and adware. While End User License Agreements (EULA) usually include information about additional programs, some malware is automatically installed, without notification or user consent.

Malware is very difficult to remove.
Malware programs can seldom be uninstalled by conventional means. In addition, they ‘hide’ in unexpected places on your computer (e.g., hidden folders or system files), making their removal complicated and time-consuming. In some cases, you may have to reinstall your operating system to get rid of the infection completely.

Malware threatens your privacy.
Malware programs are known for gathering personal information and relaying it to advertisers and other third parties. The information most typically collected includes your browsing and shopping habits, your computer's IP address, or your identification information.

Malware threatens your computer’s security.
Some types of malware contain files commonly identified as Trojan viruses. Others leave your computer vulnerable to viruses. Regardless of type, malware is notorious for being at the root, whether directly or indirectly, of virus infection, causing conflicts with legitimate software and compromising the security of any operating system, Windows or Macintosh.

How do I know if I have Malware on my computer?

Common symptoms include:

Browser crashes & instabilities

Browser closes unexpectedly or stops responding.
The home page changes to a different website and cannot be reset.
New toolbars are added to the browser.
Clicking a link does not work or you are redirected to an unrelated website.

Poor system performance

Internet connection stops unexpectedly.
Computer stops responding or takes longer to start.
Applications do not open or are blocked from downloading updates (especially security programs).
New icons are added to desktop or suspicious programs are installed.
Certain system settings or configuration options become unavailable.

Advertising

Ads pop up even when the browser is not open.
Browser opens automatically to display ads.
New pages open in browser to display ads.
Search results pages display only ads.

A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems.

A computer worm duplicates itself to spread to uninfected computers. It often does this by exploiting parts of an operating system that are automatic and invisible to the user.

Typically, a user only notices a worm when its uncontrolled replication consumes system resources and slows or halts other tasks. A computer worm is not to be confused with WORM, or write once, read many.

Computer worms often rely on vulnerabilities in networking protocols, such as File Transfer Protocol, to propagate.

After a computer worm loads and begins running on a newly infected system, it will typically follow its prime directive: to remain active on an infected system for as long as possible and spread to as many other vulnerable systems as possible.

For example, the WannaCry ransomware worm exploited a vulnerability in the first version of the Windows Server Message Block (SMBv1) resource sharing protocol.

Once active on a newly infected computer, the WannaCry malware initiates a network search for new potential victims: systems that respond to SMBv1 requests made by the worm. The worm then continues to propagate within a network through these clients.

Malicious attackers can disguise a worm as a nonthreatening resource -- such as a work file or link, which a user clicks on or downloads -- that's only later revealed as a worm. Worms can contain malicious attachments, or payloads, that can delete files or let bad actors remotely control users' computers.

As defined in the "Security of the Internet" report released in 1996 by the CERT Division of the Software Engineering Institute at Carnegie Mellon University, computer worms are "self-replicating programs that spread with no human intervention after they are started."

In contrast, the report noted that computer viruses are also "self-replicating programs, but usually require some action on the part of the user to spread inadvertently to other programs or systems."

There are several types of malicious computer worms:

Email worms

Email worms work by creating and sending outbound messages to all the addresses in a user's contact list. The messages include a malicious executable file that infects the new system when the recipient opens it.

Discover five different types of computer worms.

Successful email worms usually employ social engineering and phishing techniques to encourage users to open the attached file.

File-sharing worms

File-sharing worms copy themselves into shared folders and spread through peer-to-peer file-sharing networks. Worm authors often disguise these malicious programs as media files.

Stuxnet, one of the most notorious computer worms to date, consists of two components: a worm to propagate malware through USB devices infected with the host file, and malware that targets supervisory control and data acquisition systems.

File-sharing worms often target industrial environments, including power utilities, water supply services and sewage plants.

Cryptoworms

Cryptoworms work by encrypting data on the victim's system. Perpetrators can use this type of worm in ransomware attacks, where they follow up with the victim and demand payment in exchange for a key to decrypt the files.

Internet worms

Some computer worms specifically target popular websites with poor security. If they can infect the site, they can infect a computer accessing the site.

From there, internet worms spread to other devices that the infected computer connects to through the internet and private network connections.

Instant messaging worms

Like email worms, instant messaging worms are masked by attachments or links, which the worm continues to spread to the infected user's contact list. The only difference is that instead of arriving in an email, it comes as an instant message on a chat service.

If the worm hasn't had time to replicate itself onto the computer, the user can change their password on the chat service account to prevent its spread.

While some computer worms require user action to initially propagate, such as clicking on a link, others can easily spread without user interaction. All that's necessary is for the computer worm to become active on an infected system. Once active, the worm can spread over a network through its internet or local area network.

Before the widespread use of networks, computer worms spread through infected storage media, such as floppy disks, which, when mounted on a system, would infect other storage devices connected to the victim system.

Today, USB drives are a common vector for computer worms, as are internet activities such as email, chat and web surfing.

Worms have existed since the beginning of the internet. Several notable cases spread so far that they caused major network and business disruptions.

The Morris worm

The Morris worm was released in 1988 and is widely considered the first computer worm. However, it is better characterized as the first worm to propagate widely on the then-nascent internet.

The Morris worm was the work of Robert Tappan Morris Jr., a Cornell graduate student who was reportedly attempting to enumerate all the systems connected to the internet precursor network, ARPANET.

Targeting vulnerabilities in several different Unix programs, the Morris worm was capable of infecting a system more than once, making it difficult to eradicate before it produced a denial-of-service condition on the infected host. The worm affected as many as 10% of the 60,000 systems believed to be connected to ARPANET.

The ILOVEYOU worm

One of the most damaging computer worms ever was the ILOVEYOU worm. It was launched in 2000 and propagated malware through email attachments that appeared to be text files, scripts run in instant messaging chat sessions and executables renamed with the names of common system files.

ILOVEYOU primarily spread when targeted victims opened an email attachment, and the malware re-sent itself to all the victim's contacts in Microsoft Outlook.

The malware reportedly affected as many as 45 million users after it was released on May 4, 2000, spreading so rapidly that some enterprises, including Ford Motor Company, were forced to shut down their email services temporarily. The worm caused billions of dollars in damages.

Stuxnet

Stuxnet, first identified in 2010, spreads through file-sharing services. Security researchers determined that U.S. and Israeli intelligence agencies created the worm to interfere with Iranian nuclear weapons production.

Stuxnet was introduced via USB drives and took advantage of flaws in the Windows operating system to spread, ultimately causing nuclear centrifuges to malfunction.

WannaCry

WannaCry ransomware uses a worm to infect Windows computers and encrypt files on PC hard drives. It began spreading in May 2017 and affected hundreds of thousands of computers in up to 150 countries worldwide. Targets included large corporations such as FedEx, banks and hospitals. Once the worm locked a PC's files, hackers contacted the owner demanding payment for a key to decrypt the files. However, even after payment, only a few victims were given the key.

Security researchers connected the hack to the Lazarus Group, a nation-state group affiliated with North Korea. While WannaCry caused a significant financial loss for targeted victims, security researcher Marcus Hutchins halted its spread after discovering a kill switch that prevented it from propagating further.

Discover how worms spread through computer networks.

Good cybersecurity hygiene is essential to protect systems from computer worms. The following measures can help prevent the threat of computer worm infections:

Install operating system updates and software patches.
Use firewalls to protect systems from malicious software.
Use antivirus software to prevent malicious software from running.
Never click on attachments or links in emails or other messaging applications that might expose systems to malicious software.
Use encryption to protect sensitive data stored on computers, servers and mobile devices.

Although some worms do nothing more than propagate to new victim systems, most worms are associated with computer viruses, rootkits or other malicious software that can cause additional damage and risk.

Business leaders might struggle to detect the presence of a security incident such as a worm. Signs that indicate a worm might be present include the following symptoms:

computer performance issues over time, or limited computing bandwidth with no apparent explanation;
the system freezing or crashing unexpectedly;
unusual system behavior, including programs that execute or terminate without user interaction;
unusual sounds, images or messages;
the sudden appearance of unfamiliar files or icons, or the unexpected disappearance of files or icons;
warning messages from the operating system or antivirus software; and
email messages sent to contacts that the user didn't send.

Removing a computer worm can be difficult. In extreme cases, the system might need to be reformatted, requiring a user to reinstall all software.

When beginning an incident response, security teams should use a known safe computer to download any required updates or programs to an external storage device and install them on the affected machine.

If it is possible to identify the computer worm infecting the system, specific instructions or tools might be available to remove it without having to wipe the system entirely.

Disconnect the system from the internet or any wired or wireless network before attempting to remove the computer worm. Also, remove nonpermanent storage devices, such as a USB or external hard drive, and scan them separately for infection.

Once the system is disconnected, do the following:

Update all antivirus signatures.
Scan the computer with the up-to-date antivirus software.
Use the antivirus software to remove any malware, malicious code and worms it finds, and clean infected files.
Confirm that the operating system and all applications are up to date and patched.

Organizations must protect their computer systems from worms because these programs can damage systems and compromise sensitive information. Security teams can regularly update antivirus software, use firewalls and encrypt sensitive information to reduce their organizations' worm infection risk. In addition, business leaders can train employees on security best practices to create a human firewall.

Page 2

Content collaboration platforms enable organizations and their employees to manage their files, streamline processes and maintain a smooth workflow from conception to delivery.

Over the last couple of years, content collaboration software has gone from nice-to-have to absolutely must-have in technology stacks. Driven by an abrupt shift to remote work in 2020, wider acceptance of hybrid and remote work environments, and the addition of social software as a feature, the market is expected to experience rapid growth.

Content collaboration software helps teams to upload and organize content, facilitate file sharing and perform simultaneous workflows. It's typically cloud-based and supports project management, workflows, information management, analytics and version control.

Most content collaboration platforms share similar features, such as the ability to upload and share documents, annotate documents, chat and leave comments. Modern tools also have expanded to include mobile apps for iOS and Android devices and APIs to integrate with third-party extensions and software. The critical features organizations should consider when choosing content collaboration software include the following:

Real-time editing and commenting. Regardless of physical location, multiple individuals can work on a document simultaneously, streamlining workflows and improving efficiency for deliverables.
Version control. If someone accidentally deletes important information in a document, version control allows users to restore previous versions. Some content collaboration platforms also include the ability to track who made changes so users can easily discuss any changes.
Security. While some industries, such as healthcare and finance, are tightly bound by regulators to protect data, every organization must consider security when choosing a content collaboration platform. The security features can include encryption, multifactor authentication and role-based access to minimize damage if a user's credentials are compromised.
Integration with other tools. Usually accomplished with APIs, integration can enable organizations to connect their systems to help improve processes.

Content collaboration technology continues to grow and advance, giving organizations several avenues to improve their work.

While there are many content collaboration platforms to choose from, the choice depends on the organization's needs. For example, a company may be more interested in a platform that has strong project management or security features to protect highly regulated and sensitive data.

Ten enterprise content collaboration platforms have risen to the forefront of the industry as the most popular based on several professional and user reviews.

Google Drive is a cloud-based component of Google Workspace that allows users to collaborate on projects using tools from Google's app suite -- Docs, Sheets and Slides -- and other file types like Word documents, PDF files, CAD files or images. Users can leave comments, tag other users and search using Google's technology to find files.

Individual users have My Drive, which lets the owner choose who to share files with. Alternatively, a project manager or designated employee manages the shared drive and determines the content recipients and their access levels.

Users from Capterra say that Google Drive integrates well with other applications, is easy to use for real-time collaboration and provides good customization options. Still, some have reported that Google Drive needs better encryption, and that version control can be tricky.

Google Workspace starts at $6 per user, per month for the Business Starter plan.

While best known for its file storage capabilities, Dropbox is also a content collaboration platform. It supports integration with tools such as Zoom and Slack, includes project management functions such as assigning tasks and creating workflows, and allows for annotations on documents -- whether they are PDF, Microsoft Office or image files.

Regular Dropbox users cite its strong security and search features, while some caution that it also has long sync and update times and that customizing the workspace is difficult.

Pricing starts at $15 per user, per month for the Standard team option.

Box is a cloud platform that enables file sharing and collaboration through user-created workflows and project management tools, including tagging other users and annotating documents. Like Dropbox, Box also has integrations with more than 1,500 apps and offers a developer platform for custom integration.

Through a partnership with Adobe, Box provides users with PDF tools that include creating and adding electronic signatures to PDFs, enabling users to complete more tasks within Box rather than switching between browsers. However, Box doesn't include end-to-end encryption, and the time to upload files can be slow.

Pricing for the introductory Business plan currently starts at $15 per user, per month with a minimum of three users.

Microsoft 365 is a suite of productivity applications that includes OneDrive, a Microsoft cloud storage service with file-sharing capabilities. Through Microsoft 365, users can share and collaborate on files inside and outside their organizations, while OneDrive offers access control, real-time data synchronization and version control.

Unsurprisingly, OneDrive integrates well with other Microsoft 365 products, allowing users to edit documents in real time and receive automatic notifications about changes even if they have logged out of the portal. Google Android and Apple iOS users can also access content via mobile apps, helping users continue working on documents, regardless of where they are.

Users can generate links to content they send through email or the OneDrive menu. These links are convenient but can also be a security liability. To combat these concerns, Microsoft allows owners to expire links after a specified amount of time and retract links to avoid long-term access.

Microsoft 365 with OneDrive starts at $6 per user, per month.

Zoho WorkDrive is another content collaboration platform that includes a suite of productivity apps -- Writer, Sheet and Show. The platform supports offline work, with any changes syncing to the team folders as soon as there is internet access. Users can set permissions by role and control who can view or download files.

User reviews often cite Zoho WorkDrive as a good alternative to Google Drive and praise its integration with other Zoho products. However, some user reviews mention that file uploads can take a long time and that customer support isn't as responsive as they'd like.

Pricing for the Starter option is $2.50 per user per, month for three users.

Citrix ShareFile allows users to create workflows, co-edit documents, collect real-time feedback and gather e-signatures. The platform can restrict documents to view-only and provides click trails so that users can see who was in the document when.

According to users, it's relatively easy to integrate with Microsoft products and collaborate outside the organization. But Citrix ShareFile doesn't integrate well with non-Microsoft products, and some users indicate that support can be slow to respond.

Pricing for the Standard tier is $50 per month for five users, with an additional $9.90 per extra user.

Bitrix24 combines tools like customer relationship management, file storage, kanban boards, workflow automation and document sharing into its content collaboration platform. Bitrix24 Drive supports third-party integrations with other tools such as Box, Dropbox and Google Drive, allowing real-time editing and collaboration.

The most given strength of Bitrix24 is its project management tools, and using it has made it easier for some to communicate internally. However, others caution that the user experience is difficult, particularly because some tools are hard to find.

The Basic plan for Bitrix24 is $49 per month for five users, but a free option exists with a limited tool set and a reduced online storage capacity.

Promoted as a knowledge sharing platform, BoostHQ has the hallmark tools and features of a content collaboration platform. Its tool set includes file and content sharing, the ability to organize content based on customized groups, categories and tags and an online learning community that lets users start discussions and upvote comments on a piece of uploaded content. Users call out its integration with Google Docs and its Chrome browser extension that lets users share web content with teammates.

Users on Capterra acknowledge the platform's shortcomings in accessing content offline and that the Q&A feature isn't mobile-friendly.

Pricing for the Lite, Professional and Enterprise plans is available upon request.

Amazon WorkDocs is a content collaboration platform that provides version control, comments, notifications and the ability to request feedback from other collaborators. It integrates with Microsoft Office for editing and uses Hancom Office Online to enable real-time file creation and editing.

While the platform offers several key features, many reviews on Gartner and G2 caution that when using the desktop app, the cloud version may crash, creating conflicting versions of files.

Amazon WorkDocs pricing depends on the number of active users and the region. According to AWS, though, WorkDocs costs $5 per user, per month in most areas.

Egress Secure File Sharing and Collaboration allows users to set up secure workspaces and create secure zones to organize content. It provides real-time file editing and annotation and enables system administrators to set retention policies. Egress also tracks all admin activity and creates audit logs.

Customer testimonials from Gartner and Capterra say Egress provides a seamless installation, is easy to use, and users are impressed with the level of security. Other users caution that the interface can feel outdated, and the platform is a little slow on startup.

Pricing is available upon request.

Page 3

The future of work is distributed. This means securely collaborating and sharing content is now a standard requirement in the enterprise.

Protecting corporate information used to be easy. Everyone worked in the office on company-issued desktops. The corporate network was walled off, with only a select few permitted to access the VPN. Over time, however, laptops became the standard-issue computer. When the COVID-19 pandemic hit, working outside the organization's physical network became the default, not the exception.

Organizations that used only email for collaboration and sharing have come to see the flaws inherent in relying on email. Every organization needs a secure tool to collaborate and share files with clients, partners and themselves. These file sharing best practices can help organizations implement collaboration in a way that protects important data and promotes productivity.

The first step in a file sharing strategy is understanding how to ensure security. Security best practices have evolved over time and continue to evolve. Replacing overly complex passwords with longer, simpler passphrases has helped, but organizations need to do more.

1. Pick a password manager

The average person has a lot of passwords to track across both work and personal accounts. People often have several passwords just for a variety of business tools, and not all of them are tied into single sign-on. A password manager can help users track their work passwords so that each one is secure and unique. If the organization requires them to change their passwords regularly, a password management tool is even more of a necessity.

Multifactor authentication helps ensure that file sharing is secure.

2. Use multifactor authentication

Solid password management is not enough when it comes to file sharing best practices. If a person's email account is hacked, it allows hackers to reset those secure passwords. Requiring multifactor authentication (MFA), especially from outside the organization's network, protects the company's information assets. Any approach to sharing files that doesn't support MFA is not secure enough.

3. Audit access privileges

Tracking authentication and access to key systems is important. Not everyone needs full access to everything. When organizations grant more access than the employee needs, it increases the risk of a security breach, whether by a hacker or an insider -- even accidentally. Identifying and right-sizing the access employees have is a key file sharing best practice.

4. Use encryption

Encryption is critical. Most organizations recognize the need to encrypt information as it moves between systems. That same information needs to be encrypted at rest. That includes employee laptops, because many file sharing tools have sync-and-share features that store local copies of data. Syncing is a very useful feature, allowing for offline access and rapid access to files, but it also increases risk if a laptop is lost or stolen. Encrypting file storage both on the back end and the end-user device is a must.

Once administrators understand the basic security requirements, the next step is to determine the right file sharing tool for an organization.

5. Adopt SaaS

Cloud services are a quick and easy way to begin securely collaborating and sharing files. Most SaaS tools provide the necessary security features, and they have large teams dedicated to providing security at scale. There may be challenges if an organization is spread over multiple countries with different privacy laws, but most large providers can help address those needs. Security is the top feature of these providers as they are only a data breach away from losing the trust of their customers. Options include Box, Dropbox, Egnyte, Google Drive, Tresorit and many others.

6. Use a VPN

A secure connection to the network for employees who are not in the office is a must. Even when deploying a SaaS tool for file sharing, there is always legacy information on internal networks that employees may need to access. VPNs protect that information from external networks that are not safe. Even an employee's home network is populated with devices that would not pass a cursory security check.

A VPN can help protect information that employees share from outside the corporate network.

Structure ensures that people can find information they need in the future. While it is easy for everyone to recall where last week's analysis is located, finding it a year later is harder. Search capabilities have come a long way, but imposing some high-level structure to file sharing and collaboration will pay dividends in the long run. Additionally, a structure allows administrators to grant more granular access rights to users. These methods of organization are a critical component of file sharing best practices.

7. Create the top-level structure

Organizations should create purpose-centric areas within their collaboration and file sharing tools. Every team has a different way of thinking and working, so IT needs to help users think through the structure of their file sharing. Administrators should do this for the first one or two levels of the folder structure. This technique creates some consistency across all collaboration areas and makes each group think about what they are trying to accomplish. IT can then structure access rights according to these folders. It is important for IT to not dictate the structure, however; when IT tries to get into the mind of the business, the result is often a poor user experience.

8. Set shared links to expire

A link is a quick way to share and grant permission to a file or a folder. Sharing a link should be easy because it prevents users from extracting information from the system for sharing purposes. However, when sharing outside of the organization, links should not last forever. External users do not need permanent access to any part of the organization. Setting expiration defaults for shared links ensures that external users do not have access to information after their need ends. If those external parties need extended access, employees can make active decisions to grant access for additional time instead of passively granting access forever.

9. Implement records retention policies

Every file is a record. Some records are trivial and can be disposed of quickly, like a company picnic announcement. Others, such as the annual budget, need to be kept around longer. IT must align records retention policies with both business and regulatory needs. Once an organization no longer needs certain information, remove it. That limits the scope of any data breach. The most valuable information is often the most recent, but there is no reason to unnecessarily expand your organization's risk profile.

Every employee needs basic training on security risks.

It is important to work with users to ensure that IT understands their needs and that employees understand their own responsibilities when it comes to file sharing best practices. That means communicating early and often with updates about progress, delays and anything that may affect users. This communication should include emails, meetings with open dialogue and most importantly, training.

10. Hands-on initial training

Every employee needs basic training on security risks. People need to understand the concerns and why simply collaborating through email is not secure. It is important to make sure that employees fully understand how file sharing tools can help meet their needs.

11. On-demand training

Many people take a training course and forget significant pieces of information. When it comes to using enterprise software, that is a problem. If an employee cannot recall how to do something, they will look for ways around the secure tools. Having quick tutorials available on demand can mitigate some of that risk.

12. Refresher training

The last thing most people want is more mandatory training. However, when it comes to security, regular training is the best approach. The security landscape changes all the time; helping staff understand the latest security risks is important to prevent accidental breaches.

Following these file sharing best practices can help ensure that collaboration is efficient, organized and secure. But the most important part is to ensure that the tools makes things easier for people, not harder. Many organizations impose too much security and structure on their tools. This can force employees to find easier ways to collaborate, regardless of the security risks. Remember, if a system is too hard to use, people will find another way -- and that way will likely not be secure.