What is a malware attack?

A malware attack is when cybercriminals create malicious software that’s unknowingly and unwillingly installed on a device. This software is designed to hack into company or individual systems, usually exploiting IT system weaknesses or human error, to cause damage or access personal data.

These attacks usually happen by tricking people to click on links and download malware directly onto their devices. This can be achieved through phishing emails appearing to be from someone you know – for example, a customer, a vendor or even a supplier. The use of phishing attacks and malware are now considered common threats across businesses of all sizes. Our 2022 Cyber Readiness Report found 48% of companies reported a cyber attack in the last 12 months, up 5% from 43% last year[1].

What can happen if there is a malware attack?

Malware can affect both physical devices and online systems. The malicious software can cause harm in numerous ways, as outlined by the National Cyber Security Centre (NCSC) (external link)[2]:

  • Damage to devices and systems – for example, using viruses to prevent laptops and servers operating correctly
  • Accessing, altering, or deleting sensitive data – malware can gain access to customer, client, and employee information
  • Hijacking devices – some types of malware can even control personal devices
  • Locking people or companies out of systems – locking people out of systems can cause major issues to business operations.

What are the three types of malware attacks?

Malware describes three types of attack: ransomware, viruses, and worms. 


This type of malware locks people and companies out of devices. It holds sensitive data and system access to ransom. The people behind ransomware attacks often ask for money in exchange for releasing the data they’ve managed to access. Increasingly, cyber criminals are exporting network data, encrypting it and demanding a ransom payment for its restoration.

One of the most common ways for this malware to enter a system is via people opening links or attachments in phishing emails. These emails may appear to come from a colleague or organisation you trust but could be loaded with harmful malware.

Learn more about ransomware


Viruses are types of harmful software that infect devices and affect how technology operates. They are usually accessed as attachments and clickable files that are sent in phishing emails. They are also found on non-reputable sites.

Viruses act quickly and are embedded onto a device as soon as the malicious file is opened. They are named as such due to their ability to spread among devices and continue infecting systems.


Worms are used to hijack devices and systems by self-replicating and, like viruses, spreading and infecting other computers. This type of malware remains active on the original infected device, even after it has spread.

Worms find weaknesses in systems and exploit them, whether a company has poor anti-virus software or weak data security systems. They can affect device speed, delete files, and commonly use up substantial server space.

Why do cybercriminals use malware?

Malware is an incredibly adaptive way to access data and damage systems and devices. Online security giant McAfee (external link) says cybercriminals often utilise ransomware, viruses, and worms for the following reasons[3]:

  • Identity theft – by accessing sensitive personal data, hackers can easily steal personal information and assume the identity of an individual or company
  • Credit card fraud – by hacking into banking accounts or data storage, criminals can access credit card information and use it to make often-substantial purchases
  • Cyber attacks – this can see data accessed, altered, leaked, and/or deleted, damaging devices and systems, and severely impacting business operations
  • Mining bitcoin – ‘cryptojacking’ involves accessing a device and using it to mine bitcoin, while the owner remains completely unaware.

How to avoid a malware attack

There are many ways you can help to prevent malware attacks. With the average IT budget in 2022 sitting at $22.76 million[4], it’s clear businesses of all sizes have cause to prepare. Here are just a few ways you can do so.

Update your software

Google advises you to ensure all your software and security systems are up to date[5]. This helps to add an extra wall of protection against malware attacks. It’s often the case that newer updates come with added security features that can help protect devices against viruses.

Back up your files

More back-ups mean quicker attack recovery time if important data is lost or altered. With this in mind, don’t just create back-ups and store them in the same place as the original documents. Store them in secure, offline facilities not connected to your main server, advises the NCSC. For example, hard drives or USBs.

Filter your incoming emails

Email filters can identify suspicious-looking messages that may contain malware, such as phishing emails. Such specialised software has the authority to filter communications and move ‘red flag’ emails to another location (i.e. a ‘spam’ folder). The software can add a warning label to all external emails, to ensure employees remain aware.

Use a VPN 

A VPN doesn’t protect you from malware itself. However, it can encrypt and hide sensitive information – such as your IP address, geo-location, and online traffic data. If you succumb to an attack, it this information which may be held to ransom. VPNs shouldn’t be used in place of antivirus software, as each protects your details in different ways.

Patch vulnerabilities

Malware finds its way through weaknesses and insecurities in systems, so patching these holes is vital to your cyber defences. Almost 60% of data breaches caused by a cyber attack could have been prevented with the correct patches installed, according to research[6]. It’s a good idea to run patches regularly and after updates, so bugs and security flaws are identified and fixed as soon as possible.

Educate your team members 

Malware is often hidden in phishing emails. Due to this, it’s a good idea for employees to be educated on not only the risks of malware attacks but also how to spot attempts and malicious software hidden in communications.

Training employees on phishing and GDPR best practices can help to keep sensitive data out of the wrong hands.

Phishing attacks – common FAQs

How do you handle a malware attack?

If you’ve identified an attack in your organisation, there are ways in which you can tackle the breach and begin repairing and recollecting what’s been lost or damaged, as outlined below by the NCSC.

Step 1 - Disconnect

As soon as you identify an attack, disconnect all devices from all networks, including wired and wireless connections. You may even want to turn off Wi-Fi entirely.

Step 2 - Reset

Next, it’s time to reset all your log-ins for accounts, servers, and devices. This may be difficult to orchestrate on a larger scale, but it ensures hackers no longer have access to relevant credentials.

Step 3 – Clean

Next, wipe all the devices infected by the identified malware. Here, your back-ups will come in handy - once everything is up and running again. Before you do this, however, make sure your backup files are also not infected.

Step 4 – Reinstall

Once this is done, and you’re satisfied everything is safe and clean, reinstall any operating systems on the wiped devices. Make sure the network you use is also safe and the OS is up to date before anyone begins to use it again.

Step 5 – Prevent

Install reputable antivirus software capable of protecting all the required devices and ensure it’s kept up to date. Regularly run scans using this software and monitor all network activity to ensure all devices and networks are safe.

Having insurance cover can also ensure you have help with protection against the financial impact of a malware attack. Hiscox cyber insurance can help with the cost of repairs, data retrieval and with defence against compensation claims.




[1] - https://www.hiscoxgroup.com/cyber-readiness

[2] - https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks

[3] - https://www.mcafee.com/en-gb/antivirus/malware.html

[4] - https://www.hiscoxgroup.com/cyber-readiness

[5] - https://support.google.com/google-ads/answer/2375413?hl=en

[6] - https://www.malwarebytes.com/business/vulnerability-patch-management