In the second of the series of demystifying common types of cyber attack, we look at one of the most detrimental attacks – Malware. Cyber attacks can be very harmful and it’s important to know how to protect yourself and your company from the plethora of emerging threats. In this blog post, we look at one of the most damaging types of cyber attack, known as Malware. 


Demystified – Malware 

What is a malware? 

To understand what malware is, let’s continue the analogy from my first article, Demystified – Social engineering. Think of your company as a fortress, and your data and information as your treasure. Malware is like a hidden bomb within the fortress walls that can destroy everything within its vicinity.  

If you discover malware, you’ll be faced with a difficult decision: pay a large sum of money to defuse the bomb or risk losing everything within the fortress walls. However, paying the attacker is not only illegal but also offers no guarantee that they will hold up their end of the deal. 

In the digital world, malware is any software designed to harm your system, steal data, or allow unauthorised access. It can come in many forms, such as viruses, worms, Trojan horses, and ransomware, and can be delivered through email attachments, infected websites, or physical devices like USB drives. 


How to defend against malware attacks 

So, how can you protect yourself from malware attacks? Just as you would fortify your castle against physical attacks, you need to take measures to secure your digital assets.  

  1. Keep your software and operating systems up-to-date: Regularly updating your software and operating systems can help patch vulnerabilities that could be exploited by malware.
  2. Use strong passwords and two-factor authentication: Strong passwords and two-factor authentication can help prevent unauthorised access to your systems and sensitive data.

  3. Use antivirus and anti-malware software: Installing and regularly updating antivirus and anti-malware software can help detect and remove malware from your systems automatically.
  4. Use firewalls and other security software: Firewalls and other security software help to monitor and control network traffic, which can prevent malware from spreading.

  5. Train your employees to recognise and avoid social engineering tactics: Social engineering tactics, such as phishing emails, are common ways for malware to be introduced into a system. Train employees to recognise and report suspicious activity.

  6. Back up your data regularly: Backing up your data regularly can help protect against ransomware attacks, where attackers hold your data hostage until a ransom is paid.


Just as a castle can be vulnerable to attack despite its defences, a computer system can be breached by determined cybercriminals. By understanding the different types of cyber attacks and taking steps to protect your system, you can minimise the risk of a successful breach and keep your valuable data safe. 


How secure is your castle?  

The Arx platform contains a suite of tools to add to your defence such as employee awareness training, guides and resources and automated scanning. 

If you enjoyed today’s article, please give us a like, share or add your own comments and suggestions on combatting social engineering attacks.  

You can find out more information at or by booking a platform demo here.