Malware Protection Guide: Best Practices in 2019
Malware is more potent than ever in 2019, as new strains and attack methods are being discovered every day. Protecting yourself from malware is not only about having good antivirus software, but knowing the techniques cybercriminals use to infect victims.
In this article we will review some important malware statistics relevant to 2019, and explain prevention methods based on some of the latest exploits and attack methods.
2019’s Biggest Threats: Ransomware and Cryptojacking
The two most popular malware types throughout 2018 and early 2019 are ransomware and cryptojackers. Ransomware encrypts your device’s files and demands payment to decrypt them, it’s a devastating direct attack, usually on businesses who can either pay the ransom, or spend huge amounts of money trying to recover from data loss.
Here are some statistics:
- Ransomware detections have been more dominant in countries with higher numbers of internet-connected populations. The United States ranks highest with 18.2 percent of all ransomware attacks. (Symantec)
- Microsoft Office formats such as Word, PowerPoint and Excel make up the most prevalent group of malicious file extensions at 38 percent of the total.
- Cryptojacking overtook ransomware in the first half of 2018, when the value of Bitcoin sharply rose. Cyber criminals seemingly abandoned all other attack methods in favor of cryptojacking.
- Among all the threats detected in Q1 2019, the lion’s share went to potentially unsolicited RiskTool apps with 29.80%, a fall of 19 p.p. against the previous quarter. The most frequently encountered objects came from the RiskTool.AndroidOS.Dnotua (28% of all detected threats of this class), RiskTool.AndroidOS.Agent (27%), and RiskTool.AndroidOS.SMSreg (16%) families.
- In second place were threats in the Trojan-Dropper class (24.93%), whose share increased by 13 p.p. The vast majority of files detected belonged to the Trojan-Dropper.AndroidOS.Wapnor families (93% of all detected threats of this class). Next came the Trojan-Dropper.AndroidOS.Agent (3%) and Trojan-Dropper.AndroidOS.Hqwar (2%) families, and others.
Preventing common malware infections in 2019
Monitor your device’s CPU usage – if you notice abnormally large spikes of CPU usage, such as the CPU running at 100% while simply browsing a website, it’s a tell-tale sign of some unwanted background activity hijacking your device’s resources.
As for ransomware, there are four common attack methods:
- Phishing emails: Emails designed to appear from an official source (banks, tax agencies, etc) will contain infected files, typically .ZIP, .PDF, and Word documents. The user will be instructed to enable macros upon opening the Word document, which then triggers a script that infects the user’s computer.
- Remote Desktop Protocol: Hackers can use a website like Shodan.IO to search for internet-connected machines with certain ports opened that are vulnerable to exploitation. The hacker will use remote-access tools to try and brute-force their way into the machine, and once they have access, proceed with the encryption attack.
- Malicious downloads: Websites can contain malicious scripts that search the visitor’s device for vulnerabilities, and inject malware if vulnerabilities are found.
- USB and Removable Media: Malware can easily spread from a computer to any USB storage or other removable media plugged into that computer. When the storage device is plugged into a different computer, the malware spreads again.
Avoiding these common ransomware attacks generally revolves around having strong antivirus, safe browsing habits, scanning anything you download before opening it, keeping your browser up to date, applying the latest security patches for your device, and treating emails with attachments, whether or not you recognize the email address, with suspicion.
And never, ever follow any instructions in Word documents.
Image credit: Malware Protection via Morrowind/Shutterstock