← Back to Modules

🦠 Module 4: Malware & Ransomware

Learn about different types of malware, how they spread, and how to prevent and respond to infections.

📚 Training Content

What is Malware?

Malware (malicious software) is any software intentionally designed to cause damage to a computer, server, client, or computer network. It's an umbrella term covering many types of threats.

Types of Malware

1. Viruses: Malicious code that attaches to clean files and spreads, corrupting and destroying data.

2. Worms: Self-replicating malware that spreads across networks without human interaction.

3. Trojans: Disguised as legitimate software but containing malicious code. Unlike viruses, they don't self-replicate.

4. Ransomware: Encrypts your files and demands payment for the decryption key. Increasingly common and damaging.

5. Spyware: Secretly monitors your activity and steals sensitive information like passwords and credit cards.

6. Adware: Displays unwanted advertisements, though less dangerous than other types.

7. Rootkits: Gives attackers deep administrative access to your system, very difficult to detect.

8. Keyloggers: Records everything you type, capturing passwords, messages, and sensitive data.

Ransomware: A Growing Threat

Ransomware has become one of the most dangerous cyber threats, targeting individuals, businesses, hospitals, and governments.

How Ransomware Works:

  1. Infects your system (usually via phishing email or malicious download)
  2. Encrypts your files making them inaccessible
  3. Displays ransom note demanding payment (usually in cryptocurrency)
  4. Threatens to delete files or increase ransom if not paid

Why Paying is a Bad Idea:

  • No guarantee you'll get your files back
  • Funds criminal operations
  • Makes you a target for future attacks
  • May be illegal in some jurisdictions

How Malware Spreads

  • Phishing Emails: Malicious attachments or links in emails
  • Malicious Websites: Drive-by downloads or fake download buttons
  • Software Vulnerabilities: Exploiting unpatched security holes
  • Infected USB Drives: Malware spreads when you plug in infected devices
  • Pirated Software: Illegal downloads often contain malware
  • Malicious Ads: Infected advertisements on legitimate websites (malvertising)
  • Social Engineering: Tricking you into downloading/running malware

Signs Your Device May Be Infected

  • ⚠️ Significantly slower performance
  • ⚠️ Frequent crashes or freezes
  • ⚠️ Unknown programs running or installed
  • ⚠️ Pop-ups appearing when browsers are closed
  • ⚠️ Files disappearing or becoming encrypted
  • ⚠️ Antivirus software disabled
  • ⚠️ Unusual network activity
  • ⚠️ Homepage or search engine changed without permission
  • ⚠️ Friends receiving spam messages from your accounts

Prevention: Your Best Defense

  • Keep Software Updated: Enable automatic updates for OS, browsers, and applications
  • Use Antivirus Software: Keep it current and run regular scans
  • Be Skeptical of Emails: Don't open attachments or click links from unknown senders
  • Download Carefully: Only from official sources (App Store, Google Play, official websites)
  • Backup Regularly: Keep offline backups of important data (3-2-1 rule: 3 copies, 2 different media, 1 offsite)
  • Use Standard User Accounts: Don't browse as administrator/root
  • Enable Firewall: On all devices
  • Avoid Pirated Software: Pay for legitimate licenses

What to Do If Infected

  1. Disconnect Immediately: Unplug Ethernet/turn off Wi-Fi to prevent spreading
  2. Don't Pay Ransom: Contact authorities (Australian Cyber Security Centre via ReportCyber, or local police) and cybersecurity professionals instead
  3. Enter Safe Mode: Boot into safe mode for scanning/cleaning
  4. Run Antivirus Scan: Use updated antivirus to detect and remove threats
  5. Change Passwords: From a clean device, change all passwords
  6. Restore from Backup: If you have clean backups, restore your system
  7. Report the Incident: To your IT team and ReportCyber (cyber.gov.au) or contact IDCARE if identity information was compromised
  8. Monitor Accounts: Watch for unauthorised transactions or access

The 3-2-1 Backup Rule

The best defense against ransomware is having backups:

  • 3 copies of your data
  • 2 different types of media (e.g., external drive + cloud)
  • 1 copy offsite or offline

Crucially: Keep at least one backup offline/disconnected so ransomware can't encrypt it.

📝 Test Your Knowledge

Test your understanding of malware and ransomware!

QUESTION 1 OF 4
What is ransomware?
QUESTION 2 OF 4
If you suspect your computer is infected with malware, what should you do FIRST?
QUESTION 3 OF 4
Which is the BEST defense against ransomware?
QUESTION 4 OF 4
How does most malware spread?

Quiz Complete!

0%
Back to Modules