To the surprise of some people who only read the mainstream media, the market for cyber-crimes is under constant change, but the mainstream media tend to concentrate on the same spectacular crimes, while very common and more “boring” crimes are not given the same amount of attention. That’s why it is important, as an information technology user, to always keep yourself update to date, look at the facts, and look at different sources for information.
Microsoft publishes their “Microsoft Security Intelligence Report” annually. It is kind of a status report over present trends when it comes to global cyber crimes and threats. The report is based on an impressive amount of material, as it is an analysis of all the security reports they have received from the users of Windows, Office, and their Azure platform.
Let’s take a look at how the threats have evolved over the last year.
This method received a lot of publicity at one point because several companies lost a lot of money and credibility due to these types of attacks. The way that the method works is that the hacker uses a security flaw to gain access to your computer, and then the hacker encrypts all the data on the computer with a password, that only the hacker knows. When the user tries to use the computer, all that the user gets is a screen informing him/her that the computer has been encrypted and that the user will have to pay a “fee” to get the password.
According to the available data, this type of crime peaked when 2017 became 2018, when 0,11% suffered from this attack. Since then, the number of reported incidents has been on the decline, even though some areas still suffer from them. The reason for the decline is that both Microsoft and other suppliers are working hard to prevent them.
Increased Number of Fake Web Sites
The number of fake websites and phishing attempts have been on the rise lately. Phishing is where the cyber-criminals send false e-mails that look like official e-mails from government agencies, major banks, airlines and so on. Typically a message that sounds both important and urgent, to make you hurry to click on a link to a fake web site that looks completely similar to the real organization in order to make you enter your username, password, or other information. The goal is to steal information from you that can give the cyber-criminal a financial gain.
Unfortunately, both the e-mails they send and the false web sites they lead to are done very professionally. In the past, you could notice that the language in the mail and on the web sites was clumsy but today you will notice they are nearly perfect.
Last year 0,4 percent of all emails sent globally were attempts of phishing and in January 2019 the number had raised to 0,6 percent, so this is a growing problem.
You can use modern technology in an attempt to catch many of these e-mails, but in the end it is most important that every user is alert, which means that it is important that companies continue to train their employees in being careful, just like individuals should always keep themselves up to date about the present threats.
Make Sure Your Software Is Up To Date
To reduce the risk, it is important to have the latest software installed on one’s computer, so the software protects against the latest techniques used by modern cyber criminals. Remember that it is a kind of technological arms race between the hackers and the suppliers of IT-solutions, so what would be protective yesterday probably won’t be today.
Phishing is a good example, as it is one of the most widely used techniques, making it important that the filters you use are up to date and able to catch phishing attempts.
This is a serious issue as the IT-department in one particularly large company had to spend 40% of their resources to clean up after employees that had been fooled by phishing e-mails.
Malicious Programs on Decline
Back in 2017, 4% of users were infected by malicious programs. In 2018, 2.16% of users were infected by malware. In January of 2019, this was down to one percent.
Malware covers a lot of different types of software, in which some of them are directly malicious while others “just” greatly reduce your security and privacy, and makes it easy for more aggressive hackers to get control over your computer.
The decline is probably due to the fact that most antivirus programs and firewalls have become much better at protecting against malware. Therefore, it is important that you always have the latest version of these programs installed on your computer.
Fewer Computers Are Used for Cryptomining
Something cyber-criminals have loved to use for earning extra money is to install a hidden cryptomining program on their victim’s computer, so the computers get slower as they are busy solving the math problems that are used to produce a new crypto coin. A crypto coin is something that the cyber-criminals can sell for a profit.
The average of all computers for the entire year of 2018 was 0.03 percent, with a peak of 0.06 percent in April 2018. At the present, 0.01 percent of all computers are infected by these programs
Still Important To Be Alert
So even though life has gotten more difficult for cyber-criminals, it is still wise to be careful. One of the reasons that the more traditional attacks are on a decline is that more users are better protected, but it also means that the cyber-criminals are experimenting with new techniques.
You can read the latest edition of the Microsoft Security Intelligence Report here