Threat seen from malware hiding within users’ devices
In 2020, 34 per cent of Kaspersky private users and 24 per cent of all corporate users in Oman were attacked by malware hiding within their devices.
Web attacks, in comparison, affected only 10 per cent and 4 per cent, respectively, Kaspersky experts said.
“There is a common misconception that the most dangerous threats on the modern users’ digital journeys are encountered during Internet surfing. The reality however, based on the most recent analysis of cyberattacks in Oman in 2020 is that users are in fact more likely to face attacks from malware hidden within their devices,” the report said.
Unfortunately, there has been an increase in the sophistication of such threats – which may be hiding on the user’s device within a seemingly legitimate file for a while, to fly under the radar, and only strike later.
Cyber threat
“The cyber threat landscape across Oman is constantly evolving,” says Denis Parinov, a cybersecurity expert at Kaspersky.
“A few years ago there were many more drive-by attacks – when different malicious software is downloaded and run while the user simply browses the Internet. Nowadays, most of the webthreats ‘stays in browser’: they specialise in content replacement, browser locking or clickjacking, online-skimming, cookie stuffing, etc,” he added.
“Now the situation when the user could download a malicious file directly is not too frequent. It’s more common for a malware to be disguised as something else to hide from the security solutions, remaining an unseen threat to users,” he said. “The good news however is that modern security solutions are too advanced for such malware to fly below radar – it is more likely to be blocked either during the initial scan of the file by a security solution that happens by default, or within the very moment such programs attempt to launch,” he added.
To protect against cyber threats including malware, Kaspersky recommends adhering to guidelines like, do not follow dubious links from letters, messages in instant messengers or SMS, regularly install updates for the operating system and applications.
It further says that users should install applications only from official stores, use complex and different passwords for accounts, regularly copy important data from your device to the cloud, to a USB flash drive or hard drive.
Also access should not be given to those functions that do not need and install a reliable security solution such as Kaspersky Internet Security.
In addition, companies are encouraged to provide training to improve cyber literacy among their employees. For example, the automated platform Kaspersky ASAP helps to develop safe behaviour skills and form sustainable cybersecurity habits.
The solution allows the company to assess the current knowledge of an employee in the field of cybersecurity, and in accordance with this, determine the set of skills that the employee needs, depending on job duties and risk profile, and build a timetable for the programme.