The statistics are sobering. In 2015, 430 million unique pieces of malware were introduced, according to Symantec, which is the maker of the Norton line of computer-protection software. That’s up from 2.4 million pieces in 2009.
“Cybercrime has become a part of our daily lives,” says Symantec’s Jordan Blake.
Identity theft and hackings are up, too. Intel Security’s Gary Davis tallied the numbers: 4.2 billion records have been compromised since 2013. “And there’s no sign of it slowing down,” he tells Consumers Digest.
To keep up with the rapid-fire pace of new malware threats, developers of computer-protection software for consumers turned to techniques that commonly are used for corporate computer protection.
More than one expert whom we interviewed likened the battle between the computer-protection-software developers and malware writers as a cat-and-mouse game.
Lawrence Pingree of market-research company Gartner says, “It’s always going to be a race between the attacker and the defender, in this case the software makers. It’s the art of war.”
The spoils in this war? Your data—be it your personal identity or your actual files.
DATA HOSTAGE-TAKING. Consumers continue to be at risk by visiting malicious websites, unsafely saving passwords in their web browser and oversharing personal information online. However, new threats lurk. For example, tech-support scams are up.
Sean Sullivan, who is a security adviser for cybersecurity expert F-Secure, believes that this shift is why email-attachment malware—where malware launches automatically after you download a file that looks passably familiar—is back in vogue.
“Many malware authors are releasing tricky documents recently with invoices, purchase orders,” says Andreas Marx, who is the CEO of Av-Test, which is an independent testing laboratory that analyzes malware. “I hope nobody will open [an attachment like] invoice123.exe anymore.”
The scammers now use Excel, JPEG, PDF, PowerPoint and Word files to deliver malware, he adds.
The big new threat: ransomware. It’s a specific type of malware that takes your computer and your data hostage. According to computer-protection-software developer Bitdefender, by March 2016, half of all of the malware analyses that the company conducted were of ransomware. That’s up from under 10 percent just 6 months earlier.
Ransomware came to the scene in part because of how effective computer-protection-software developers became at blocking malware. Those who create malware realized that if they threaten to lock your computer, they can get you to pay a lot of money to unlock it, Blake tells Consumers Digest.
Previously, malware infections were localized, generally with the intent of gathering data about you either directly or indirectly by redirecting you to another site that tricks you into revealing that information. Ransomware, however, is a whole new beast.
Online-Backup Services: Store with Caution
“This is a shift from infecting your PC to hijacking your data,” Marx says.
If a piece of ransomware gets on your system, it will encrypt your files, so you don’t have access to them unless you pay to get a decryption key.
The latest trick is for malware writers to offer ransomware as a service to other attackers. The ransomware kit is distributed for free, and the malware writers take a 20 percent cut of the ransom.
Most computer-protection-software developers tout anti-ransomware protections, but the process of blocking ransomware varies among vendors. Trend Micro is the only company that we found that implements a technique that’s borrowed from the corporate-focused battle on malware—permissions protection.
“We saw that ransomware tended to go after the My Documents folder,” says Brook Stein of Trend Micro. “So, if we can protect My Documents on a permissions level, we can block [the attack].”
Symantec says it can block delivery of ransomware through a variety of paths: anti-spam, intrusion prevention, proactive exploit prevention, internet IP reputation and file reputation.
That said, evaluation of anti-ransomware protection by experts hasn’t revealed that one approach is more effective than another, because ransomware attacks can be delivered as a variety of different types of malware.