Destructive malware continues to be a major problem in 2019, and it will continue to pose a problem in 2020. However, malware continues to evolve, offering challenges to internet users.
“Malware” is best defined as any malicious bit of code that is intended to create havoc on your computer or mobile devices. Malware can also be thought of as a constant game of back-and-forth between cybercriminals and IT cyber security professionals.
While there have been new developments in anti-malware protection, malware itself has continued to evolve, much like a nasty flu virus evolves to evade being killed by last year’s flu shot.
Here are the highlights of the world of malware that caused data security breaches in the past year.
1. Consumer Threat Detections Are on the Decline While Business Detections Are on the Rise
Malwarebytes’ “2020 State of Malware” report indicates that there is an increasing tendency for the latest malware to be targeted at organizations rather than consumers.
While overall threat detections fell by 2% in 2019, business detections increased by 13%. Overall, threat volume increased only 1% year-over-year.
2. The Number of Websites Serving Up Malware Continued to Fall During 2019
The number of websites serving up destructive malware programs continued to fall during 2019, reports Google. The number of infected sites containing code that installs malicious code on a visitor’s computer fell throughout both 2018 and 2019.
3. Phishing Sites Have Become a Popular Attack Method
While the number of websites serving up malware fell last year, phishing sites were on the rise.
Phishing malware sites are usually designed to resemble commonly visited websites, such as PayPal, bank websites, online shopping sites and social sites. They are intended to trick users into giving up information, such as logins and passwords, bank account or credit card information, or other valuable security information.
Phishing attacks related to websites are many times initiated by hackers’ use of emails and online ads, which include links to the phishing sites, where the actual phishing takes place.
Anytime you see a message from a website asking for personal information, be extremely wary. Never supply any information before confirming that the website is legitimate.
4. The Latest Malware Variants Are Shrinking in Number Year-Over-Year, But Are More Targeted
Sonicwall reports that its Capture Advanced Threat Protection (ATP) cloud sandbox service discovered nearly 440,000 malware variants in 2019 (1,200 per day), identifying 153,000+ never-before-seen malicious software variants.
Cybercrimials formerly took a scattershot approach to attacking victims, but have now begun targeting weaker victims that are more prone to fall for their tactics. This has led to Sonicwall’s seeing a 6% year-over-year decrease in malware attacks and the associated data security breaches.
5. State and Local Governments Are Attractive Targets
In 2019, highly targeted malware infections took down email, websites, phone lines and even dispatch services, as a number of state and local governments were paralyzed by the cyber attacks.
In May 2019, the city of Baltimore was hit with a major ransomware infection. It took the city 36 days to unlock their systems and their associated data breaches from a hacker’s grip.
The city refused to pay the ransom that the hacker demanded, and instead spent more than $5 million to recover from the attack. The total cost of the ransomware attack is estimated to be around $18 million.
Ransomware demands also continued to grow in 2019, now totalling around $1 billion per year. Ransomware has proven to be far more lucrative than traditional malware packages, encouraging the bad guys to increase the ransom amounts they’re asking. The asking price for ransomware removal is believed to have increased a staggering 93% in Q1 2019.
6. Internet of Things (IoT) Devices Are Increasingly Popular Malware Targets
On an increasing basis, bad actors targeted Internet of Things (IoT) devices like smart TVs, internet security cameras, doorbells, smart refrigerators and other connected devices.
SonicWall Capture Labs threat researchers found a 5% increase in IoT malware, with a total volume of 34.3 million attacks in 2019.
IoT security issues will be on the rise, at least in the short term, due to IoT increasing integration with the cloud, which opens up new ways for bad actors to steal and process personal, networked data.
Money-making IoT attacks will also increase, which could even lead to such situations where owners of remote startable vehicles will be required to pay a ransom to be allowed to start their car.
7. Mac Malware Programs Became Much More Common in 2019
Antivirus app developer Malwarebytes’ “2020 State of Malware Report” reported for the first time ever that Macs outpaced Windows PCs in the number of destructive malware threats per affected device.
Malwarebytes software detected 11 cyber threats per affected device for Mac users (up from 4.8 in 2018), compared to 5.8 threats for Windows users.
Malwarebytes says the top Mac malware threat detected was a family of adware called NewTab, which is installed as a browser extension or as an app. The adware attempts to redirect web searches to earn illicit ad revenue.
8. Fileless Malware Increasingly Targeted Microsoft Office and PDF Documents
Sonicwall reports that bad guys used new obfuscation and bypass techniques to deliver new, more sophisticated malware infections using the popular Office document and PDF document file formats. Office documents (20.3%) and PDF documents (17.4%) represent 38% of new digital threats detected by Capture ATP.
9. Formjacking Is on the Rise
Formjacking is the virtual equivalent of debit card skimming at ATMs and gas pumps. Hackers insert a small bit of malicious code on websites that allows them to steal a customer’s credit or debit card information.
Symantec estimates that cybercriminals were able to steal “tens of millions of dollars” by either using or selling the credit card numbers they stole during 2018. Formjacking targeted numerous big companies, including British Airways, TicketMaster UK, Target, Home Depot, Newegg and many others.
10. Android Malware Continues to Be a Problem
Mobile malware attacks are on the rise. Malwarebytes found that Chinese-made budget Android devices continued to be bearers of pre-installed malware programs during 2020. Adups is a malicious app found on Chinese-made devices, which is used to update the devices’ firmware, but also steals the user’s personal information.
However, U.S.-funded Android phones have also been hit with pre-installed mobile malware. Assurance Wireless by Virgin Mobile offers the UMX U683CL phone. The phone comes with a “Wireless Update” app installed, which is intended to update the device. However, it also installs malicious apps without the user’s consent or knowledge.
Luckily, there are easy ways to tell if your Android device is infected with malware. If you notice an unexplained increase in data usage, a decrease in battery life, an increase in dropped calls, or poor device performance (which can admittedly be harder to detect on cheap low-spec Android handsets), your device may be infected with malware.
What to Expect in 2020
Based on what we’ve seen in the past, here’s what I believe we’ll see in the coming year:
- Malware-infected sites will continue to shrink in number.
- Cybercriminals will continue to target state and local governments with ransomware demands.
- Ransomware demand amounts will continue to increase.
- Malware threats to IoT devices will continue to grow, thanks to the unprotected nature of the devices and their ever-growing numbers.
- Formjacking will continue to pose a problem unless IT cyber security professionals begin paying more attention to the problem.
While I’m not sure what shape they’ll take, I’m certain malware types and digital threats will continue to grow in the future. State-sponsored cyber attacks by such players as Russia, China and North Korea are a definite possibility, especially since 2020 is a presidential election year in the United States.
⭐If I Use Social Media, Am I Vulnerable to Malware Attacks or Infections?
There have been numerous reported attacks on social media networks, like Facebook.
One such attack lured Facebook users in by promising “racy” content to users who clicked a link. A video would play but stop halfway through, prompting viewers to install the Flash Player to continue viewing. The Flash Player was actually malware that infected the user’s computer.
Social media attacks are much harder to defend against than other types of malware attacks, as they are often disguised quite well. This means users must be especially vigilant against such attacks, never following links from unknown parties.
⭐Which Platform Is More Vulnerable to Malware and Other Nasties?
Microsoft Windows is, by most measurements, the most vulnerable platform to malware, viruses and other nasties. One main reason for this is that Windows is the most popular and most widely used operating system in the world. This makes it the prime target for malware and virus authors.
However, it should be noted that the first versions of Windows weren’t exactly hardened against malware and virus attacks, or other security threats.
Later on, Microsoft became much more concerned about the security of the platform, but by then, the damage had been done, and numerous security holes and malware and virus attack vectors had been discovered.
⭐How Prevalent Is iOS Malware on iPhones?
Luckily for iPhone users, there is little to worry about in the walled garden that is the iOS operating system. All apps to be installed on an iPhone (or an iPad) can only be installed from the Apple App Store, where all apps are examined and vetted before becoming available to iPhone users.
Meanwhile, Android phone and tablet users face more of a wild west as far as apps and security go. While apps are examined and vetted by Google before making them available in the Google Play Store, they can also be easily “side-loaded” to a device (meaning they can be installed from sources outside of the Google Play Store).
Also, there are more versions of the Android operating system in the wild than there are of iOS. Many Android devices are still running versions of Android that are several years old, while most iOS devices in use today are running a recent version of iOS. This means that any security holes that have been found in iOS have been fixed on most devices.