Malware hiding in devices cause 34% of cyberattacks
Muscat - There is a common misconception that the most dangerous threats in the modern users’ digital journeys are encountered during Internet surfing. The reality, however, based on the most recent analysis of cyberattacks in Oman in 2020 by Kaspersky experts, is that users are in fact more likely to face attacks from malware hidden within their devices.
Such threats are classified as ‘local’, which means they are detected on users’ devices or on portable data storage devices, such as flash drives. In 2020, 34 per cent of Kaspersky private users and 24 per cent of all corporate users in Oman were attacked by such threats. To compare, web attacks affected only ten per cent and four per cent, respectively.
Unfortunately, there has been an increase in the sophistication of such threats – which may be hiding on the user’s device within a seemingly legitimate file for a while, to fly under the radar, and only strike later.
“The cyberthreat landscape across Oman is constantly evolving,” said Denis Parinov, a cybersecurity expert at Kaspersky.
A few years ago, there were many more drive-by attacks – when different malicious software is downloaded and run while the user simply browses the Internet. Nowadays, most web-threats stay in the browser, specialising in content replacement, browser locking or clickjacking, online-skimming, cookie stuffing, etc.
“Now the situation when the user could download a malicious file directly is not too frequent. It’s more common for a malware to be disguised as something else to hide from the security solutions, remaining an unseen threat to users,” Parinov said.
“The good news, however, is that modern security solutions are too advanced for such malware to fly below radar – it is more likely to be blocked either during the initial scan of the file by a security solution that happens by default, or at the very moment such programmes attempt to launch.”
To protect against cyberthreats, including malware, Parinov has a few guidelines, including not following dubious links from letters, messages in instant messengers or SMS; regularly installing updates for the operating system and applications; installing applications only from official stores; and using complex and different passwords for accounts.
Additionally, Parinov suggests regularly copying important data from one’s device to the cloud, to a USB flash drive or hard drive, and not giving applications access to those functions that they do not need.