In 2023, Kaspersky‘s systems detected almost 125 million malicious files. Windows remained the primary target for cyberattacks, with 88% of all malware-filled data seen daily.
The top three threats were malicious families disseminated through various scripts and document formats, accounting for 10% of all detected malicious files.
Kaspersky’s security systems have detected a significant daily increase in malicious files in various document formats such as Microsoft Office, PDF, etc. The number of such files has risen by 53% to approximately 24,000. The increase in these malicious files may be associated with phishing attacks that use PDF files to steal data from unsuspecting victims.
The most commonly found type of malware is trojans. This year, there has been a noticeable increase in the use of backdoors, rising from 15,000 detected files per day in 2022 to 40,000 in 2023.
Backdoors are hazardous trojans as they allow attackers to remotely control a victim’s system and perform tasks such as sending, receiving, executing, and deleting files, accessing confidential data, and logging computer activity.
“The cyberthreat landscape continues to evolve, becoming more dangerous year after year. Adversaries continue to develop new malware, techniques, and methods to attack organizations and individuals. The number of vulnerabilities reported is also growing annually, and threat actors including ransomware gangs use them without hesitating. Furthermore, the entry barrier into cybercrime is now being lowered due to the proliferation of AI, which attackers use, for example, to create phishing messages with more convincing texts. In these times, it is essential both for large organizations and for every regular user to embrace reliable security solutions. Kaspersky experts are dedicated to tackling these ever-evolving cyberthreats, ensuring a secure online experience for users every day and providing vital threat intelligence about relevant threats,” comments Vladimir Kuskov, Head of Anti-Malware Research at Kaspersky.
To stay protected, Kaspersky also recommends users the following:
-
Do not download and install applications from untrusted sources
-
Do not click on any links from unknown sources or suspicious online advertisements
-
Create strong and unique passwords, including a mix of lower-case and upper-case letters, numbers, and punctuation, as well as activating two-factor authentication
-
Always install updates. Some of them may contain critical security issue fixes
-
Ignore messages asking to disable security systems for office or cybersecurity software
-
Use a robust security solution appropriate to your system type and devices, such as Kaspersky Premium.
To stay safe, Kaspersky recommends organizations to:
-
Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.
-
Establish the practice of using strong passwords to access corporate services. Use multi-factor authentication for access to remote services.
-
Choose a proven endpoint security solution such as Kaspersky Endpoint Security for Business that is equipped with behavior-based detection and anomaly control capabilities for effective protection against known and unknown threats.
-
Use a dedicated set for effective endpoint protection, threat detection and response products to timely detect and remediate even new and evasive threats. Kaspersky Optimum Security the essential set of endpoint protection empowered with EDR and MDR.
-
Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors.
The discoveries are based on Kaspersky detections of malicious files from January to October and are part of Kaspersky Security Bulletin (KSB) – an annual series of predictions and analytical reports on key shifts within the cybersecurity world. Follow this link to learn more about other KSB pieces.
Leave a comment