Data Loss from Malware: What It Is and How to Stop It

Picture of David Mezic

David Mezic

Chief Technology Officer @ Invenio IT

Published

data loss from malware

Data is a valuable commodity, and cyberattackers have refined their techniques for accessing, stealing, and removing it. One of their preferred methods is malicious software, better known as malware, which is designed for the sole purpose of disrupting normal computer, network, and server operations. When a business experiences data loss from malware, it can have far-reaching consequences from a financial, marketing, and even legal standpoint. To mitigate the risk of an attack, it’s important to first understand what malware is and how it works.

What Happens to Data During a Cyberattack?

Although a small number of cyberattackers wreak havoc for fun or out of curiosity, they generally have more insidious goals in mind. Surveys have found that 96% of external agents are motivated by financial or personal gain, but how exactly does that play out in practical terms for your business? During an attack, your data is susceptible to being stolen, released, removed, or altered, all of which can ultimately result in data loss.

Data Exposure & Theft

In many cyberattacks, bad actors attempt to access and steal data and hold it captive, release it to the public, or sell it to other bad actors. Each of these scenarios is potentially devastating for an organization, which could face not only long-term reputational damage but also potential fines due to violations of privacy regulations.

Most businesses have at least some data that could be potentially disastrous if it fell into the wrong hands. For example, 84% of data breaches involve payment card data, and 32% include personal identifying information like social security numbers. Cyberattackers can do significant damage and make substantial financial gains when they have your customers’ payment card information at their fingertips.

Data Deletion and Modification

Theft and exposure aren’t the only possibilities when it comes to unauthorized data access. Hackers can also remove or alter data. This might not seem as profitable an option as stealing data outright, but data manipulation gives cyberattackers a considerable amount of control. Consider these possibilities:

  • Hackers access banking or financial accounts to change payment destinations and amounts, effectively rerouting the money to themselves.
  • Cyberattackers make innocuous-looking microcharges to credit card accounts using a valid business name, accumulating thousands of small charges over an extended period of time before attracting any attention.
  • Bad actors hack into legitimate public websites and insert links to malicious files and pages, causing site visitors to unknowingly download malware onto their systems.

None of these instances are likely to lead to large immediate payouts, but they do make it possible for criminals to forge a path toward long-term financial gains.

What Kinds of Malware Cause Data Loss?

Malware isn’t a one-size-fits-all enterprise. There are many different varieties available for particular platforms and outcomes, and some are unlikely to result in data loss. For example, cryptojacking and adware can be annoying, harmful, and even costly, but, on their own, they do not pose a high risk to your data. Other forms of malware, however, are commonly leveraged as a means of achieving data access.

Denial of Service

A Denial of Service (DoS) attack isn’t actually a type of malware but rather a form of attack that leverages malware to achieve a unique intent. During a DoS event, the attackers attempt to shut down a machine or an entire network, rendering it inaccessible to typical users like employees and customers. DoS attacks often involve high-profile targets, like banks, retailers, media companies, and government agencies.

During these incidents, the attackers typically either send an overflow of traffic to the target or attempt to crash it directly with malicious data packets. One of the most common methods of carrying out a DoS attack is called a buffer overflow attack, in which the attackers intentionally overwhelm the capacity of a network address in order to disable it. On a larger scale, attackers also employ Distributed Denial of Service (DDoS) attacks that involve not just one point of attack but several. Multiple systems coordinate a synchronized DoS attack against a chosen target.

It’s important to note that a DoS or DDoS attack doesn’t necessarily mean that you will lose data. However, there are several potentially damaging outcomes that can occur:

  • Businesses can experience long periods of downtime that cost an average of $40,000 per hour. 
  • During the DoS attack, bad actors can detect other vulnerabilities to exploit.
  • The interruption in service is generally abrupt, meaning that data that has not been recently saved or backed up can be lost.

Although the number of DDoS attacks has shown recent signs of a decline,  a recent report from Kaspersky found that 45.95% of these attacks occurred within the United States, a clear sign that businesses can’t afford to let their guard down.

Trojans

Trojan malware disguises itself so that it can hide within your device or network without getting noticed. From the outside, it looks like a typical file, but dig a little deeper and you’ll find that it’s actually there to do as much harm as possible. Depending on their design, Trojans can have the capability to:

  • Damage your files
  • Monitor user activity
  • Open up backdoor access points
  • Redirect traffic
  • Steal, delete, block, modify, copy, or leak data

According to 2019 data, Trojan horse attacks account for nearly 65% of all malware on Windows systems.

Spyware

Spyware doesn’t pose as much of a threat as the other forms of malware on this list, but it’s still worth mentioning. Like a Trojan horse attack, Spyware hides in plain sight on your device so that it can monitor what you’re doing and steal sensitive information like login credentials and banking details. While it’s extremely common, spyware doesn’t pose a direct threat to your data. It does, however, expose information that could potentially be used for future cyberattacks involving data loss. It only takes one employee’s credentials to infiltrate an entire system, after all.

Hijackers

Like Spyware, hijacking malware is unlikely to cause immediate data loss, but that doesn’t mean it’s not dangerous. With this form of malware, attackers can modify internet browser settings, such as changing the home page or default search website. While this in and of itself may sound relatively harmless, imagine that hijacking malware directs your employees to a malicious destination, where at least one person is duped into downloading a file. What follows could be something as serious as a ransomware attack, as the hackers make use of that downloaded file to infect your system and hold your data hostage.

Wiper Malware

As the name suggests, the goal of wiper malware is to wipe out or erase data. Recent studies have found a dramatic increase in the presence of wiper malware, and much of it is associated with Russia’s invasion of Ukraine. In the first six months of 2022, experts detected a minimum of seven major new wiper variants used to target private, government, and military organizations, a number that rivals the total number of new wiper variants detected in the past ten years. These new variants have primarily been deployed against Ukrainian infrastructure, initiating a dangerous form of cyber war.

Ransomware

In the modern business world, ransomware is likely the best-known (and most feared) form of malware. Ransomware attacks encrypt an organization’s data and demand a ransom in exchange for the decryption key. Ransomware has become an especially widespread and harmful problem, with a 2021 report by Cisco showing that 50% of organizationsencountered ransomware-related activity.

Likewise, a 2022 report from Verizon showed a 13% increase in ransomware breaches in the previous year, more than the prior 5 years combined. The rise of ransomware is particularly concerning because they are so expensive for businesses, averaging $4.54 million in costs in 2021.

How Does Malware Infect a System?

Cybercriminals are savvy when it comes to finding ways to infect your device or network. All they need is for a single individual to download a malicious file, and they have effectively gained an entry point into the system.

One of the most common means of attack is phishing. These scams involve sending out emails or text messages to unsuspecting individuals and directing them to download a file, enter credentials, or click on a link, all of which could open a doorway to malware.

While phishing seems too obvious to be successful, in reality, cyber attackers carefully mask their destructive intentions with slight modifications to URLs and email addresses, and they’ve become quite adept at it. In the United States in 2020, 74% of organizations based in the United States experienced a successful phishing attack. Phishing was also the most common type of cybercrime reported to the U.S. Internet Crime Complaint Center in 2021, affecting approximately 324,000 individuals.

How Big a Threat Is Data Loss from Malware?

Data loss of any kind is bad news, and the same is true when malware is the cause. Data breaches can cause revenue losses, penalties, and reputational damage, not to mention the cost of data recovery. The average cost of a data breach in the United States was $9.44 million in 2022, with the global average hitting $4.35 million. For organizations large and small, the cost of data loss can quickly become unwieldy or even debilitating, potentially causing a business to close its doors permanently.

While ideally there would be a light at the end of the tunnel, the reality is that malware isn’t going anywhere anytime soon. If anything, the world is becoming more saturated with new malware variants than ever before, as these statistics make resoundingly clear:

  • AVTest registers nearly 8.5 million new malware and potentially unwanted applications (PUAs) every month.
  • The world saw a 42% global increase in cyber attacks in the first half of 2022, with ransomware as the primary threat.
  • The total number of new malware detections worldwide reached 677.66 million, as of March 2022.

The number of data breaches in certain sectors is also on an incline. Over the past several years, the healthcare industry has seen a steady rise in the number of data breaches in the United States involving the loss of 500 or more records. In 2021, healthcare organizations experienced a record-breaking 712 data breaches.

How Can Businesses Prevent Data Loss from Malware?

More than 30% of data breaches involve some form of malware, which means that ensuring long-term business success requires facing the threat of malware directly. Fortunately, there are many actionable strategies that organizations can employ to lower the risk of a malware infection and the data loss that could result from it.

Implement Data Security Solutions

Protecting property sometimes requires bringing in a third-party service. In the same way that you might install security cameras to catch a porch pirate taking packages from your front door, you can make use of data security solutions to protect your organization’s sensitive information. Considering how high the stakes are in terms of data loss, it’s important to use business-grade solutions for your data security, including anti-malware and anti-virus services that can identify and block malicious content.

Setting up a firewall and spam filters is equally essential to lowering the risk of malware. Firewalls can block traffic from known malicious IP addresses, and an additional firewall appliance can enhance this protection even further. Spam filters may not catch every questionable email that enters your organization’s inboxes, but they will thin them out considerably.

Safeguard Data

Data security is hardly a new concept. Just as a filing cabinet has a lock and key, you can be strategic about keeping your business’s data safe:

  • Categorize data by organizational value and unit and keep the different groups separate.
  • Attackers commonly hide malware in Office files, so disable macros and use file preview functions to help prevent the malware from installing if the user attempts to open a file.
  • Use application whitelisting that allows only authorized software to install or open.

Instituting these practices can go a long way toward keeping your data safe from threats like malware.

Address the Human Element

According to a survey by Verizon, 82% of data breaches in 2021 involved action on the part of an individual within the organization, such as clicking on a phishing email, misusing data, or inadvertently exposing information. The only way to decrease the frequency of events like these is by implementing a thorough system for all employees. This might include:

  • Training: Regularly educate employees on how to spot malicious emails, text messages, and websites.
  • Passwords: Implement strict password policies that require unique character combinations, and, if possible, use multi-factor authentication.
  • Privileged accounts and access controls: Limit file access to what employees actually need rather than granting widespread authorization for everything.

While some degree of human error is inevitable, implementing sound practices can help significantly reduce the likelihood that your business will fall victim to malware and other types of cyber attacks. Recent events with Uber serve as an excellent example of why these measures are so important. In September 2022, a cyber attacker reportedly purchased an Uber contractor’s corporate password on the dark web and tried to use it to log in. Although the system had multi-factor authentication, the contractor eventually approved the login after multiple attempts on the part of the attacker. As a result, many of the company’s internal systems were compromised.

Stay Up-to-Date

Cybercriminals take full advantage of out-of-date systems. Shut down these opportunities before they have the chance to begin by regularly patching your operating systems, software, and firmware. By the same token, keep your malware and virus protection services up-to-date so that they can recognize newly discovered strains.

Back-Up Everything

Data backups are critical to a business’s ability to successfully survive and recover from malware attacks. For example, if your organization should fall victim to a ransomware attack, a backup can empower you to refuse to pay the ransom and help ensure that you are able to restore as much of your data as possible. Even when businesses pay the ransom, they only recover 61% of their encrypted data, on average.

Fortunately, there are excellent backup solutions available on the market for organizations of every size and industry. The best of them include features like ransomware detection, which further supports the endeavor to avoid malware infections. Large enterprises can find solutions with maximized storage capacities, while smaller businesses can invest in affordable products with more limited storage but equally impressive security features.

How Can Businesses Learn More about Malware and Data Loss?

Today’s businesses are inundated with cyber threats, and this constant state of anxiety can eventually lead to exhaustion. It’s tiring to remain vigilant against malware and other cyberattacks, but it’s well worth it in the end. A recent study found that 48% of organizations detected information-stealing malware activity on their systems, and this doesn’t account for all of the organizations that have experienced malware infections without knowing it. To learn more about choosing the right data security and recovery solutions for your business, reach out to the experts at Invenio IT.

Get the Ultimate Guide to Data Loss Prevention & Recovery for SMBs
Invenio it logo

Join 23,000+ readers in the Data Protection Forum

Related Articles