Destructive malware continues to be a major problem in 2024, and it will continue to pose a problem going forward. Malware continues to evolve, offering challenges to internet users.
“Malware” is best defined as any malicious bit of code that is intended to create havoc on your computer or mobile devices. Malware can also be thought of as a constant game of back-and-forth between cybercriminals and IT cybersecurity professionals.
While there have been new developments in anti-malware protection, malware itself has continued to evolve, much like a nasty flu virus evolves to evade being killed by last year’s flu shot.
Here are the highlights of the world of malware that caused data security breaches in the past year.
1. Consumer Threat Detections Are on the Decline While Business Detections Are on the Rise
Malwarebytes’ “2023 State of Malware” report indicates that there is a continuing tendency for the latest malware to be targeted at organizations rather than consumers.
Thanks to the disbanding of ransomware group Conti, LockBit became the most active ransomware group in 2022.
While ransomware remains the most dangerous threat to businesses, cybercriminals continue to evolve their threats. During 2022, leaking data began replacing data encryption as the primary form of extortion. This is likely due to improved endpoint security and effective backup strategies.
2. The Number of Websites Serving Up Malware Remained Fairly Constant During 2022
The number of infected websites serving up destructive malware programs continued to fall during 2019, with numbers remaining fairly constant through 2022 reports Google. The infected sites contain code that installs malicious code on a visitor’s computer.
3. Phishing Sites Have Become a Popular Attack Method
While the number of websites serving up malware remained fairly constant last year, phishing sites continued to be on the rise.
Phishing malware sites are usually designed to resemble commonly visited websites, such as PayPal, bank websites, online shopping sites, and social sites. They are intended to trick users into giving up information, such as logins and passwords, bank account or credit card information, or other valuable security information.
Phishing attacks related to websites are many times initiated by hackers’ use of emails and online ads, which include links to the phishing sites, where the actual phishing takes place.
Anytime you see a message from a website asking for personal information, be extremely wary. Never supply any information before confirming that the website is legitimate.
4. The Latest Malware Variants Continue to Grow
Sonicwall reports that its Capture Advanced Threat Protection (ATP) cloud sandbox service discovered 465,501 never-before-seen malware variants in 2022 (1,275 per day), identifying 153,000+ never-before-seen malicious software variants.
Cybercrimials formerly took a scattershot approach to attacking victims, but have now begun targeting weaker victims that are more prone to fall for their tactics. Ransomware attacks fell 21% internationally, but 2022 still recorded the second-highest year on record for international ransomware attacks (493.3 million).
5. State and Local Governments Are Attractive Targets
In 2022, a number of state and local governments were paralyzed by cyber attacks.
In early April 2022, ransomware group Conti attacked the Costa Rican government’s computers, asking for a ransom of $10 million which later increased to $20 million. In May, HIVE attacked the country’s healthcare system, taking the country’s healthcare systems offline.
Ransomware demands also continued to grow in 2021. Palo Alto Networks says the average ransom demand in cases worked by its Unit 42 security consultants jumped 144% in 2021 to $2.2 million. Meanwhile, the average payment rose 78% to $541,010.
6. Internet of Things (IoT) Devices Are Increasingly Popular Malware Targets
On an increasing basis, bad actors are targeting Internet of Things (IoT) devices like smart TVs, internet security cameras, doorbells, smart refrigerators, and other connected devices. (Yes, air fryers too.)
SonicWall threat researchers saw an 87% increase in IoT malware in 2022, while the total volume of malware attacks only inched up by 2%.
IoT security issues will likely continue to be on the rise, at least in the short term, due to IoT increasing integration with the cloud, which opens up new ways for bad actors to steal and process personal, networked data.
Money-making IoT attacks will also continue to increase, which could even lead to such situations where owners of remote startable vehicles or internet-connected electric vehicles will be required to pay a ransom to be allowed to start and drive their cars.
7. Mac Malware Programs Continued to Become More Common in 2022
As reported by Securityweek, 13 new Mac malware families were discovered during 2022, many of which came from sources in China.
Malwarebytes says the most commonly detected malware on the Mac during 2022 was adware, with an adware called OSX.Genio accounting for 10% of all Mac adware detections.
8. Fileless Malware Increasingly Targeted Microsoft Office and PDF Documents
Sonicwall reports that bad guys used new obfuscation and bypass techniques to deliver new, more sophisticated malware infections using the popular Office document and PDF document file formats. Office documents (20.3%) and PDF documents (17.4%) represent 38% of new digital threats detected by Capture ATP.
9. Formjacking Is on the Rise
Formjacking is the virtual equivalent of debit card skimming at ATMs and gas pumps. Hackers insert a small bit of malicious code on websites that allow them to steal a customer’s credit or debit card information.
Symantec estimates that cybercriminals compromised thousands of unique websites on average every month during 2022.
Formjacking targeted numerous big companies, including British Airways, TicketMaster UK, Target, Home Depot, Newegg, and many others.
10. Android Malware Continues to Be a Problem
Mobile malware attacks are on the rise. Malwarebytes found that Chinese-made budget Android devices continued to be bearers of pre-installed malware programs during 2020. Adups is a malicious app found on Chinese-made devices, which is used to update the devices’ firmware, but also steals the user’s personal information.
However, U.S.-funded Android phones have also been hit with pre-installed mobile malware. Assurance Wireless by Virgin Mobile offers the UMX U683CL phone. The phone comes with a “Wireless Update” app installed, which is intended to update the device. However, it also installs malicious apps without the user’s consent or knowledge.
Luckily, there are easy ways to tell if your Android device is infected with malware. If you notice an unexplained increase in data usage, a decrease in battery life, an increase in dropped calls, or poor device performance (which can admittedly be harder to detect on cheap low-spec Android handsets), your device may be infected with malware.
What to Expect in 2024
Based on what we’ve seen in the past, here’s what I believe we’ll see in the coming year:
- Malware-infected sites will continue to shrink in number.
- Cybercriminals will continue to target state and local governments with ransomware demands.
- Ransomware demand amounts will continue to increase.
- Malware threats to IoT devices will continue to grow, thanks to the unprotected nature of the devices and their ever-growing numbers.
- Formjacking will continue to pose a problem unless IT cybersecurity professionals begin paying more attention to the problem.
While I’m not sure what shape they’ll take, I’m certain malware types and digital threats will continue to grow in the future. State-sponsored cyber attacks by such players as Russia, China, and North Korea are a definite possibility.
Malware FAQs
If I Use Social Media, Am I Vulnerable to Malware Attacks or Infections?
There have been numerous reported attacks on social media networks, like Facebook.
One such attack lured Facebook users in by promising “racy” content to users who clicked a link. A video would play but stop halfway through, prompting viewers to install the Flash Player to continue viewing. The Flash Player was actually malware that infected the user’s computer.
Social media attacks are much harder to defend against than other types of malware attacks, as they are often disguised quite well. This means users must be especially vigilant against such attacks, never following links from unknown parties.
Which Platform Is More Vulnerable to Malware and Other Nasties?
Microsoft Windows is, by most measurements, the most vulnerable platform to malware, viruses and other nasties. One main reason for this is that Windows is the most popular and most widely used operating system in the world. This makes it the prime target for malware and virus authors.
However, it should be noted that the first versions of Windows weren’t exactly hardened against malware and virus attacks, or other security threats.
Later on, Microsoft became much more concerned about the security of the platform, but by then, the damage had been done, and numerous security holes and malware and virus attack vectors had been discovered.
How Prevalent Is iOS Malware on iPhones?
Luckily for iPhone users, there is little to worry about in the walled garden that is the iOS operating system. All apps to be installed on an iPhone (or an iPad) can only be installed from the Apple App Store, where all apps are examined and vetted before becoming available to iPhone users.
Meanwhile, Android phone and tablet users face more of a wild west as far as apps and security go. While apps are examined and vetted by Google before making them available in the Google Play Store, they can also be easily “side-loaded” to a device (meaning they can be installed from sources outside of the Google Play Store).
Also, there are more versions of the Android operating system in the wild than there are of iOS. Many Android devices are still running versions of Android that are several years old, while most iOS devices in use today are running a recent version of iOS. This means that any security holes that have been found in iOS have been fixed on most devices.
What Industries Have Been Hit The Hardest by Ransomware Attacks?
Healthcare, education, finance and insurance, and government sites continue to be hit hard by ransomware attacks.
Ransomware attacks were responsible for close to 50% of all healthcare data breaches during 2020. Attacks on healthcare were more expensive than for any other industry, at a cost of $408 per compromised record. The healthcare industry was hit with a 51% increase in the volume of records exposed during the 2019-2021 time period.
Ransomware attacks against universities increased by 100% during the 2019-2020 time period. Ransomware attacks against the higher education industry costs an average of $447,000 per attack.
90% of financial institutions have been the target of ransomware attacks. Banks were hit with a 520% increase in phishing and ransomware attempts from March 2020 to June 2020.
In the three years leading up to 2021, U.S. government organizations were hit with 246 ransomware attacks, at an estimated cost of $52.88 billion. In 2019, attacks against municipalities were up a hefty 60% from the year before.
Contents [hide]
- 1. Consumer Threat Detections Are on the Decline While Business Detections Are on the Rise
- 2. The Number of Websites Serving Up Malware Remained Fairly Constant During 2022
- 3. Phishing Sites Have Become a Popular Attack Method
- 4. The Latest Malware Variants Continue to Grow
- 5. State and Local Governments Are Attractive Targets
- 6. Internet of Things (IoT) Devices Are Increasingly Popular Malware Targets
- 7. Mac Malware Programs Continued to Become More Common in 2022
- 8. Fileless Malware Increasingly Targeted Microsoft Office and PDF Documents
- 9. Formjacking Is on the Rise
- 10. Android Malware Continues to Be a Problem
- What to Expect in 2024
- Malware FAQs
- If I Use Social Media, Am I Vulnerable to Malware Attacks or Infections?
- Which Platform Is More Vulnerable to Malware and Other Nasties?
- How Prevalent Is iOS Malware on iPhones?
- What Industries Have Been Hit The Hardest by Ransomware Attacks?
