What is malware?

The likelihood of malware occurring is very high and the potential scale of damage constitutes an existential threat. This is how the BSI assesses the threat posed by malware in its annual situation report. What exactly is meant by malware and what measures you can take to protect your company are explained on this topic page.

Malicious functions, malicious programs and malicious software are all synonymous with malware. Malware is a made-up word derived from the term "malicious software". It refers to software that has been developed with the aim of executing unwanted and in most cases damaging functions on an IT system. This usually happens without the knowledge of the user.

In principle, malware can be implemented on all operating systems and IT systems. In addition to conventional IT systems such as clients and servers, this also includes mobile devices such as smartphones, or network components such as routers and industrial control systems. Usually, they are designed for a specific operating system version and are therefore mostly written for more common systems and applications.

Malware is often distributed on conventional IT systems via e-mail attachments, manipulated websites (drive-by downloads) or storage media. Open network interfaces, faulty configurations and software vulnerabilities also frequently serve as gateways on all IT systems.

The installed malware can have a variety of purposes: for example, a ransomware encrypts data on an attacked IT system and demands a financial payment from the owner in exchange for decrypting the data. Spyware, on the other hand, attempts to extract information from an IT system.

Documents and recommendations

Below you will find various information and support from the Federal Office for Information Security (BSI) on the issue of malware.
Please note that some of these documents are not publicly available, but require a login to the Alliance for Cyber Security pages.