The prevalence of computer malware has grown exponentially over the last 15 years. We first detected malware in 1994 and since then the number we detect has exploded. In 2006, there was one new virus every minute. In 2011, there was one new virus every second. In 2016, we estimate around 310,000 new samples every day.
This proliferation and the increasing sophistication of malware means that we have to shift the way we mitigate against them. The vast majority of malware comes with several functions that update, augment and repurpose their code, making them difficult to detect. As such, over the years we have moved from reactive to proactive ways of detection, meaning that rather than looking for code signatures, we are looking for behavior markers.
We are so dependent on computers and connectivity that we offer a much bigger attack surface than ever before. Laptops, desktops, mobile devices are everywhere, so much so that we don’t see them psychologically as computing devices. They are extensions of ourselves. Furthermore, reports suggest that there will be 30 billion IoT devices by 2021. The path to our digital future has already begun. Smart meters to children’s toys are digital. Barbie dolls now have microphones and some are even Wi-Fi enabled. This means that when a child talks to it, that voice recording is sent to the cloud where it is analysed and the response is sent back. This sounds like fun but how secure is that device? Credentials from that Barbie could be taken and a hacker could quite easily get onto a Wi-Fi network.
This doesn’t even include the human element of cybersecurity. Typically, attacks start by hacking the human; by tricking people into disclosing information that can be used to break into a company’s resources. We’re seeing increasing amounts of companies falling victim to phishing attacks and accidental ransomware downloads by clicking on malicious hyperlinks.
In my webinar, I will outline the types of attack we see, the methods used to spread malware, who’s behind them and what they want. The webinar will also look at how these threats are likely to evolve in the future.
To sign up for the What, How, Who and Why of Computer Malware Webinar, click here.
David Emm is principal security researcher at Kaspersky Lab.