The instances of malware attacks showed a huge spike in 2019, with reports suggesting a 200 percent rise in the number of these destructive attacks globally. Every one in five computers across the world is believed to have faced at least one malware attack in the previous year, raising concerns over data security. Studies have shown that smartphones, especially those with Android operating software, have become the primary target for cyber attackers.
Researchers at Check Point Research closely monitored the pattern of malware attacks in the first half of 2019 and found that there was a 50 percent rise in instances of malicious attacks on smartphones compared to 2018.
The year 2019 can aptly be called the year of ransomware as the malware continued to spread its wings. The US witnessed probably the most number of ransomware attacks in the world. Almost a thousand government agencies, educational organizations, and healthcare systems were affected at a potential cost of USD 7.5 billion, according to the 2019 December Emsisoft report. Attackers used sophisticated malware like Ryuk, a crypto-ransomware that relies on encryption to cut off access to a device until the amount is paid, to target several establishments.
Botnets continued to grow in 2019, especially with the reemergence of the dreaded Emotet. After going off the radar for almost four months, Emotet, considered the most potent malware botnet, came back to life in September. Even while Emotet pulled down its shutters for a while, the other botnets like TrickBot continued to wreak havoc.
One of the biggest malware attacks of 2019 was the cryptojacking campaign involving malware Nansh0u that infected over 50,000 servers belonging to companies in the IT, healthcare, and the media sectors. The cryptomining attacks affected users mainly in China, the US, and India, but researchers believe that the attackers were able to penetrate 90 countries. Another sophisticated cryptominer Norman came to the front last year and made the most of its ability to go undetected.
The massive boom in the smartphone market has grabbed the attention of attackers, and phones are increasingly becoming the main targets of malicious attacks. Advanced forms of malware have been developed and most remain undetected despite infecting the devices. Anubis banking Trojan, for instance, activates only when the device is in motion, making it difficult to be analyzed when in a static state. However, Triada still is the most common and advanced Android malware, claiming responsibility for over 30 percent of malware attacks on phones globally.
iOS too was not immune to malware attacks, as Google’s Project Zero found out 14 iPhone vulnerabilities last year. The leak could be used by hackers to gain access to private data, like photos, real-time GPS location, and messages.
It will not be unfair to not mention business email compromise (BEC) attacks while talking about malware attacks. According to a 2018 Federal Bureau of Investigation report, attackers milked over USD 1.2 billion using BEC scams, an increase from $1.4 billion in losses observed in 2017. Attackers even faked Swedish environmental activist Greta Thunberg’s emails to lure unsuspecting users. Researchers sent emails with Microsoft Word document attachments named “Support Thunberg.org,” and the moment a user opened it, Emotet was installed automatically.
Experts believe that users must take the utmost care to avoid the entry of any malware on their devices. If you have not taken any safety measures as yet, it is probably better to be late than sorry.