Malware is an umbrella term for a wide variety of malicious code/software, designed to accomplish nefarious goals such as providing remote access, loading or dropping additional malware, stealing bank information, encrypting and denying access to data or to hijack a device’s computing power.

Ransomware – the biggest threat?

Ransomware is a type of cyberattack that blocks access to a victim’s data and systems, unless a ransom is paid - usually in Bitcoin or other cryptocurrency. More recently, cyber criminals have also been stealing large amounts of data as part of their attacks in order to add to the threat. Ransomware has become an increasingly frequent and lucrative criminal activity over the past few years, with several recent high-profile cases demonstrating the impacts it can have on companies.

However, the ransom request is not always the end of the story or the only financial impact. Companies may incur fines if they pay ransom to cyber actors who appear on sanctions lists maintained by the European Union (EU), United Nations (UN), US Office of Foreign Assets Control (OFAC), or any other country. Attributing a ransomware incident to a specific cyber-criminal can be challenging, which in turn makes establishing any regulatory risks even more difficult, causing some victims to turn to specialist cybersecurity firms for assistance. There is also the risk of other regulatory fines where data is impacted or stolen as part of an attack.

In addition to financial impacts, companies that suffer Ransomware attacks also see operational impacts whilst their systems and data are unavailable. Some instances have seen business’ operations disrupted for weeks, if not months, with some not being able to recover at all.


Viruses and worms infect systems, usually with the intention of causing some form of damage or spreading to infect other systems. Once a system has been infected, the virus/worm will copy itself to your files and they are able to replicate across a connected network. More recently, this type of malware has been used to provide a way in for more destructive malware such as Ransomware.


Spyware is a type of malicious software that, once installed on your device, it steals information which usually includes a log of all your activity. It can record screens and even be a key logger which logs all of the keys you enter. This can then provide the cybercriminal with your passwords and user credentials, allowing the criminal to compromise your online accounts.

Protect yourself from Malware

  • Make sure you have the latest security updates and patches

    Weaknesses in hardware and software are exploited by criminals. Publishers release updates/'patches' to fix these and its important to implement these asap
  • Install Anti Virus and Anti Spyware programmes

    There are free and paid for versions available from many reputable companies so there should be a solution for any business, no matter your size.
  • Limit your administrator privileges

    Administrator accounts have greater access on your devices. Limit these to only staff that need it will reduce the risk of malicious software being able to run.
  • Use a firewall

    Helps protect your computer and its contents from outsiders on the internet. When installed and correctly configured, it can stop unauthorised traffic.
  • Restrict file types that can run on your systems

    Blocking file types that you never use will reduce the risk of unauthorised software being installed

Further Resources

Take 5 – Stop, Challenge and Protect

NCSC – National Cyber Security Centre advice and guidance on a range of cyber topics