One billion malware files held in Kaspersky Lab’s cloud database
Kaspersky Lab’s cloud malware database now carries a billion malicious objects, including viruses, Trojans, backdoors, ransomware, and advertisement applications and their components. A fifth were discovered and identified as malicious by Astraea - a machine-learning based malware analysis system working inside Kaspersky Lab’s infrastructure.
The number of cyberthreats appearing every day is now so big that it is impossible to process each one of them manually. That’s why automating the malware discovery and analysis process, in combination with human expertise, is the best approach when it comes to fighting modern cyberthreats.
The percentage of malware discovered and added automatically to the Kaspersky Lab cloud database by Astraea has been growing steadily over the last five years: from 7.53 percent in 2012, to 40.5 percent in December 2016. The proportion is growing in line with the number of new malicious files discovered daily by Kaspersky Lab experts and detection systems. This has increased from 70,000 files per day in 2011 to 323,0001 per day in 2016.
“One billion unique malicious files is a remarkable milestone. It shows the scale of the cybercriminal underground, which has developed from several small forums offering customized malicious tools, to the mass production of malware and tailored cybercriminal services. It also highlights the quality and evolution of our automated malware analysis technologies. Out of these billion files, more than 200 million have been added by the Astraea machinelearning system. Our advanced systems now not only detect the vast majority of known malware we get on a daily basis, but also discover the unknown threats. Although the remaining 800 million files have been added by other internal detection systems, or by experts, the contribution to the Kaspersky Lab cloud database by machine-learning systems is substantial and will continue to grow,” says Vyacheslav Zakorzhevsky, Head of Anti-Malware Team at Kaspersky Lab.
Astraea is one of the machine-learning malware analysis systems that form part of the Kaspersky Lab protection infrastructure. Astraea automatically analyzes notifications from protected computers and helps uncover previously unknown threats. By using the threats’ metadata (like age, origin, filename, file path and more) the system is able to fully detect threats without information about the file contents.
Kaspersky Lab’s ‘Number of the year’ forms part of the Kaspersky Security Bulletin for 2016. Other sections include the Threat Predictions 2017 published on 16 November and available here, the topic of the year: Ransomware, and the main report’s Executive Summary, Review and Statistics, all available in December.
Kaspersky Lab is one of the world’s fastest-growing cybersecurity companies and the largest that is privately owned. The company is ranked among the world’s top four vendors of security solutions for endpoint users (IDC, 2014). Since 1997 Kaspersky Lab has been an innovator in cybersecurity and provides effective digital security solutions and threat intelligence for large enterprises, SMBs and consumers. Kaspersky Lab is an international company, operating in almost 200 countries and territories across the globe, providing protection for over 400 million users worldwide.
PALO ALTO: In this Wednesday, Dec 2, 2015, photo, Robinhood co-founders Vlad Tenev (left) and Baiju Bhatt pose at company headquarters in Palo Alto, Calif. Robinhood is a stock brokerage that does not charge any commissions for its more than 1 million customers to buy and sell shares. —AP