Thursday, 28 March 2024, 11:32 AM
Site: Cyber Security Ontario
Course: Cyber Security Ontario (Cyber Security Ontario)
Glossary: English Glossary
M

Malware

Malware:

Malicious software, commonly referred to as malware, is software and/or program code/instructions inserted into a system, usually covertly, with the intention of compromising one or more of confidentiality, integrity, or availability associated with the system or the data it processes. A cyber criminal may use malware to steal information or carry out malicious activities. Malware is an overarching term that encompasses more traditional virus, worm, and trojan software, as well as modern ransomware, droppers/payloads, rootkits, and sniffer/logger threats.

How do you get malware?

The two most common ways for malware to be installed on your device are by accidentally downloading it while trying to download legitimate software, or through a phishing attack. In both instances, there are easy steps to take to protect yourself.

How to protect yourself
  • Be aware of downloads

  • Be vigilant when downloading software, or documents. If you are downloading something from the internet, ensure that you go to legitimate sources. You may also be able to cryptographically validate the source of some software. Cyber criminals can make fake websites that look very convincing. Ensure you always check that the web address (URL) is accurate and look for spelling errors or incorrect logos before downloading anything.

  • Avoid phishing attacks

  • Learn more about phishing attacks and how to avoid them.

  • Install anti-malware software

  • Install and use reputable anti-malware software. Ensure it is set up to automatically scan other software and documents before they are downloaded to your computer. You can also set it up to scan your device at regular intervals.

Multi-factor authentication

Multi-factor authentication (MFA):

Authentication using two or more authentication factors. In other words, two or more pieces of evidence – your credentials – are required when logging into an account.

These credentials (or factors) fall into three categories:

  • Something you know, like a password or PIN

  • Something you have, like a token or an authenticator app on your mobile phone

  • Something you are, as represented by a fingerprint or face scan

Two-factor authentication (2FA) is a form of multi-factor authentication. These terms are often used synonymously.

To be considered MFA, each authentication factor must be from a different category.

Why use multi-factor authentication

Multi-factor authentication is proven to help you, your office network and the enterprise stay safer.

Multi-factor authentication is just as helpful in your non-work life. Service providers, includes banking institutions and the Canada Revenue Agency, encourage you to set up MFA.

While it is not possible to stop all cybercrime, MFA does significantly reduce your chances of being a victim. Your information is safer because hackers would need all your authentication factors in order to log in as you. As some services offer a reset ability to regain access even to MFA-protected accounts, continue to exercise caution regarding unusual activity, unexpected changes to your account or the associated credentials, or access attempts.