Is There Really Such a Thing as ‘Harmless’ Malware?

Understanding the risks and different forms in which malware can put your devices at risk.

As the name implies, malware is software designed with malicious intent. Its impact can range from disruption or damage to systems, to data theft or to gaining administrative access to an entire organisation’s network. Whilst the definition of malware is relatively easy to understand, ‘malicious intent’ sometimes isn’t as clear cut as the examples above. As the topic of data privacy continues to dominate the headlines, it is important that we understand how each of us may be at risk.

When adware first emerged, it’s intent was primarily to learn a user’s online habits for the purposes of targeted advertising. Banner displays, videos and pop-up ads are all examples of perfectly legitimate adware implementation, which are at worst mildly irritating. However, as threat actors began to understand the value of information, particularly personal information (see a previous blog post on this topic), the line between legitimate ‘harmless’ adware and malicious spyware began to blur.

Like adware, spyware also monitors the user’s activity, reporting information back to a third party. Some annoying but not too harmful examples of spyware activity include redirecting web browsers and changing a user’s home page with more malicious examples including personal data harvesting. As you can see with just a few examples, it is already becoming difficult to define the distinction between adware and spyware.

Adware isn’t the only type of ‘harmless’ malware that may have infiltrated our systems either. Last year, cryptocurrency mining software was found in the network of a water utility provider in Europe. Although this type of software is not built with the intent of causing damage or stealing data, it does make its operators very rich at the expense of your electricity and computing power. And more worryingly, it indicates a compromised device, begging the question; what else is in our systems that we aren’t aware of?

Thankfully, there are some really simple steps that both individuals and enterprises can take to protect against this type of malware. Prevention techniques include installing ad-blocking or anti-cryptomining extensions on browsers, keeping enterprise web filtering tools up-to-date, using a mobile device management (MDM) solution to protect users’ devices, and providing contemporary security awareness training to your staff.

Detection is much more difficult, however there are plenty of sophisticated network monitoring solutions on the market that can detect ‘cryptojacking’. The important point here though is that an organisation also needs to have the tools and capabilities to analyse and act on the information collected by their monitoring solution.

So although there is clearly a broad spectrum of malware in terms of both intent and impact, even ‘harmless’ malware can cause devastating consequences to your organisation, as it may highlight security flaws that more malicious threat actors could also exploit.  Therefore, it’s vitally important we all understand the risks and put in place the necessary measures to protect ourselves and our organisations!