In 2020, an average of 360,000 new malicious files were detected by Kaspersky per day—an increase of 5.2% when compared to the previous year. This was influenced mostly by a large growth in the number of Trojans (malicious files capable of a range of actions, including deleting data and spying) and backdoors (a specific type of Trojan that gives attackers remote control over the infected device): a 40.5% and 23% increase respectively. These were the trends found by the Kaspersky Security Bulletin: Statistics of the Year Report.
Kaspersky’s detection systems discovered an average of 360,000 new malicious files every day over the past 12 months—18,000 more than the previous year (a 5.2% increase) and up from 346,000 in 2018. 60.2% of those malicious files were non-specific Trojans. In general, the percent of Trojans detected increased by 40.5% when compared to the previous year.
There was also a noticeable increase in the number of backdoors detected, as well as worms (malicious programs that self-replicate on your system), written in the VisualBasicScript language and usually belonging to the Dinihou malware family.
On the decline is adware (programs that bombard you with advertisements), which experienced a 35% decrease when compared to 2019.
The vast majority of malicious files detected (89.80%) occurred via Windows PE files—a file format specific to Windows operating systems. At the same time, the number of new malware related to Android operating systems declined by 13.7%.
Given that many people were working and studying from home, most likely on computers and laptops, attackers appear to have shifted their focus to these devices. There was also a 27% increase in the number of different scripts—sent via malicious email campaigns or encountered on infected websites, which could, once again, reflect the fact that people spent more time on the Internet and attackers attempted to capitalize on that fact.
“Over the past year, our detection systems discovered far more new malicious objects than they did in 2019. Due to the pandemic, users from around the world were forced to spend more time on their devices and online,” comments Denis Staforkin, security expert at Kaspersky.
“It’s hard to know whether or not attackers were more active or our solutions detected more malicious files simply because of greater activity. It could be a combination of both. Either way, we have registered a noticeable increase in the number of new malicious files this year, and this will most likely continue going into 2021 as employees continue to work from home and countries implement different restrictions. However, if users take basic security precautions, they can significantly lower their risk of encountering them,” adds Staforkin.
Read more about the annual threat statistics on Securelist.com.
In order to stay protected, Kaspersky recommends the following:
- Pay close attention to and don’t open any suspicious files or attachments received from unknown sources. Double-check the URL format and company name spelling before you download anything. Fake websites may look just like the real thing, but there will be anomalies to help you spot the difference.
- Do not download and install applications from untrusted sources.
- Do not click on any links received from unknown sources and suspicious online advertisements.
- Create strong and unique passwords, including a mix of lower-case and upper-case letters, numbers and punctuation, and activate two-factor authentication.
- Always install updates. Some of them may contain critical security issues fixes.
- Ignore messages asking to disable security systems for office software or antivirus software.
- Use a robust security solution appropriate to your system type and devices, such as Kaspersky Internet Security or Kaspersky Security Cloud. It will tell you which sites shouldn’t be open and will protect you from malware.
The statistics report is part of the Kaspersky Security Bulletin 2020. To learn more about threat predictions for 2021, read our reports, which are available here.
Story of the Year: Remote Work and Advanced Threat Predictions for 2021 are also available on Securelist.com.